Search criteria
82 vulnerabilities by caldera
CVE-2014-2933 (GCVE-0-2014-2933)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI?
Summary
Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:45.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2933",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-04-21T00:00:00",
"dateUpdated": "2024-08-06T10:28:45.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2936 (GCVE-0-2014-2936)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI?
Summary
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67254",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67254"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-14T06:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "67254",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67254"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified parameter to (2) PPD/index.php, (3) dirmng/docmd.php, or (4) dirmng/param.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67254"
},
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2936",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-04-21T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2935 (GCVE-0-2014-2935)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI?
Summary
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67252",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67252"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-14T06:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "67252",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67252"
},
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67252",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67252"
},
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2935",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-04-21T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2934 (GCVE-0-2014-2934)
Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:28
VLAI?
Summary
Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#693092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/693092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#693092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2934",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-04-21T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1577 (GCVE-0-2001-1577)
Vulnerability from cvelistv5 – Published: 2005-08-05 04:00 – Updated: 2024-08-08 04:58
VLAI?
Summary
Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3646"
},
{
"name": "cde-xterm-gain-privileges(7666)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7666"
},
{
"name": "CSSA-2001-SCO.37",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3646"
},
{
"name": "cde-xterm-gain-privileges(7666)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7666"
},
{
"name": "CSSA-2001-SCO.37",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0017.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3646"
},
{
"name": "cde-xterm-gain-privileges(7666)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7666"
},
{
"name": "CSSA-2001-SCO.37",
"refsource": "CALDERA",
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0017.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1577",
"datePublished": "2005-08-05T04:00:00",
"dateReserved": "2005-08-05T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1576 (GCVE-0-2001-1576)
Vulnerability from cvelistv5 – Published: 2005-08-05 04:00 – Updated: 2024-09-16 23:05
VLAI?
Summary
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2001-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00404.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2001-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00404.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2001-SCO.3",
"refsource": "CALDERA",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/06/msg00404.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1576",
"datePublished": "2005-08-05T04:00:00Z",
"dateReserved": "2005-08-05T00:00:00Z",
"dateUpdated": "2024-09-16T23:05:29.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1478 (GCVE-0-2001-1478)
Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
VLAI?
Summary
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3555",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3555"
},
{
"name": "unixware-openunix-xlock-bo(7573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7573"
},
{
"name": "CSSA-2001-SCO.34",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/CSSA-2001-SCO.34.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3555",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3555"
},
{
"name": "unixware-openunix-xlock-bo(7573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7573"
},
{
"name": "CSSA-2001-SCO.34",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/CSSA-2001-SCO.34.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3555",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3555"
},
{
"name": "unixware-openunix-xlock-bo(7573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7573"
},
{
"name": "CSSA-2001-SCO.34",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/CSSA-2001-SCO.34.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1478",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T04:58:11.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1199 (GCVE-0-2002-1199)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47903",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "47903",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "47903",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1199",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-10-11T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1231 (GCVE-0-2002-1231)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6025",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6025"
},
{
"name": "openunix-unixware-rcp-dos(10425)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10425.php"
},
{
"name": "CSSA-2002-SCO.41",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6025",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6025"
},
{
"name": "openunix-unixware-rcp-dos(10425)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10425.php"
},
{
"name": "CSSA-2002-SCO.41",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6025",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6025"
},
{
"name": "openunix-unixware-rcp-dos(10425)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10425.php"
},
{
"name": "CSSA-2002-SCO.41",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1231",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-10-21T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0835 (GCVE-0-2002-0835)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-11-14T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0835",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-08-08T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0658 (GCVE-0-2003-0658)
Vulnerability from cvelistv5 – Published: 2003-09-03 04:00 – Updated: 2024-08-08 01:58
VLAI?
