CVSS: 10.0EPSS: 64%CPEs: 28EXPL: 4CVE-2002-1337 – Sendmail 8.11.x (Linux/i386) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2002-1337
07 Mar 2003 — Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. Desbordamiento de búfer en Sendmail 5.79 a la 8.12.7 que permite a atacantes remotos la ejecución arbitraria de código mediante ciertos campos de dirección formateados, relativos a comentarios de cabecera de emisor y receptor, procesados por la función crackaddr del fichero heade... • https://www.exploit-db.com/exploits/411 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 1%CPEs: 37EXPL: 5CVE-2003-0001 – Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
https://notcve.org/view.php?id=CVE-2003-0001
08 Jan 2003 — Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. Múltiples controladores de dispositivo (device drivers) de Tarjetas de Interfaz de Red (Network Interface Card - NIC) Ethernet no rellenan las tramas con bytes nulos, lo que permite a atacantes remotos obtener información de paquetes anteriores o memoria del kernel ... • https://packetstorm.news/files/id/121969 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 28EXPL: 0CVE-2002-0666
https://notcve.org/view.php?id=CVE-2002-0666
25 Oct 2002 — IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. Implementaciones de IPSEC, incluyendo FreeS/WAN y KAME no calculan adecuadamente la longitud de los datos de autenticación, lo que permite a atacantes remotos causar una denegación de servicio (kernel panic) me... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2002-1192 – Rogue 5.3 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1192
15 Oct 2002 — Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file. • https://www.exploit-db.com/exploits/21881 •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 0CVE-2002-1194
https://notcve.org/view.php?id=CVE-2002-1194
15 Oct 2002 — Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message. Desbordamiento de búfer en talkd en NetBSD 1.6 y anteriores, y posiblemente otros sistemas operativos, pueden permitir a atacantes remotos ejecutar código arbitrario mediante un mensaje largo entrante. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc •
CVSS: 9.1EPSS: 2%CPEs: 12EXPL: 3CVE-2002-1165 – Sendmail 8.12.x - SMRSH Double Pipe Access Validation
https://notcve.org/view.php?id=CVE-2002-1165
03 Oct 2002 — Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. Sendmail Consortium's Restricted Shell (SMRSH) en Sendmail 8.12.6, 8.11.6-15 y anteriores, permite a atacantes puentear las restricciones pretendidas de smrsh insertando caractéres adicionale... • https://www.exploit-db.com/exploits/21884 •