Search criteria
82 vulnerabilities by caldera
CVE-2014-2934 (GCVE-0-2014-2934)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI
Summary
Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/693092 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2014-05-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2934",
"datePublished": "2014-05-08T10:00:00.000Z",
"dateReserved": "2014-04-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:46.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2936 (GCVE-0-2014-2936)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI
Summary
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/67254 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/693092 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2014-05-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67254",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67254"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-14T06:57:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "67254",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67254"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67254"
},
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2936",
"datePublished": "2014-05-08T10:00:00.000Z",
"dateReserved": "2014-04-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:46.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2935 (GCVE-0-2014-2935)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI
Summary
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/67252 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/693092 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2014-05-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67252",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67252"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-14T06:57:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "67252",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67252"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67252",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67252"
},
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2935",
"datePublished": "2014-05-08T10:00:00.000Z",
"dateReserved": "2014-04-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:46.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2933 (GCVE-0-2014-2933)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI
Summary
Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/693092 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2014-05-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:45.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2933",
"datePublished": "2014-05-08T10:00:00.000Z",
"dateReserved": "2014-04-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:45.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1577 (GCVE-0-2001-1577)
Vulnerability from cvelistv5 – Published: 2005-08-05 04:00 – Updated: 2024-08-08 04:58
VLAI
Summary
Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/3646 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/linux/cald… | vendor-advisoryx_refsource_CALDERA |
Date Public
2001-12-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3646"
},
{
"name": "cde-xterm-gain-privileges(7666)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7666"
},
{
"name": "CSSA-2001-SCO.37",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3646"
},
{
"name": "cde-xterm-gain-privileges(7666)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7666"
},
{
"name": "CSSA-2001-SCO.37",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3646"
},
{
"name": "cde-xterm-gain-privileges(7666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7666"
},
{
"name": "CSSA-2001-SCO.37",
"refsource": "CALDERA",
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1577",
"datePublished": "2005-08-05T04:00:00.000Z",
"dateReserved": "2005-08-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:58:11.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1576 (GCVE-0-2001-1576)
Vulnerability from cvelistv5 – Published: 2005-08-05 04:00 – Updated: 2024-09-16 23:05
VLAI
Summary
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://cert.uni-stuttgart.de/archive/bugtraq/2001… | vendor-advisoryx_refsource_CALDERA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2001-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00404.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-05T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2001-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00404.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2001-SCO.3",
"refsource": "CALDERA",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00404.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1576",
"datePublished": "2005-08-05T04:00:00.000Z",
"dateReserved": "2005-08-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:05:29.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1478 (GCVE-0-2001-1478)
Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
VLAI
Summary
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/3555 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| ftp://stage.caldera.com/pub/security/openunix/CSS… | vendor-advisoryx_refsource_CALDERA |
Date Public
2001-11-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3555",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3555"
},
{
"name": "unixware-openunix-xlock-bo(7573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7573"
},
{
"name": "CSSA-2001-SCO.34",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/CSSA-2001-SCO.34.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3555",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3555"
},
{
"name": "unixware-openunix-xlock-bo(7573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7573"
},
{
"name": "CSSA-2001-SCO.34",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/CSSA-2001-SCO.34.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3555",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3555"
},
{
"name": "unixware-openunix-xlock-bo(7573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7573"
},
{
"name": "CSSA-2001-SCO.34",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/CSSA-2001-SCO.34.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1478",
"datePublished": "2005-06-21T04:00:00.000Z",
"dateReserved": "2005-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:58:11.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1199 (GCVE-0-2002-1199)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI
Summary
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… | vendor-advisoryx_refsource_SUNALERT |
| http://marc.info/?l=bugtraq&m=103426842025029&w=2 | mailing-listx_refsource_BUGTRAQ |
| ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/10329.php | vdb-entryx_refsource_XF |
| http://www.kb.cert.org/vuls/id/538033 | third-party-advisoryx_refsource_CERT-VN |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.securityfocus.com/bid/5937 | vdb-entryx_refsource_BID |
Date Public
2002-10-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47903",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "47903",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "47903",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1199",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-10-11T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:19:27.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1231 (GCVE-0-2002-1231)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI
Summary
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/6025 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/10425.php | vdb-entryx_refsource_XF |
| ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41 | vendor-advisoryx_refsource_CALDERA |
Date Public
2002-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6025",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6025"
},
{
"name": "openunix-unixware-rcp-dos(10425)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10425.php"
},
{
"name": "CSSA-2002-SCO.41",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-02-26T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6025",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6025"
},
{
"name": "openunix-unixware-rcp-dos(10425)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10425.php"
},
{
"name": "CSSA-2002-SCO.41",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6025",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6025"
},
{
"name": "openunix-unixware-rcp-dos(10425)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10425.php"
},
{
"name": "CSSA-2002-SCO.41",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1231",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:19:28.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0835 (GCVE-0-2002-0835)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/5596 | vdb-entryx_refsource_BID |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/10003.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/advisories/4449 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2002-162.html | vendor-advisoryx_refsource_REDHAT |
| http://www.redhat.com/support/errata/RHSA-2002-165.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2002-08-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-11-14T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0835",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0658 (GCVE-0-2003-0658)
Vulnerability from cvelistv5 – Published: 2003-09-03 04:00 – Updated: 2024-08-08 01:58
VLAI
Summary
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | x_refsource_MISC |
Date Public
2003-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:58:11.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:23:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0658",
"datePublished": "2003-09-03T04:00:00.000Z",
"dateReserved": "2003-08-06T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:58:11.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0981 (GCVE-0-2002-0981)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:12
VLAI
Summary
Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2… | vendor-advisoryx_refsource_CALDERA |
| http://www.securityfocus.com/bid/5551 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/9945.php | vdb-entryx_refsource_XF |
Date Public
2002-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-SCO.36",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.36/CSSA-2002-SCO.36.txt"
},
{
"name": "5551",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5551"
},
{
"name": "openunix-unixware-ndcfg-bo(9945)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9945.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-SCO.36",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.36/CSSA-2002-SCO.36.txt"
},
{
"name": "5551",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5551"
},
{
"name": "openunix-unixware-ndcfg-bo(9945)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9945.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-SCO.36",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.36/CSSA-2002-SCO.36.txt"
},
{
"name": "5551",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5551"
},
{
"name": "openunix-unixware-ndcfg-bo(9945)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9945.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0981",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:16.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0512 (GCVE-0-2002-0512)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
VLAI
Summary
startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/8737.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/4400 | vdb-entryx_refsource_BID |
| http://www.calderasystems.com/support/security/ad… | vendor-advisoryx_refsource_CALDERA |
Date Public
2002-03-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kde-startkde-search-directory(8737)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8737.php"
},
{
"name": "4400",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4400"
},
{
"name": "CSSA-2002-005.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-08-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kde-startkde-search-directory(8737)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8737.php"
},
{
"name": "4400",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4400"
},
{
"name": "CSSA-2002-005.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kde-startkde-search-directory(8737)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8737.php"
},
{
"name": "4400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4400"
},
{
"name": "CSSA-2002-005.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0512",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:49:28.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0678 (GCVE-0-2002-0678)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
VLAI
Summary
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2002-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "IY32368",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "IY32370",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "VU#299816",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/299816"
},
{
"name": "20021101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P"
},
{
"name": "oval:org.mitre.oval:def:175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175"
},
{
"name": "oval:org.mitre.oval:def:80",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80"
},
{
"name": "5083",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5083"
},
{
"name": "tooltalk-ttdbserverd-tttransaction-symlink(9527)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9527.php"
},
{
"name": "oval:org.mitre.oval:def:2770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-29T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "IY32368",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "IY32370",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "VU#299816",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/299816"
},
{
"name": "20021101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P"
},
{
"name": "oval:org.mitre.oval:def:175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175"
},
{
"name": "oval:org.mitre.oval:def:80",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80"
},
{
"name": "5083",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5083"
},
{
"name": "tooltalk-ttdbserverd-tttransaction-symlink(9527)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9527.php"
},
{
"name": "oval:org.mitre.oval:def:2770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-SCO.28",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "IY32368",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "IY32370",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "VU#299816",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/299816"
},
{
"name": "20021101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P"
},
{
"name": "oval:org.mitre.oval:def:175",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175"
},
{
"name": "oval:org.mitre.oval:def:80",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80"
},
{
"name": "5083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5083"
},
{
"name": "tooltalk-ttdbserverd-tttransaction-symlink(9527)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9527.php"
},
{
"name": "oval:org.mitre.oval:def:2770",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0678",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:56:38.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0911 (GCVE-0-2002-0911)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/9240.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/4923 | vdb-entryx_refsource_BID |
Date Public
2002-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-024.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt"
},
{
"name": "volution-manager-plaintext-password(9240)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9240.php"
},
{
"name": "4923",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-024.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt"
},
{
"name": "volution-manager-plaintext-password(9240)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9240.php"
},
{
"name": "4923",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-024.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt"
},
{
"name": "volution-manager-plaintext-password(9240)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9240.php"
},
{
"name": "4923",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0911",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0246 (GCVE-0-2002-0246)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI
Summary
Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://online.securityfocus.com/archive/1/255414 | mailing-listx_refsource_BUGTRAQ |
| http://www.iss.net/security_center/static/8113.php | vdb-entryx_refsource_XF |
| ftp://stage.caldera.com/pub/security/unixware/CSS… | vendor-advisoryx_refsource_CALDERA |
| http://www.securityfocus.com/bid/4060 | vdb-entryx_refsource_BID |
Date Public
2002-02-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020210 Unixware Message catalog exploit code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/255414"
},
{
"name": "unixware-msg-catalog-format-string(8113)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8113.php"
},
{
"name": "CSSA-2002-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt"
},
{
"name": "4060",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-05-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020210 Unixware Message catalog exploit code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/255414"
},
{
"name": "unixware-msg-catalog-format-string(8113)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8113.php"
},
{
"name": "CSSA-2002-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt"
},
{
"name": "4060",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020210 Unixware Message catalog exploit code",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/255414"
},
{
"name": "unixware-msg-catalog-format-string(8113)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8113.php"
},
{
"name": "CSSA-2002-SCO.3",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt"
},
{
"name": "4060",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0246",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:42:28.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0988 (GCVE-0-2002-0988)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:12
VLAI
Summary
Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/5577 | vdb-entryx_refsource_BID |
| ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38 | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/9977.php | vdb-entryx_refsource_XF |
Date Public
2002-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5577"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "openunix-unixware-xsco-bo(9977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9977.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5577"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "openunix-unixware-xsco-bo(9977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9977.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5577"
},
{
"name": "CSSA-2002-SCO.38",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "openunix-unixware-xsco-bo(9977)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9977.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0988",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-08-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:17.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0679 (GCVE-0-2002-0679)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
VLAI
Summary
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.iss.net/security_center/static/9822.php | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=102917002523536&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www1.itrc.hp.com/service/cki/docDisplay.do… | vendor-advisoryx_refsource_HP |
| http://www.securityfocus.com/bid/5444 | vdb-entryx_refsource_BID |
| http://www-1.ibm.com/support/search.wss?rs=0&q=IY… | vendor-advisoryx_refsource_AIXAPAR |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=f… | x_refsource_CONFIRM |
| http://www.cert.org/advisories/CA-2002-26.html | third-party-advisoryx_refsource_CERT |
| http://www-1.ibm.com/support/search.wss?rs=0&q=IY… | vendor-advisoryx_refsource_AIXAPAR |
| http://www.kb.cert.org/vuls/id/387387 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2002-08-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:177",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177"
},
{
