CVSS: 5.0EPSS: 3%CPEs: 33EXPL: 0CVE-2002-1232
https://notcve.org/view.php?id=CVE-2002-1232
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. Fuga de memoria en ypdb_open en yp_db.c en ypserv anteriores a 2.5 en el paquete NIS 3.9 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de memoria) mediante un número grande de peticiones de un mapa inexistente. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000539 http://marc.info/?l=bugtraq&m=103582692228894&w=2 http://online.securityfocus.com/advisories/4605 http://www.debian.org/security/2002/dsa-180 http://www.iss.net/security_center/static/10423.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php http://www.redhat.com/support/errata/RHSA-2002-223.html http://www.redhat. •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2002-0839
https://notcve.org/view.php?id=CVE-2002-0839
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. La tabla de puntuaciones (scoreboard) en memoria compartida del demonio HTTP en Apache 1.3.x anteriores a 1.3.27 permite a cualquier usuario corriendo con la UID de Apache enviar un señas SIGUSR1 a cualquier proceso como root, resultando en un a denegación de servicio (muerte de proceso) o posiblemente otros comportamientos no no serian permitidos normalmente, mediane la modificación de los segmentos parent[].pid y parent[].last_rtime en los segmentos de la tabla de puntuaciones. • ftp://patches.sgi.com/support/free/security/advisories/20021105-01-I http://archives.neohapsis.com/archives/bugtraq/2002-10/0195.html http://archives.neohapsis.com/archives/bugtraq/2002-10/0254.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0012.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000530 http://marc.info/?l=apache-httpd-announce&m=103367938230488&w=2 http://marc.info/?l=bugtraq&m=103376585508776&w=2 http://marc.info/?l=bugtraq&m= •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2002-0912
https://notcve.org/view.php?id=CVE-2002-0912
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow. El servidor UUCP (Unix to Unix CoPy) in.uucpd en Debian GNU/Linux 2.2 y posiblemente otros sistemas operativos, no termina adecuadamente cadenas largas, lo que permite a atacantes remotos causar una denegación de servicio, posiblemente debido a un desbordamiento de búfer. • http://www.debian.org/security/2002/dsa-129 http://www.iss.net/security_center/static/9230.php http://www.securityfocus.com/bid/4910 •
CVSS: 7.5EPSS: 75%CPEs: 3EXPL: 3CVE-2002-0392 – Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption
https://notcve.org/view.php?id=CVE-2002-0392
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. • https://www.exploit-db.com/exploits/21560 https://www.exploit-db.com/exploits/21559 https://www.exploit-db.com/exploits/16782 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32 ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31 ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I http://archives. •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2002-0401
https://notcve.org/view.php?id=CVE-2002-0401
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-037.0.txt http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000505 http://marc.info/?l=bugtraq&m=102268626526119&w=2 http://www.debian.org/security/2002/dsa-130 http://www.ethereal.com/appnotes/enpa-sa-00004.html http://www.iss.net/security_center/static/9204.php http://www.redhat.com/support/errata/RHSA-2002-036.html http://www.redhat.com/support/errata/RHSA-2002-088.html http://www.securityfocus.com& • CWE-476: NULL Pointer Dereference •