CVSS: 5.0EPSS: 6%CPEs: 21EXPL: 0CVE-2002-1221
https://notcve.org/view.php?id=CVE-2002-1221
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (caída) mediante elementos registro de recurso (RR) SIG con fecha de expiració inválida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000546 http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://marc.info/?l=bugtraq&m=103713117612842&w=2 http://marc.info/?l=bugtraq&m=103763574715133&w=2 http://online.securityfocus.com/advisories/4999 http://online.securityfocus.com/archive/1/300019 http://www.cert.org/advisories/CA-2002-31.html http://www.ciac.org/ •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2002-0766
https://notcve.org/view.php?id=CVE-2002-0766
OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. • http://online.securityfocus.com/archive/1/271702 http://www.iss.net/security_center/static/9048.php http://www.kb.cert.org/vuls/id/314963 http://www.openbsd.org/errata.html#fdalloc2 http://www.osvdb.org/5114 http://www.osvdb.org/5715 http://www.securityfocus.com/bid/4708 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2002-0414
https://notcve.org/view.php?id=CVE-2002-0414
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG http://www.iss.net/security_center/static/8416.php http://www.osvdb.org/5304 http://www.securityfocus.com/archive/1/259598 http://www.securityfocus.com/bid/4224 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2002-0765
https://notcve.org/view.php?id=CVE-2002-0765
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password. • http://archives.neohapsis.com/archives/bugtraq/2002-05/0235.html http://www.iss.net/security_center/static/9215.php http://www.openbsd.org/errata.html#sshbsdauth http://www.osvdb.org/5113 http://www.securityfocus.com/bid/4803 •
CVSS: 10.0EPSS: 82%CPEs: 10EXPL: 4CVE-2002-0391
https://notcve.org/view.php?id=CVE-2002-0391
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P http://archives.neohapsis.com/archives/aix/2002-q4/0002.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html http://archives.neohapsis.com/archives/hp/2002-q3/0077.html http://bvl • CWE-190: Integer Overflow or Wraparound •