26 results (0.015 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL. Desbordamiento de búfer en la función url_filename de wget 1.8.1 permite que atacantes remotos causen una denegación de servicio ("segmentation fault") y posiblemente ejecuten código arbitrario mediante una URL muy larga • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000716 http://marc.info/?l=bugtraq&m=105474357016184&w=2 http://www.debian.org/security/2002/dsa-209 http://www.redhat.com/support/errata/RHSA-2003-372.html https://exchange.xforce.ibmcloud.com/vulnerabilities/10851 https://access.redhat.com/security/cve/CVE-2002-1565 https:/ •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. Vulnerabilidad de cadena de formato en la función startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote(). • http://marc.info/?l=bugtraq&m=96994604300675&w=2 http://online.securityfocus.com/archive/1/137555 http://www.iss.net/security_center/static/5286.php http://www.redhat.com/support/errata/RHSA-2000-066.html http://www.securityfocus.com/bid/1711 •

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01 http://marc.info/?l=bugtraq&m=99258618906506&w=2 http://www.kb.cert.org/vuls/id/249579 https://exchange.xforce.ibmcloud.com/vulnerabilities/7098 •

CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 1

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/20493 http://marc.info/?l=bugtraq&m=98749102621604&w=2 http://marc.info/?l=bugtraq&m=99106787825229&w=2 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0 http://www.redhat.com/support/errata/RHSA-2001-042.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6367 •