CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2003-0089 – HP-UX 11 - Software Distributor Lang Environment Variable Local Buffer Overrun
https://notcve.org/view.php?id=CVE-2003-0089
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. Desbordamiento de búfer en los útiles Software Distributor de HP-UX B.11.00 y B.11.11 permite a usuarios locales ejecutar código arbitrario mediante una variable de entorno LANG larga en programas setuid como swinstall y swmodify. • https://www.exploit-db.com/exploits/23343 http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0038.html http://marc.info/?l=bugtraq&m=106873965001431&w=2 http://www.securityfocus.com/advisories/6030 http://www.securityfocus.com/bid/8986 https://exchange.xforce.ibmcloud.com/vulnerabilities/13623 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5466 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2003-0840 – HP-UX 11 CDE DTPrintInfo - Display Environment Variable Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0840
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable. Desbordamiento de búfer en dtprintinfo en HP-UX 11.00, y posiblemente otros sistemas operativos, permite a usuarios locales ganar privilegios de root mediante una varible de entorno DISPLAY larga. • https://www.exploit-db.com/exploits/23236 http://marc.info/?l=bugtraq&m=106563181313571&w=2 •
CVSS: 10.0EPSS: 5%CPEs: 163EXPL: 0CVE-2003-0694 – Sendmail SMTP Address prescan Memory Corruption
https://notcve.org/view.php?id=CVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. La función de prescan en Sendmail 8.12.9 permite a atacantes remotos ejecutar código arbitrario mediante ataques de desbordamiento de búfer, como se demostró usando la función parseaddr en parseaddr.c. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106381604923204&w=2 http://marc.info/?l=bugtraq&m=106382859407683&w=2 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/? •
CVSS: 7.5EPSS: 0%CPEs: 105EXPL: 1CVE-2003-0681 – Sendmail 8.12.9 - 'Prescan()' Variant Remote Buffer Overrun
https://notcve.org/view.php?id=CVE-2003-0681
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. Un "desbordamiento de búfer potencial en el análisis de reglas" (ruleset parsing) en Sendmail 8.12.9 cuando se usan los conjuntos de reglas no estándar: (1) receptor, (2) final, o (3) receptores de envoltorio específicos del enviador de correo, tienen consecuencias desconocidas. • https://www.exploit-db.com/exploits/23154 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/?l=bugtraq&m=106398718909274&w=2 http://www.debian.org/security/2003/dsa-384 http://www.kb.cert.org/vuls/id/108964 http://www.mandriva.com/security/advisories?name=MDKSA-2003:092 http://www.redhat.com/support/errata/RHSA-2003-283.html http://www.securityfocus.com/bid/8649 http://www •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0333
https://notcve.org/view.php?id=CVE-2003-0333
Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. • http://archives.neohapsis.com/archives/hp/current/0044.html http://marc.info/?l=bugtraq&m=105189670912220&w=2 http://marc.info/?l=bugtraq&m=105190667523456&w=2 http://www.kb.cert.org/vuls/id/971364 http://www.securityfocus.com/bid/7627 https://exchange.xforce.ibmcloud.com/vulnerabilities/11929 •