CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One
https://notcve.org/view.php?id=CVE-2002-0083
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2002-0067
https://notcve.org/view.php?id=CVE-2002-0067
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. Squid 2.4 STABLE2 y versiones anteriores no deshabilita adecuadamente HTCP, incluso cuando ""htcp_port 0"" es especificado en el fichero squid.conf, el cual podría permitir a atacantes remotos saltarse las restricciones de acceso. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464 http://marc.info/?l=bugtraq&m=101431040422095&w=2 http://marc.info/?l=bugtraq&m=101443252627021&w=2 http://www.iss.net/security_center/static/8261.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php http://www.osvdb.org/5379 http:/ •
CVSS: 2.6EPSS: 3%CPEs: 11EXPL: 0CVE-2002-0069
https://notcve.org/view.php?id=CVE-2002-0069
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service. Error de memoria en SNMP de Squid STABLE2 y versiones anteriores permite a un atacante remoto provocar una denegación del servicio. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464 http://marc.info/?l=bugtraq&m=101431040422095&w=2 http://marc.info/?l=bugtraq&m=101443252627021&w=2 http://www.iss.net/security_center/static/8260.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php http://www.redhat.com/support/errata&#x •
CVSS: 7.5EPSS: 39%CPEs: 11EXPL: 2CVE-2002-0068 – Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0068
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. Squid 2.4 STABLE3 y versiones anteriores permite a atacantes remotos causar la denegación de servicios por volcado del núcleo (core dump) y ejecutar código arbitrario mediante una dirección URL ftp:// mal construida. • https://www.exploit-db.com/exploits/21297 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464 http://marc.info/?l=bugtraq&m=101431040422095&w=2 http://marc.info/?l=bugtraq&m=101440163111826&w=2 http://marc.info/?l=bugtraq&m=101443252627021&w=2 http://www.caldera.com/support/security/advisories/CSSA-2002-010&# •
CVSS: 7.2EPSS: 0%CPEs: 28EXPL: 0CVE-2002-0062
https://notcve.org/view.php?id=CVE-2002-0062
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." El desbordamiento del búfer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en él, permite a usuarios locales la obtención de privilegios. • http://www.debian.org/security/2002/dsa-113 http://www.iss.net/security_center/static/8222.php http://www.redhat.com/support/errata/RHSA-2002-020.html http://www.securityfocus.com/bid/2116 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •