CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 4%CPEs: 33EXPL: 0CVE-2002-1232
https://notcve.org/view.php?id=CVE-2002-1232
04 Nov 2002 — Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. Fuga de memoria en ypdb_open en yp_db.c en ypserv anteriores a 2.5 en el paquete NIS 3.9 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de memoria) mediante un número grande de peticiones de un mapa inexistente. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt •
CVSS: 9.8EPSS: 12%CPEs: 27EXPL: 0CVE-2002-0836
https://notcve.org/view.php?id=CVE-2002-0836
28 Oct 2002 — dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. El conversor dvips para ficheros Postscript en el paquete tetex llama a la función system() de forma insegura, lo que permite a atacantes ejecutar comandos arbitrarios mediante ciertos trabajos de impresión, posiblemente conteniendo fuentes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 1CVE-2002-0835
https://notcve.org/view.php?id=CVE-2002-0835
04 Oct 2002 — Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones. El servidor Preboot eXecution Environment (PXE) permite a atacantes remotos causar una denegación de servicio (caída) mediante ciertos paquetes DHCP (Dinamic Host Configuraion Protocol) de teléfonos Voz-sobre-IP (VOIP). • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt •
CVSS: 7.0EPSS: 0%CPEs: 29EXPL: 0CVE-2002-0638
https://notcve.org/view.php?id=CVE-2002-0638
12 Aug 2002 — setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se mo... • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1506
https://notcve.org/view.php?id=CVE-2001-1506
31 Dec 2001 — Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files. • http://online.securityfocus.com/advisories/3618 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2001-1563
https://notcve.org/view.php?id=CVE-2001-1563
31 Dec 2001 — Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers. • http://archives.neohapsis.com/archives/hp/2001-q4/0062.html •