CVE-2002-1476
https://notcve.org/view.php?id=CVE-2002-1476
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh. Desbordamiento de búfer en setlocale en libc de NetBSD 1.4.x a 1.5, y posiblemente otros sistemas operativos, cuando es llamado con la categoría LC_ALL, permite a atacantes locales ejecutar código arbitrario mediante una cadena de formato controlada por el usuario que tenga más de 6 elementos, lo que excede los límites del array de categoría new_categories, es explotable a través de otros programas como xterm y zsh. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc http://www.iss.net/security_center/static/10159.php http://www.osvdb.org/7565 http://www.securityfocus.com/bid/5724 •
CVE-2002-1490
https://notcve.org/view.php?id=CVE-2002-1490
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. NetBSD 1.4 a la 1.6 beta permite a usuarios locales causar la Denegación de Servicios (DoS) mediante una serie de llamadas a TIOCSCTTY ioctl, lo cual provoca un desbordamiento de enteros en un contador, poniendo dicho contador a 0, liberando memoria que aún esta en uso por otros procesos. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc http://www.iss.net/security_center/static/10115.php http://www.osvdb.org/7566 http://www.securityfocus.com/bid/5722 •
CVE-2002-1543
https://notcve.org/view.php?id=CVE-2002-1543
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc http://www.iss.net/security_center/static/10458.php http://www.osvdb.org/7570 http://www.securityfocus.com/bid/6036 •
CVE-2002-1500
https://notcve.org/view.php?id=CVE-2002-1500
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). Desbordamiento de búfer en mrinfo, mtrace, y pppd en NetBSD 1.4.x a 1.6 permite a usuarios locales ganar privilegios ejecutando los programas despues de rellenar las tablas de descritptores de ficherros, lo que produce descriptores de ficheros mayores que FD_SETSIZE, que no son comprobados por FD_SET() • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc http://www.iss.net/security_center/static/10114.php http://www.securityfocus.com/bid/5727 •
CVE-2003-0102 – File 3.x - Local Stack Overflow Code Execution
https://notcve.org/view.php?id=CVE-2003-0102
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). • https://www.exploit-db.com/exploits/22324 https://www.exploit-db.com/exploits/22325 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc http://lwn.net/Alerts/34908 http://marc.info/?l=bugtraq&m=104680706201721&w=2 http://www.debian.org/security/2003/dsa-260 http://www.idefense.com/advisory/03.04.03.txt http://www.kb.cert.org/vuls/id/611865 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030 http://www.novell.com& •