Summary
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:58:11.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:23:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0658"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0658",
"datePublished": "2003-09-03T04:00:00",
"dateReserved": "2003-08-06T00:00:00",
"dateUpdated": "2024-08-08T01:58:11.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0512 (GCVE-0-2002-0512)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kde-startkde-search-directory(8737)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8737.php"
},
{
"name": "4400",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4400"
},
{
"name": "CSSA-2002-005.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-08-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kde-startkde-search-directory(8737)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8737.php"
},
{
"name": "4400",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4400"
},
{
"name": "CSSA-2002-005.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kde-startkde-search-directory(8737)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8737.php"
},
{
"name": "4400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4400"
},
{
"name": "CSSA-2002-005.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-005.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0512",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0911 (GCVE-0-2002-0911)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-024.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt"
},
{
"name": "volution-manager-plaintext-password(9240)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9240.php"
},
{
"name": "4923",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-024.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt"
},
{
"name": "volution-manager-plaintext-password(9240)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9240.php"
},
{
"name": "4923",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-024.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-024.0.txt"
},
{
"name": "volution-manager-plaintext-password(9240)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9240.php"
},
{
"name": "4923",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0911",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0981 (GCVE-0-2002-0981)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-SCO.36",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.36/CSSA-2002-SCO.36.txt"
},
{
"name": "5551",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5551"
},
{
"name": "openunix-unixware-ndcfg-bo(9945)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9945.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-SCO.36",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.36/CSSA-2002-SCO.36.txt"
},
{
"name": "5551",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5551"
},
{
"name": "openunix-unixware-ndcfg-bo(9945)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9945.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-SCO.36",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.36/CSSA-2002-SCO.36.txt"
},
{
"name": "5551",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5551"
},
{
"name": "openunix-unixware-ndcfg-bo(9945)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9945.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0981",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-22T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0679 (GCVE-0-2002-0679)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
VLAI?
Summary
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:177",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177"
},
{
"name": "tooltalk-ttdbserverd-ttcreatefile-bo(9822)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9822.php"
},
{
"name": "20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102917002523536\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "5444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5444"
},
{
"name": "IY32792",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32792\u0026apar=only"
},
{
"name": "oval:org.mitre.oval:def:192",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity"
},
{
"name": "CA-2002-26",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-26.html"
},
{
"name": "IY32793",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32793\u0026apar=only"
},
{
"name": "VU#387387",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/387387"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-24T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:177",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177"
},
{
"name": "tooltalk-ttdbserverd-ttcreatefile-bo(9822)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9822.php"
},
{
"name": "20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102917002523536\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "5444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5444"
},
{
"name": "IY32792",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32792\u0026apar=only"
},
{
"name": "oval:org.mitre.oval:def:192",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity"
},
{
"name": "CA-2002-26",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-26.html"
},
{
"name": "IY32793",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32793\u0026apar=only"
},
{
"name": "VU#387387",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/387387"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:177",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A177"
},
{
"name": "tooltalk-ttdbserverd-ttcreatefile-bo(9822)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9822.php"
},
{
"name": "20020812 ENTERCEPT RICOCHET ADVISORY: Multi-Vendor CDE ToolTalk Database",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102917002523536\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "5444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5444"
},
{
"name": "IY32792",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32792\u0026apar=only"
},
{
"name": "oval:org.mitre.oval:def:192",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A192"
},
{
"name": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46366\u0026zone_32=category%3Asecurity"
},
{
"name": "CA-2002-26",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-26.html"
},
{
"name": "IY32793",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY32793\u0026apar=only"
},
{
"name": "VU#387387",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/387387"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0679",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-07-09T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0678 (GCVE-0-2002-0678)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
VLAI?
