CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-1590
https://notcve.org/view.php?id=CVE-2002-1590
29 Oct 2002 — The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-48320-1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2002-1199
https://notcve.org/view.php?id=CVE-2002-1199
28 Oct 2002 — The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. El procedimiento getdbm en ypxfrd permite a usuarios locales leer ficheros arbitrarios, y a atacantes remotos leer bases de datos fuera de /var/yp, mediante ataques de atravesamiento de directorios y de enlaces simbólicos en los argumentos de dominio y mapa. • ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2002-1589
https://notcve.org/view.php?id=CVE-2002-1589
24 Oct 2002 — Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). • http://sunsolve.sun.com/search/document.do?assetkey=1-26-48067-1 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2002-1228
https://notcve.org/view.php?id=CVE-2002-1228
21 Oct 2002 — Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. • http://marc.info/?l=bugtraq&m=103487058823193&w=2 •
CVSS: 10.0EPSS: 1%CPEs: 22EXPL: 0CVE-2002-0679
https://notcve.org/view.php?id=CVE-2002-0679
05 Sep 2002 — Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. Desbordamiento de búfer en el servidor de bases de datos RPC ToolTalk (rpc.ttdbserverd) de Common Desktop Environment (CDE) permite a atacantes remotos ejecutar código arbitrario mediante un argumento al procedimiento T_TT_CREATE_FILE. • http://marc.info/?l=bugtraq&m=102917002523536&w=2 •
CVSS: 10.0EPSS: 90%CPEs: 10EXPL: 4CVE-2002-0391
https://notcve.org/view.php?id=CVE-2002-0391
12 Aug 2002 — Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2002-0796
https://notcve.org/view.php?id=CVE-2002-0796
26 Jul 2002 — Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges. • http://marc.info/?l=bugtraq&m=102321107714554&w=2 •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2002-0797
https://notcve.org/view.php?id=CVE-2002-0797
26 Jul 2002 — Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. • http://marc.info/?l=bugtraq&m=102321107714554&w=2 •
CVSS: 7.2EPSS: 1%CPEs: 47EXPL: 0CVE-2002-0678
https://notcve.org/view.php?id=CVE-2002-0678
23 Jul 2002 — CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. El servidor de bases de datos CDE ToolTalk (ttdbserver) permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque en enlaces simbólicos (symlink attack) en el fichero de registro (log) de transacciones usado por el procedimiento RPC _TT_TRANSACTION • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt •
CVSS: 9.8EPSS: 0%CPEs: 46EXPL: 0CVE-2002-0677
https://notcve.org/view.php?id=CVE-2002-0677
12 Jul 2002 — CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al... • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt •