CVSS: 4.6EPSS: 0%CPEs: 15EXPL: 5CVE-2002-1814 – Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1814
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. • https://www.exploit-db.com/exploits/21583 https://www.exploit-db.com/exploits/21584 https://www.exploit-db.com/exploits/21585 http://online.securityfocus.com/archive/1/279676 http://www.iss.net/security_center/static/9451.php http://www.securiteam.com/exploits/5AP0E0K8AO.html http://www.securityfocus.com/bid/5125 •
CVSS: 4.6EPSS: 0%CPEs: 48EXPL: 0CVE-2002-1323
https://notcve.org/view.php?id=CVE-2002-1323
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. Safe.pm 2.0.7 y anteriores, si se usan con Perl 5.8.0 y anteriores, pueden permitir a atacantes escapar de compartimientos seguros en Safe::reval o Safe::rdo usando una variable @_ redefinida, que no es reestablecida entre llamadas sucesivas. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-007.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.1/SCOSA-2004.1.txt ftp://patches.sgi.com/support/free/security/advisories/20030606-01-A http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0061.html http://bugs6.perl.org/rt2/Ticket/Display.html?id=17744 http://marc.info/?l=bugtraq&m=104005919814869&w=2 http://marc.info/?l=bugtraq&m=104033126305252&w=2 http://marc.info/?l=bugtraq&m=10404 •
CVSS: 5.0EPSS: 3%CPEs: 33EXPL: 0CVE-2002-1232
https://notcve.org/view.php?id=CVE-2002-1232
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. Fuga de memoria en ypdb_open en yp_db.c en ypserv anteriores a 2.5 en el paquete NIS 3.9 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de memoria) mediante un número grande de peticiones de un mapa inexistente. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000539 http://marc.info/?l=bugtraq&m=103582692228894&w=2 http://online.securityfocus.com/advisories/4605 http://www.debian.org/security/2002/dsa-180 http://www.iss.net/security_center/static/10423.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php http://www.redhat.com/support/errata/RHSA-2002-223.html http://www.redhat. •
CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 0CVE-2002-0836
https://notcve.org/view.php?id=CVE-2002-0836
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. El conversor dvips para ficheros Postscript en el paquete tetex llama a la función system() de forma insegura, lo que permite a atacantes ejecutar comandos arbitrarios mediante ciertos trabajos de impresión, posiblemente conteniendo fuentes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 http://marc.info/?l=bugtraq&m=103497852330838&w=2 http://marc.info/?l=bugtraq&m=104005975415582&w=2 http://www.debian.org/security/2002/dsa-207 http://www.iss.net/security_center/static/10365.php http://www.kb.cert.org/vuls/id/169841 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php http://www.redhat.com/support/errata/RHSA-2002-194.html http://www.redhat.com/support/errat •
CVSS: 6.2EPSS: 0%CPEs: 29EXPL: 0CVE-2002-0638
https://notcve.org/view.php?id=CVE-2002-0638
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se modifica /etc/passwd, lo que puede permitir a usuarios locales ganar privilegios mediante una compleja condición de carrera que usa un descriptor de fichero abierto en utilidades como chfn y chsh. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523 http://marc.info/?l=bugtraq&m=102795787713996&w=2 http://online.securityfocus.com/advisories/4320 http://rhn.redhat.com/errata/RHSA-2002-132.html http://www.iss.net/security_center/static/9709.php http://www.kb&# •