All the vulnerabilites related to hp - secure_os
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:39
Severity ?
Summary
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_server | 3.1 | |
| caldera | openlinux_server | 3.1.1 | |
| caldera | openlinux_workstation | 3.1 | |
| caldera | openlinux_workstation | 3.1.1 | |
| redhat | pre-execution_environment | 0.1 | |
| hp | secure_os | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_server:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59A82AD5-A42D-49FF-A9D4-A57C8433A5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C31B1A4A-96AD-4322-8AF3-733D66DBB50E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:pre-execution_environment:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2522945-D94F-4F8D-8705-87D15AE3B41D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
},
{
"lang": "es",
"value": "El servidor Preboot eXecution Environment (PXE) permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante ciertos paquetes DHCP (Dinamic Host Configuraion Protocol) de tel\u00e9fonos Voz-sobre-IP (VOIP)."
}
],
"id": "CVE-2002-0835",
"lastModified": "2024-11-20T23:39:58.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5596"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-31 05:00
Modified
2024-11-20 23:37
Severity ?
Summary
Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
}
],
"id": "CVE-2001-1506",
"lastModified": "2024-11-20T23:37:50.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/3618"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3468"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/3618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2024-11-20 23:39
Severity ?
Summary
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mandrakesoft | mandrake_single_network_firewall | 7.2 | |
| hp | secure_os | 1.0 | |
| mandrakesoft | mandrake_linux | 7.0 | |
| mandrakesoft | mandrake_linux | 7.1 | |
| mandrakesoft | mandrake_linux | 7.2 | |
| mandrakesoft | mandrake_linux | 8.0 | |
| mandrakesoft | mandrake_linux | 8.0 | |
| mandrakesoft | mandrake_linux | 8.1 | |
| mandrakesoft | mandrake_linux | 8.1 | |
| mandrakesoft | mandrake_linux | 8.2 | |
| mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
"matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
},
{
"lang": "es",
"value": "setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se modifica /etc/passwd, lo que puede permitir a usuarios locales ganar privilegios mediante una compleja condici\u00f3n de carrera que usa un descriptor de fichero abierto en utilidades como chfn y chsh."
}
],
"id": "CVE-2002-0638",
"lastModified": "2024-11-20T23:39:31.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5164"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5344"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-31 05:00
Modified
2024-11-20 23:37
Severity ?
Summary
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7079F63C-7CA8-4909-A9C8-45C4C1C1C186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
}
],
"id": "CVE-2001-1563",
"lastModified": "2024-11-20T23:37:59.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-04 05:00
Modified
2024-11-20 23:40
Severity ?
Summary
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.0 | |
| hp | secure_os | 1.0 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*",
"matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*",
"matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "E9D468DB-C4AE-4ACB-B3B7-2FAEA90D6A49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
"matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
},
{
"lang": "es",
"value": "Fuga de memoria en ypdb_open en yp_db.c en ypserv anteriores a 2.5 en el paquete NIS 3.9 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de memoria) mediante un n\u00famero grande de peticiones de un mapa inexistente."
}
],
"id": "CVE-2002-1232",
"lastModified": "2024-11-20T23:40:52.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6016"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2024-11-20 23:39
Severity ?
Summary
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | secure_os | 1.0 | |
| mandrakesoft | mandrake_linux | 7.2 | |
| mandrakesoft | mandrake_linux | 8.0 | |
| mandrakesoft | mandrake_linux | 8.0 | |
| mandrakesoft | mandrake_linux | 8.1 | |
| mandrakesoft | mandrake_linux | 8.1 | |
| mandrakesoft | mandrake_linux | 8.2 | |
| mandrakesoft | mandrake_linux | 8.2 | |
| mandrakesoft | mandrake_linux | 9.0 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.2 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 8.0 | |
| redhat | linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
"matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
"matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "4D1E6298-EDF5-438F-8DFD-16A514CB938A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
},
{
"lang": "es",
"value": "El conversor dvips para ficheros Postscript en el paquete tetex llama a la funci\u00f3n system() de forma insegura, lo que permite a atacantes ejecutar comandos arbitrarios mediante ciertos trabajos de impresi\u00f3n, posiblemente conteniendo fuentes."
}
],
"id": "CVE-2002-0836",
"lastModified": "2024-11-20T23:39:58.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5978"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2002-0836
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:03
Severity ?
EPSS score ?
Summary
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=103497852330838&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/5978 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=104005975415582&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.kb.cert.org/vuls/id/169841 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.debian.org/security/2002/dsa-207 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/advisories/4567 | vendor-advisory, x_refsource_HP | |
| http://www.redhat.com/support/errata/RHSA-2002-195.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.iss.net/security_center/static/10365.php | vdb-entry, x_refsource_XF | |
| http://www.redhat.com/support/errata/RHSA-2002-194.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php | vendor-advisory, x_refsource_MANDRAKE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021018 GLSA: tetex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021018 GLSA: tetex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021018 GLSA: tetex",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0836",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-08-08T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0835
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:03
Severity ?
EPSS score ?
Summary
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/5596 | vdb-entry, x_refsource_BID | |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.iss.net/security_center/static/10003.php | vdb-entry, x_refsource_XF | |
| http://online.securityfocus.com/advisories/4449 | vendor-advisory, x_refsource_HP | |
| http://www.redhat.com/support/errata/RHSA-2002-162.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2002-165.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-11-14T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0835",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-08-08T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0638
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:56
Severity ?
EPSS score ?
Summary
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5164"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5164"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-043.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5164"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0638",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-27T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1563
Vulnerability from cvelistv5
Published
2005-07-14 04:00
Modified
2024-08-08 04:58
Severity ?
EPSS score ?
Summary
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42892 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/hp/2001-q4/0062.html | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1563",
"datePublished": "2005-07-14T04:00:00",
"dateReserved": "2005-07-14T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1506
Vulnerability from cvelistv5
Published
2005-06-21 04:00
Modified
2024-08-08 04:58
Severity ?
EPSS score ?
Summary
Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/3468 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7342 | vdb-entry, x_refsource_XF | |
| http://online.securityfocus.com/advisories/3618 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1506",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1232
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
EPSS score ?
Summary
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
References
| ▼ | URL | Tags |
|---|---|---|
| http://online.securityfocus.com/advisories/4605 | vendor-advisory, x_refsource_HP | |
| http://www.redhat.com/support/errata/RHSA-2003-229.html | vendor-advisory, x_refsource_REDHAT | |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.debian.org/security/2002/dsa-180 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2002-224.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.iss.net/security_center/static/10423.php | vdb-entry, x_refsource_XF | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000539 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.redhat.com/support/errata/RHSA-2002-223.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/6016 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=103582692228894&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBTL0210-074",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBTL0210-074",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBTL0210-074",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1232",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-10-22T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}