"name": "tooltalk-ttdbserverd-ttcreatefile-bo(9822)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9822.php"
},
{
"name": "20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102917002523536\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "5444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5444"
},
{
"name": "IY32792",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32792\u0026apar=only"
},
{
"name": "oval:org.mitre.oval:def:192",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity"
},
{
"name": "CA-2002-26",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-26.html"
},
{
"name": "IY32793",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32793\u0026apar=only"
},
{
"name": "VU#387387",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/387387"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-24T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:177",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177"
},
{
"name": "tooltalk-ttdbserverd-ttcreatefile-bo(9822)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9822.php"
},
{
"name": "20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102917002523536\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "5444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5444"
},
{
"name": "IY32792",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32792\u0026apar=only"
},
{
"name": "oval:org.mitre.oval:def:192",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity"
},
{
"name": "CA-2002-26",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-26.html"
},
{
"name": "IY32793",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32793\u0026apar=only"
},
{
"name": "VU#387387",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/387387"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:177",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177"
},
{
"name": "tooltalk-ttdbserverd-ttcreatefile-bo(9822)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9822.php"
},
{
"name": "20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102917002523536\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "5444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5444"
},
{
"name": "IY32792",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32792\u0026apar=only"
},
{
"name": "oval:org.mitre.oval:def:192",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192"
},
{
"name": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity"
},
{
"name": "CA-2002-26",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-26.html"
},
{
"name": "IY32793",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32793\u0026apar=only"
},
{
"name": "VU#387387",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/387387"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0679",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:56:38.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1359 (GCVE-0-2001-1359)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 04:51
VLAI
Summary
Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/2850 | vdb-entryx_refsource_BID |
| http://www.caldera.com/support/security/advisorie… | vendor-advisoryx_refsource_CALDERA |
Date Public
2001-06-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "volution-authentication-failure-access(6672)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6672"
},
{
"name": "2850",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2850"
},
{
"name": "CSSA-2001-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-06-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "volution-authentication-failure-access(6672)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6672"
},
{
"name": "2850",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2850"
},
{
"name": "CSSA-2001-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "volution-authentication-failure-access(6672)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6672"
},
{
"name": "2850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2850"
},
{
"name": "CSSA-2001-021.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1359",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:51:08.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0987 (GCVE-0-2002-0987)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:12
VLAI
Summary
X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/5044 | vdb-entryx_refsource_OSVDB |
| ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38 | vendor-advisoryx_refsource_CALDERA |
| http://www.securityfocus.com/bid/5575 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/9976.php | vdb-entryx_refsource_XF |
Date Public
2002-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5044"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "5575",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5575"
},
{
"name": "openunix-unixware-xsco-privileges(9976)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9976.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5044"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "5575",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5575"
},
{
"name": "openunix-unixware-xsco-privileges(9976)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9976.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5044",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5044"
},
{
"name": "CSSA-2002-SCO.38",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "5575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5575"
},
{
"name": "openunix-unixware-xsco-privileges(9976)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9976.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0987",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-08-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:16.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0442 (GCVE-0-2002-0442)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
VLAI
Summary
Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/4273 | vdb-entryx_refsource_BID |
| ftp://stage.caldera.com/pub/security/openserver/C… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/8442.php | vdb-entryx_refsource_XF |
Date Public
2002-03-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4273"
},
{
"name": "CSSA-2002-SCO.8",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/CSSA-2002-SCO.8.txt"
},
{
"name": "openserver-dlvraudit-bo(8442)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8442.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4273"
},
{
"name": "CSSA-2002-SCO.8",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/CSSA-2002-SCO.8.txt"
},
{
"name": "openserver-dlvraudit-bo(8442)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8442.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4273"
},
{
"name": "CSSA-2002-SCO.8",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/CSSA-2002-SCO.8.txt"
},
{
