CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2022-21950 – canna: unsafe handling of /tmp/.iroha_unix directory
https://notcve.org/view.php?id=CVE-2022-21950
07 Sep 2022 — A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2.3.1. openSUSE Backports SLE-15-SP4 canna versions prior to 3.7p3-bp154.3.3.1. openSUSE Factory was also affected. Instead of fixing the package it was deleted there. Una vulnerabilidad de Control de Acceso inapropiado en el servici... • https://bugzilla.suse.com/show_bug.cgi?id=1199280 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1158
https://notcve.org/view.php?id=CVE-2002-1158
18 Dec 2002 — Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. Desbordamiento de búfer en Canna 3.5.b2 y anteriores permite a usuarios locales ejecutar código arbitrario como el usuario bin. • http://canna.sourceforge.jp/sec/Canna-2002-01.txt •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2002-1159
https://notcve.org/view.php?id=CVE-2002-1159
18 Dec 2002 — Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak. Canna 3.6 y anteriores no validan adecuadamente las peticiones, lo que permite a atacantes remotos causar una denegación de servicio o fuga de información. • http://canna.sourceforge.jp/sec/Canna-2002-01.txt •