CVE-2002-1194
https://notcve.org/view.php?id=CVE-2002-1194
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message. Desbordamiento de búfer en talkd en NetBSD 1.6 y anteriores, y posiblemente otros sistemas operativos, pueden permitir a atacantes remotos ejecutar código arbitrario mediante un mensaje largo entrante. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc http://www.iss.net/security_center/static/10303.php http://www.securityfocus.com/bid/5910 •
CVE-2002-1192 – Rogue 5.3 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1192
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file. • https://www.exploit-db.com/exploits/21881 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc http://marc.info/?l=bugtraq&m=103342413220529&w=2 http://secunia.com/advisories/7181 http://secunia.com/advisories/7252 http://www.osvdb.org/6098 http://www.securityfocus.com/bid/5837 https://exchange.xforce.ibmcloud.com/vulnerabilities/10261 •
CVE-2002-1165 – Sendmail 8.12.x - SMRSH Double Pipe Access Validation
https://notcve.org/view.php?id=CVE-2002-1165
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. Sendmail Consortium's Restricted Shell (SMRSH) en Sendmail 8.12.6, 8.11.6-15 y anteriores, permite a atacantes puentear las restricciones pretendidas de smrsh insertando caractéres adicionales después de secuencias "||" (dos barras verticales) o "/" (barra), que no son adecuadamente filtradas o verificadas. • https://www.exploit-db.com/exploits/21884 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000532 http://marc.info/?l=bugtraq&m=103350914307274&w=2 http://secunia.com/advisories/7826 http://www.iss.net/security_center/static/10232.php http://www.mandriva.com/security/advisories?name=MDKSA-2002:083 http://www.redhat.com/support/errata/RHSA-2003-073.html http://www.securityfocus.com/bi •
CVE-2002-0414
https://notcve.org/view.php?id=CVE-2002-0414
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG http://www.iss.net/security_center/static/8416.php http://www.osvdb.org/5304 http://www.securityfocus.com/archive/1/259598 http://www.securityfocus.com/bid/4224 •
CVE-2000-1208
https://notcve.org/view.php?id=CVE-2000-1208
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. Vulnerabilidad de cadena de formato en la función startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote(). • http://marc.info/?l=bugtraq&m=96994604300675&w=2 http://online.securityfocus.com/archive/1/137555 http://www.iss.net/security_center/static/5286.php http://www.redhat.com/support/errata/RHSA-2000-066.html http://www.securityfocus.com/bid/1711 •