"name": "openserver-dlvraudit-bo(8442)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8442.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0442",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:49:28.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0887 (GCVE-0-2002-0887)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI
Summary
scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=99057164129869&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.iss.net/security_center/static/9210.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/4875 | vdb-entryx_refsource_BID |
| ftp://stage.caldera.com/pub/security/openserver/C… | vendor-advisoryx_refsource_CALDERA |
Date Public
2002-05-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010522 [SRT2001-10] - scoadmin /tmp issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99057164129869\u0026w=2"
},
{
"name": "openserver-scoadmin-symlink(9210)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9210.php"
},
{
"name": "4875",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4875"
},
{
"name": "CSSA-2002-SCO.22",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010522 [SRT2001-10] - scoadmin /tmp issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99057164129869\u0026w=2"
},
{
"name": "openserver-scoadmin-symlink(9210)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9210.php"
},
{
"name": "4875",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4875"
},
{
"name": "CSSA-2002-SCO.22",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010522 [SRT2001-10] - scoadmin /tmp issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=99057164129869\u0026w=2"
},
{
"name": "openserver-scoadmin-symlink(9210)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9210.php"
},
{
"name": "4875",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4875"
},
{
"name": "CSSA-2002-SCO.22",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0887",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0885 (GCVE-0-2002-0885)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/4791 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/vulnwatch/… | mailing-listx_refsource_VULNWATCH |
| http://online.securityfocus.com/archive/1/273584 | mailing-listx_refsource_BUGTRAQ |
| ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2… | x_refsource_MISC |
| http://www.iss.net/security_center/static/9150.php | vdb-entryx_refsource_XF |
Date Public
2002-05-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt",
"refsource": "MISC",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9150.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0885",
"datePublished": "2002-08-31T04:00:00.000Z",
"dateReserved": "2002-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1570 (GCVE-0-1999-1570)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-01 17:18
VLAI
Summary
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://online.securityfocus.com/archive/1/27074 | mailing-listx_refsource_BUGTRAQ |
| ftp://stage.caldera.com/pub/security/openserver/C… | vendor-advisoryx_refsource_CALDERA |
| http://www.securityfocus.com/bid/4089 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/8989.php | vdb-entryx_refsource_XF |
| http://marc.info/?l=vuln-dev&m=102098949103708&w=2 | mailing-listx_refsource_VULN-DEV |
Date Public
1999-09-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990909 19 SCO 5.0.5+Skunware98 buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"name": "CSSA-2002-SCO.17",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt"
},
{
"name": "4089",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4089"
},
{
"name": "openserver-sar-bo(8989)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"name": "20020509 Sar -o exploitation process info.",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-09-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990909 19 SCO 5.0.5+Skunware98 buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"name": "CSSA-2002-SCO.17",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt"
},
{
"name": "4089",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4089"
},
{
"name": "openserver-sar-bo(8989)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"name": "20020509 Sar -o exploitation process info.",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990909 19 SCO 5.0.5+Skunware98 buffer overflows",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"name": "CSSA-2002-SCO.17",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt"
},
{
"name": "4089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4089"
},
{
"name": "openserver-sar-bo(8989)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"name": "20020509 Sar -o exploitation process info.",
"refsource": "VULN-DEV",
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1570",
"datePublished": "2002-08-31T04:00:00.000Z",
"dateReserved": "2002-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-01T17:18:07.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0884 (GCVE-0-2002-0884)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/4791 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/vulnwatch/… | mailing-listx_refsource_VULNWATCH |
| http://online.securityfocus.com/archive/1/273584 | mailing-listx_refsource_BUGTRAQ |
| ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/9150.php | vdb-entryx_refsource_XF |
Date Public
2002-05-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "CSSA-2002-SCO.29",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "CSSA-2002-SCO.29",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "CSSA-2002-SCO.29",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9150.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0884",
"datePublished": "2002-08-31T04:00:00.000Z",
"dateReserved": "2002-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0827 (GCVE-0-2002-0827)
Vulnerability from cvelistv5 – Published: 2002-08-07 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/9380.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/5051 | vdb-entryx_refsource_BID |
| ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2… | vendor-advisoryx_refsource_CALDERA |
Date Public
2002-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ppptalk-local-elevated-privileges(9380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9380.php"
},
{
"name": "5051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5051"
},
{
"name": "CSSA-2002-SCO.27.txt",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.27/CSSA-2002-SCO.27.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-08-20T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ppptalk-local-elevated-privileges(9380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9380.php"
},
{
"name": "5051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5051"
},
{
"name": "CSSA-2002-SCO.27.txt",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.27/CSSA-2002-SCO.27.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ppptalk-local-elevated-privileges(9380)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9380.php"
