25 results (0.006 seconds)

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. Vulnerabilidad de cadena de formato en la función startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote(). • http://marc.info/?l=bugtraq&m=96994604300675&w=2 http://online.securityfocus.com/archive/1/137555 http://www.iss.net/security_center/static/5286.php http://www.redhat.com/support/errata/RHSA-2000-066.html http://www.securityfocus.com/bid/1711 •

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01 http://marc.info/?l=bugtraq&m=99258618906506&w=2 http://www.kb.cert.org/vuls/id/249579 https://exchange.xforce.ibmcloud.com/vulnerabilities/7098 •

CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 1

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/20493 http://marc.info/?l=bugtraq&m=98749102621604&w=2 http://marc.info/?l=bugtraq&m=99106787825229&w=2 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0 http://www.redhat.com/support/errata/RHSA-2001-042.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6367 •

CVSS: 4.6EPSS: 0%CPEs: 13EXPL: 2

Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. • https://www.exploit-db.com/exploits/20843 http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html http://www.novell.com/linux/security/advisories/2001_019_man_txt.html http://www.redhat.com/support/errata/RHSA-2001-069.html http://www.securityfocus.com/archive/1/190136 http://www.securityfocus.com/bid/2711 https://exchange.xforce.ibmcloud.com/vulnerabilities/6530 •