Page 41 of 289 results (0.023 seconds)

CVSS: 10.0EPSS: 29%CPEs: 4EXPL: 0

CVE-2002-1235

https://notcve.org/view.php?id=CVE-2002-1235

The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. La función kadm_ser en el demonio de administración de compatibildad de Kerberos v4 (kadmind4) en el MIT Kerberos 5 (krb5) krb5-1.2.6 y anteriores kadmind en KTH Kerberos 4 (eBones) anteriores a 1.2.1, y kadmind en KTH Kerberos 5 (Heimdal) anteriores a 0.5.1 compilados con soporte de Kerberos 4, no verifica adecuadamente la longitud de un campo de petición, lo que permite a atacantes remotos ejecutar código arbitrario mediante un ataque de desbordamiento de búfer. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-026.txt.asc http://archives.neohapsis.com/archives/bugtraq/2002-10/0399.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000534 http://marc.info/?l=bugtraq&m=103539530729206&w=2 http://marc.info/?l=bugtraq&m=103564944215101&w=2 http://marc.info/?l=bugtraq&m=103582517126392&w=2 http://marc.info/? •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2002-0839

https://notcve.org/view.php?id=CVE-2002-0839

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. La tabla de puntuaciones (scoreboard) en memoria compartida del demonio HTTP en Apache 1.3.x anteriores a 1.3.27 permite a cualquier usuario corriendo con la UID de Apache enviar un señas SIGUSR1 a cualquier proceso como root, resultando en un a denegación de servicio (muerte de proceso) o posiblemente otros comportamientos no no serian permitidos normalmente, mediane la modificación de los segmentos parent[].pid y parent[].last_rtime en los segmentos de la tabla de puntuaciones. • ftp://patches.sgi.com/support/free/security/advisories/20021105-01-I http://archives.neohapsis.com/archives/bugtraq/2002-10/0195.html http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0012.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530 http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2 http://marc.info/?l=bugtraq&m=103376585508776&w=2 http://marc.info/?l=bugtraq&m= •

CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 1

CVE-2002-0875 – SGI IRIX 6.5.x - FAM Arbitrary Root Owned Directory File Listing

https://notcve.org/view.php?id=CVE-2002-0875

Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. Vulnerabilidad en FAM 2.6.8, 2.6.6 y otras versiones permite a usuarios sin privilegios obtener los nombres de ficheros cuyo acceso está restringido al grupo de root • https://www.exploit-db.com/exploits/21720 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc ftp://patches.sgi.com/support/free/security/advisories/20000301-03-I http://www.debian.org/security/2002/dsa-154 http://www.iss.net/security_center/static/9880.php http://www.redhat.com/support/errata/RHSA-2005-005.html http://www.securityfocus.com/bid/5487 https://access.redhat.com/security/cve/CVE-2002-0875 https://bugzilla.redhat.com/show_bug.cgi •

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2002-0912

https://notcve.org/view.php?id=CVE-2002-0912

in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow. El servidor UUCP (Unix to Unix CoPy) in.uucpd en Debian GNU/Linux 2.2 y posiblemente otros sistemas operativos, no termina adecuadamente cadenas largas, lo que permite a atacantes remotos causar una denegación de servicio, posiblemente debido a un desbordamiento de búfer. • http://www.debian.org/security/2002/dsa-129 http://www.iss.net/security_center/static/9230.php http://www.securityfocus.com/bid/4910 •

CVSS: 7.5EPSS: 75%CPEs: 3EXPL: 3

CVE-2002-0392 – Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption

https://notcve.org/view.php?id=CVE-2002-0392

Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. • https://www.exploit-db.com/exploits/21560 https://www.exploit-db.com/exploits/21559 https://www.exploit-db.com/exploits/16782 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32 ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31 ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I http://archives. •