CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2002-1915
https://notcve.org/view.php?id=CVE-2002-1915
31 Dec 2002 — tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. • http://online.securityfocus.com/archive/1/283033 • CWE-667: Improper Locking •
CVSS: 7.0EPSS: 0%CPEs: 52EXPL: 0CVE-2002-2092
https://notcve.org/view.php?id=CVE-2002-2092
31 Dec 2002 — Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2002-2188
https://notcve.org/view.php?id=CVE-2002-2188
31 Dec 2002 — OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/018_kernresource.patch •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2002-2222
https://notcve.org/view.php?id=CVE-2002-2222
31 Dec 2002 — isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2002-2280
https://notcve.org/view.php?id=CVE-2002-2280
31 Dec 2002 — syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server. • http://archives.neohapsis.com/archives/bugtraq/2002-11/0272.html • CWE-16: Configuration •
CVSS: 7.5EPSS: 2%CPEs: 15EXPL: 0CVE-2002-1345
https://notcve.org/view.php?id=CVE-2002-1345
17 Dec 2002 — Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. • ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A •
CVSS: 9.8EPSS: 7%CPEs: 24EXPL: 0CVE-2002-1219
https://notcve.org/view.php?id=CVE-2002-1219
29 Nov 2002 — Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). Desbordamiento de búfer en BIND versiones 4 anteriores a 4.9.10, y versiones 8 anteriores a 8.3.3, permite a atacantes remotos ejecutar código arbitrario mediante una cierta respuesta de servidor DNS conteniendo registros de recursos (RR) SIG. • ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P •
CVSS: 7.5EPSS: 19%CPEs: 11EXPL: 1CVE-2002-1220 – ISC BIND 8.3.x - OPT Record Large UDP Denial of Service
https://notcve.org/view.php?id=CVE-2002-1220
29 Nov 2002 — BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. BIND 8.3.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (terminación debido a fallo en aseveración) mediante una petición para un subdominio que no existe, con un registro de recurso OPT con una carga UDP grande. • https://www.exploit-db.com/exploits/22011 •
CVSS: 7.5EPSS: 3%CPEs: 21EXPL: 0CVE-2002-1221
https://notcve.org/view.php?id=CVE-2002-1221
29 Nov 2002 — BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (caída) mediante elementos registro de recurso (RR) SIG con fecha de expiració inválida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 •
CVSS: 10.0EPSS: 4%CPEs: 10EXPL: 4CVE-2002-0391
https://notcve.org/view.php?id=CVE-2002-0391
12 Aug 2002 — Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt • CWE-190: Integer Overflow or Wraparound •