CVE-2003-0367
https://notcve.org/view.php?id=CVE-2003-0367
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. znew en el paquete gzip permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlaces simbólicos en ficheros temporales. • http://www.debian.org/security/2003/dsa-308 http://www.mandriva.com/security/advisories?name=MDKSA-2003:068 http://www.openpkg.org/security/OpenPKG-SA-2003.031-gzip.html http://www.securityfocus.com/bid/7872 http://www.turbolinux.com/security/TLSA-2003-38.txt • CWE-20: Improper Input Validation •
CVE-2003-0358 – Nethack 3 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0358
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. Desbordamiento de búfer en nethack 3.4.0 y anteriores permite que usuarios locales obtengan privilegios mediante la opción -s en la línea de comandos. • https://www.exploit-db.com/exploits/22233 https://www.exploit-db.com/exploits/22234 https://www.exploit-db.com/exploits/22235 https://github.com/fengjixuchui/CVE-2003-0358 http://nethack.sourceforge.net/v340/bugmore/secpatch.txt http://www.debian.org/security/2003/dsa-316 http://www.debian.org/security/2003/dsa-350 http://www.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0 http://www.securityfocus.com/bid/6806 https://exchange.xforce.ibmcloud.com/vuln • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2003-0098
https://notcve.org/view.php?id=CVE-2003-0098
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. Vulnerabilidad desconocida en apcupsd anteriores a 3.8.6, y 3.10.x anteriores a 3.10.5 permite a atacantes remotos ganar privilegios de root, posiblemente mediante cadenas de formato en una petición a un servidor esclavo. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-015.0.txt http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/apcupsd/apcupsd/src/apcnisd.c.diff?r1=1.5&r2=1.6 http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt http://securitytracker.com/id?1006108 http://sourceforge.net/project/shownotes.php?release_id=137900 http://www.debian.org/security/2003/dsa-277 http://www.iss.net/security_center/static/11334.php http://www.mandriva.com/security/advisories?name=MDKSA-2003:018 h •
CVE-2002-1372
https://notcve.org/view.php?id=CVE-2002-1372
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. Common Unix Printing System (CUPS) 1.1.14 a 1.1.17 no comprueba adecuadamente los valores de retorno de varias operaciones de ficheros y sockets, lo que podría permitir a un atacante remoto causar una denegación de servicio (consumición de recursos) haciendo que descriptores de ficheros sean asignados y no liberados, como ha sido demostrado por fanta. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702 http://marc.info/?l=bugtraq&m=104032149026670&w=2 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.19.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/RHSA-2002-295.html http:// • CWE-252: Unchecked Return Value •
CVE-2002-1232
https://notcve.org/view.php?id=CVE-2002-1232
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. Fuga de memoria en ypdb_open en yp_db.c en ypserv anteriores a 2.5 en el paquete NIS 3.9 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de memoria) mediante un número grande de peticiones de un mapa inexistente. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000539 http://marc.info/?l=bugtraq&m=103582692228894&w=2 http://online.securityfocus.com/advisories/4605 http://www.debian.org/security/2002/dsa-180 http://www.iss.net/security_center/static/10423.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php http://www.redhat.com/support/errata/RHSA-2002-223.html http://www.redhat. •