CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0550
https://notcve.org/view.php?id=CVE-2003-0550
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. El protocolo STP, activado en Linux 2.4.x, no provee de suficiente seguridad por diseño, lo que permite a atacantes modificar la topología de puente. • http://www.debian.org/security/2004/dsa-358 http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.redhat.com/support/errata/RHSA-2003-239.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380 https://access.redhat.com/security/cve/CVE-2003-0550 https://bugzilla.redhat.com/show_bug.cgi?id=1617053 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0552
https://notcve.org/view.php?id=CVE-2003-0552
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target. Linux 2.4.x pemite a atacantes remotos suplantar entradas en la tabla de reenvio de puente (bridge forwarding) mediante paquetes falsificados cuya dirección de origen es la misma que la del objetivo. • http://www.debian.org/security/2004/dsa-358 http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-198.html http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.redhat.com/support/errata/RHSA-2003-239.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A385 https://access.redhat.com/security/cve/CVE-2003-0552 https://bugzilla.redhat.com/show_bug.cgi?id=1617055 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2003-0551
https://notcve.org/view.php?id=CVE-2003-0551
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. La implementación del protocolo STP en Linux 2.4.x no verifica adecuadamente ciertas longitudes, lo que podría permitir a atacantes causar una denegación de servicio. • http://www.debian.org/security/2004/dsa-358 http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-198.html http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.redhat.com/support/errata/RHSA-2003-239.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384 https://access.redhat.com/security/cve/CVE-2003-0551 https://bugzilla.redhat.com/show_bug.cgi?id=1617054 •
CVSS: 7.5EPSS: 12%CPEs: 7EXPL: 1CVE-1999-0997 – WU-FTPD 2.4.2/2.5 .0/2.6.0/2.6.1/2.6.2 - FTP Conversion
https://notcve.org/view.php?id=CVE-1999-0997
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress. • https://www.exploit-db.com/exploits/20563 http://www.debian.org/security/2003/dsa-377 •
CVSS: 7.2EPSS: 0%CPEs: 30EXPL: 1CVE-2000-0118 – RedHat Linux 5.2 i386/6.0 - No Logging
https://notcve.org/view.php?id=CVE-2000-0118
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. • https://www.exploit-db.com/exploits/19255 http://marc.info/?l=bugtraq&m=94935300520617&w=2 •