},
{
"name": "5051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5051"
},
{
"name": "CSSA-2002-SCO.27.txt",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.27/CSSA-2002-SCO.27.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0827",
"datePublished": "2002-08-07T04:00:00.000Z",
"dateReserved": "2002-08-06T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0677 (GCVE-0-2002-0677)
Vulnerability from cvelistv5 – Published: 2002-07-12 04:00 – Updated: 2024-08-08 02:56
VLAI
Summary
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| ftp://patches.sgi.com/support/free/security/advis… | vendor-advisoryx_refsource_SGI |
| ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2… | vendor-advisoryx_refsource_CALDERA |
| http://www.cert.org/advisories/CA-2002-20.html | third-party-advisoryx_refsource_CERT |
| http://www.kb.cert.org/vuls/id/975403 | third-party-advisoryx_refsource_CERT-VN |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://marc.info/?l=bugtraq&m=102635906423617&w=2 | mailing-listx_refsource_BUGTRAQ |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2002-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:39.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021102-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
},
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "VU#975403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/975403"
},
{
"name": "oval:org.mitre.oval:def:15",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
},
{
"name": "oval:org.mitre.oval:def:91",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:1099",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021102-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
},
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "VU#975403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/975403"
},
{
"name": "oval:org.mitre.oval:def:15",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
},
{
"name": "oval:org.mitre.oval:def:91",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:1099",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021102-02-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
},
{
"name": "CSSA-2002-SCO.28",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "VU#975403",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/975403"
},
{
"name": "oval:org.mitre.oval:def:15",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
},
{
"name": "oval:org.mitre.oval:def:91",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:1099",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0677",
"datePublished": "2002-07-12T04:00:00.000Z",
"dateReserved": "2002-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:56:39.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1153 (GCVE-0-2001-1153)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:44
VLAI
Summary
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/20… | vendor-advisoryx_refsource_CALDERA |
| http://www.securityfocus.com/bid/3248 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/7041.php | vdb-entryx_refsource_XF |
Date Public
2001-08-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:08.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2001-SCO.15",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html"
},
{
"name": "3248",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3248"
},
{
"name": "openunix-lpsystem-bo(7041)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7041.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2001-SCO.15",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html"
},
{
"name": "3248",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3248"
},
{
"name": "openunix-lpsystem-bo(7041)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7041.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2001-SCO.15",
"refsource": "CALDERA",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html"
},
{
"name": "3248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3248"
},
{
"name": "openunix-lpsystem-bo(7041)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7041.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1153",
"datePublished": "2002-06-25T04:00:00.000Z",
"dateReserved": "2002-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:44:08.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1062 (GCVE-0-2001-1062)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:44
VLAI
Summary
Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| ftp://stage.caldera.com/pub/security/openserver/C… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/7034.php | vdb-entryx_refsource_XF |
Date Public
2001-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:06.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2001-SCO.12",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.12/CSSA-2001-SCO.12.txt"
},
{
"name": "openserver-mana-bo(7034)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7034.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-28T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2001-SCO.12",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.12/CSSA-2001-SCO.12.txt"
},
{
"name": "openserver-mana-bo(7034)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7034.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2001-SCO.12",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.12/CSSA-2001-SCO.12.txt"
},
{
"name": "openserver-mana-bo(7034)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7034.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1062",
"datePublished": "2002-06-25T04:00:00.000Z",
"dateReserved": "2002-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:44:06.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0004 (GCVE-0-2002-0004)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 02:35
VLAI
Summary
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/advisories/3969 | vendor-advisoryx_refsource_HP |
| http://www.debian.org/security/2002/dsa-102 | vendor-advisoryx_refsource_DEBIAN |
| http://www.redhat.com/support/errata/RHSA-2002-015.html | vendor-advisoryx_refsource_REDHAT |
| http://online.securityfocus.com/advisories/3833 | vendor-advisoryx_refsource_HP |
| http://marc.info/?l=bugtraq&m=101128661602088&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/3886 | vdb-entryx_refsource_BID |
| http://www.novell.com/linux/security/advisories/2… | vendor-advisoryx_refsource_SUSE |
| http://marc.info/?l=bugtraq&m=101147632721031&w=2 | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2002-01-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-16T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"refsource": "MANDRAKE",
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0004",
"datePublished": "2002-06-25T04:00:00.000Z",
"dateReserved": "2002-01-02T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}