CVE-2002-0843
https://notcve.org/view.php?id=CVE-2002-0843
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response. Desbordamientos de búfer en el programa de soporte ApacheBench (ab.c) en Apache anteriores a 1.3.27, y Apache 2.x anteriores a 2.0.43, permite a un servidor web malicioso causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante una respuesta larga. • ftp://patches.sgi.com/support/free/security/advisories/20021105-01-I http://archives.neohapsis.com/archives/bugtraq/2002-10/0229.html http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530 http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000530 http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2 http://marc.info/?l=bugtraq&m=103376585508776&w=2 http://online.securityfocus.com/advisories/ •
CVE-2002-0659 – OpenSSL - ASN.1 Parsing
https://notcve.org/view.php?id=CVE-2002-0659
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. La librería ASN1 de Open SSL 0.9.6d y anterior, y 0.9.7-beta2 y anterior, permite que atacantes remotos provoquen una denegación de servicio por medio de codificaciones inválidas. • https://www.exploit-db.com/exploits/23199 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000516 http://rhn.redhat.com/errata/RHSA-2002-160.html http://rhn.redhat.com/errata/RHSA-2002-161.html http://rhn.redhat.com/errata/RHSA-2002-164.html http& •
CVE-2002-0655
https://notcve.org/view.php?id=CVE-2002-0655
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. OpenSSL 0.9.6.d y anteriores, y 0.9.7-beta2 y anteriores, no manejan adecuadamente las representaciones ASCII de enteros en plataformas de 64 bits, lo que podría permitir a atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513 http://www.cert.org/advisories/CA-2002-23.html http://www.kb.cert.org/vuls/id/308891 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-046.php http://www.securityfocus.com/bid/5364 •
CVE-2002-0656 – Apache mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow
https://notcve.org/view.php?id=CVE-2002-0656
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. Desbordamiento de búfer en OpenSSL 0.9.6d y anteriores, y 0.9.7-beta2 y anteriores, permite a atacantes remotos ejecutar código arbitrario mediante una clave maestra de cliente larga en SSL2 o un ID de sesión largo en SSL3 • https://www.exploit-db.com/exploits/40347 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.1.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000513 http://www.cert.org/advisories/CA-2002-23.html http://www.iss.net/security_center/static/9714.php http://www.iss.net/security_center/static/9716.php •
CVE-2002-0569
https://notcve.org/view.php?id=CVE-2002-0569
Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet). • http://marc.info/?l=bugtraq&m=101301813117562&w=2 http://www.cert.org/advisories/CA-2002-08.html http://www.iss.net/security_center/static/8453.php http://www.kb.cert.org/vuls/id/977251 http://www.nextgenss.com/papers/hpoas.pdf http://www.securityfocus.com/bid/4298 •