CVE-2002-0002 – STunnel 3.x - Client Negotiation Protocol Format String
https://notcve.org/view.php?id=CVE-2002-0002
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. Vulnerabilidad en el formateado de cadenas en stunnel anterior a la 3.22 cuando se usa en modo cliente para smtp, pop o nntp permite que servidores remotos maliciosos ejecuten código arbitrario. • https://www.exploit-db.com/exploits/21192 http://marc.info/?l=stunnel-users&m=100869449828705&w=2 http://online.securityfocus.com/archive/1/247427 http://online.securityfocus.com/archive/1/248149 http://stunnel.mirt.net/news.html http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3 http://www.redhat.com/support/errata/RHSA-2002-002.html http://www.securityfocus.com/bid/3748 https://exchange.xforce.ibmcloud.com/vulnerabilities/7741 •
CVE-2001-1190
https://notcve.org/view.php?id=CVE-2001-1190
The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended. • http://www.iss.net/security_center/static/7706.php http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-091.php3 http://www.securityfocus.com/bid/3683 •
CVE-2001-0912
https://notcve.org/view.php?id=CVE-2001-0912
Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges. • http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-087.php3?dis=8.1 https://exchange.xforce.ibmcloud.com/vulnerabilities/7604 •