CVE-2002-0062
https://notcve.org/view.php?id=CVE-2002-0062
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." El desbordamiento del búfer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en él, permite a usuarios locales la obtención de privilegios. • http://www.debian.org/security/2002/dsa-113 http://www.iss.net/security_center/static/8222.php http://www.redhat.com/support/errata/RHSA-2002-020.html http://www.securityfocus.com/bid/2116 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2002-0004 – AT 3.1.8 - Formatted Time Heap Overflow
https://notcve.org/view.php?id=CVE-2002-0004
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. Corrupción de memoria en el comando "at" permite que usuarios locales ejecuten código arbitrario haciendo uso de un tiempo de ejecución mal escrito (lo que provoca que at libere la misma memoria dos veces). • https://www.exploit-db.com/exploits/21229 http://marc.info/?l=bugtraq&m=101128661602088&w=2 http://marc.info/?l=bugtraq&m=101147632721031&w=2 http://online.securityfocus.com/advisories/3833 http://online.securityfocus.com/advisories/3969 http://www.debian.org/security/2002/dsa-102 http://www.novell.com/linux/security/advisories/2002_003_at_txt.html http://www.redhat.com/support/errata/RHSA-2002-015.html http://www.securityfocus.com/bid/3886 https://exchange.xforce. •
CVE-2002-0044
https://notcve.org/view.php?id=CVE-2002-0044
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. Enscript 1.5.1 y anteriores permiten a usaurios locales sobreescribir ficheros arbitrarios del usuario Enscript mediante un ataque de enlaces simbólicos (symlink attack) en ficheros temporales. • http://www.debian.org/security/2002/dsa-105 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3 http://www.redhat.com/support/errata/RHSA-2002-012.html http://www.securityfocus.com/advisories/3818 http://www.securityfocus.com/bid/3920 https://exchange.xforce.ibmcloud.com/vulnerabilities/7932 •
CVE-2002-0045
https://notcve.org/view.php?id=CVE-2002-0045
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. sldap en OpenLDAP 2.0 a 2.0.19 permite a usuarios locales, y a usuarios anónimos en versiones anteriores a 2.0.8, llevar a cabo una acción "replace" en controles de acceso sin valores, lo que causa que OpenLDAP borre atributos no mandatorios que de otra forma estarían protegidos por listas de control de accesso (ACL). • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000459 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013 http://www.openldap.org/lists/openldap-announce/200201/msg00002.html http://www.osvdb.org/5395 http://www.redhat.com/support/errata/RHSA-2002-014.html http://www.securityfocus.com/bid/3945 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020 https://exchange.x •
CVE-2001-0872
https://notcve.org/view.php?id=CVE-2001-0872
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. OpenSSH 3.0.1 y anteriores con UseLogin activado no limpia variables de entorno críticas como LD_PRELOAD, lo que permite a usuario locales ganar privilegios de root. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000446 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092 http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.html http://marc.info/?l=bugtraq&m=100749779131514&w=2 http://marc.info/?l=openssh-unix-dev&m=100747128105913&w=2 http://www.ciac.org/ciac/bulletins/m-026.shtml http://www.debian.org/security/2001/dsa- •