Summary
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "IY32368",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "IY32370",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "VU#299816",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/299816"
},
{
"name": "20021101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P"
},
{
"name": "oval:org.mitre.oval:def:175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175"
},
{
"name": "oval:org.mitre.oval:def:80",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80"
},
{
"name": "5083",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5083"
},
{
"name": "tooltalk-ttdbserverd-tttransaction-symlink(9527)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9527.php"
},
{
"name": "oval:org.mitre.oval:def:2770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-29T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "IY32368",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "IY32370",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "VU#299816",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/299816"
},
{
"name": "20021101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P"
},
{
"name": "oval:org.mitre.oval:def:175",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175"
},
{
"name": "oval:org.mitre.oval:def:80",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80"
},
{
"name": "5083",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5083"
},
{
"name": "tooltalk-ttdbserverd-tttransaction-symlink(9527)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9527.php"
},
{
"name": "oval:org.mitre.oval:def:2770",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-SCO.28",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "HPSBUX0207-199",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0207-199"
},
{
"name": "IY32368",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "IY32370",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/aix/2002-q3/0002.html"
},
{
"name": "VU#299816",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/299816"
},
{
"name": "20021101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P"
},
{
"name": "oval:org.mitre.oval:def:175",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A175"
},
{
"name": "oval:org.mitre.oval:def:80",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A80"
},
{
"name": "5083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5083"
},
{
"name": "tooltalk-ttdbserverd-tttransaction-symlink(9527)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9527.php"
},
{
"name": "oval:org.mitre.oval:def:2770",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0678",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-07-09T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0887 (GCVE-0-2002-0887)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010522 [SRT2001-10] - scoadmin /tmp issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99057164129869\u0026w=2"
},
{
"name": "openserver-scoadmin-symlink(9210)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9210.php"
},
{
"name": "4875",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4875"
},
{
"name": "CSSA-2002-SCO.22",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010522 [SRT2001-10] - scoadmin /tmp issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99057164129869\u0026w=2"
},
{
"name": "openserver-scoadmin-symlink(9210)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9210.php"
},
{
"name": "4875",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4875"
},
{
"name": "CSSA-2002-SCO.22",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010522 [SRT2001-10] - scoadmin /tmp issues",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=99057164129869\u0026w=2"
},
{
"name": "openserver-scoadmin-symlink(9210)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9210.php"
},
{
"name": "4875",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4875"
},
{
"name": "CSSA-2002-SCO.22",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.22/CSSA-2002-SCO.22.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0887",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0988 (GCVE-0-2002-0988)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5577"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "openunix-unixware-xsco-bo(9977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9977.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5577"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "openunix-unixware-xsco-bo(9977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9977.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5577"
},
{
"name": "CSSA-2002-SCO.38",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "openunix-unixware-xsco-bo(9977)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9977.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0988",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-26T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0442 (GCVE-0-2002-0442)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4273"
},
{
"name": "CSSA-2002-SCO.8",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/CSSA-2002-SCO.8.txt"
},
{
"name": "openserver-dlvraudit-bo(8442)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8442.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4273"
},
{
"name": "CSSA-2002-SCO.8",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/CSSA-2002-SCO.8.txt"
},
{
"name": "openserver-dlvraudit-bo(8442)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8442.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4273"
},
{
"name": "CSSA-2002-SCO.8",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/CSSA-2002-SCO.8.txt"
},
{
"name": "openserver-dlvraudit-bo(8442)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8442.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0442",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0246 (GCVE-0-2002-0246)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI?
Summary
Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020210 Unixware Message catalog exploit code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/255414"
},
{
"name": "unixware-msg-catalog-format-string(8113)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8113.php"
},
{
"name": "CSSA-2002-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt"
},
{
"name": "4060",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-05-09T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020210 Unixware Message catalog exploit code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/255414"
},
{
"name": "unixware-msg-catalog-format-string(8113)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8113.php"
},
{
"name": "CSSA-2002-SCO.3",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt"
},
{
"name": "4060",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020210 Unixware Message catalog exploit code",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/255414"
},
{
"name": "unixware-msg-catalog-format-string(8113)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8113.php"
},
{
"name": "CSSA-2002-SCO.3",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/CSSA-2002-SCO.3.txt"
},
{
"name": "4060",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0246",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:28.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1359 (GCVE-0-2001-1359)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "volution-authentication-failure-access(6672)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6672"
},
{
"name": "2850",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2850"
},
{
"name": "CSSA-2001-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "volution-authentication-failure-access(6672)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6672"
},
{
"name": "2850",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2850"
},
{
"name": "CSSA-2001-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "volution-authentication-failure-access(6672)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6672"
},
{
"name": "2850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2850"
},
{
"name": "CSSA-2001-021.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-021.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1359",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0987 (GCVE-0-2002-0987)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5044"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "5575",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5575"
},
{
"name": "openunix-unixware-xsco-privileges(9976)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9976.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5044"
},
{
"name": "CSSA-2002-SCO.38",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "5575",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5575"
},
{
"name": "openunix-unixware-xsco-privileges(9976)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9976.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5044",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5044"
},
{
"name": "CSSA-2002-SCO.38",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.38"
},
{
"name": "5575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5575"
},
{
"name": "openunix-unixware-xsco-privileges(9976)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9976.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0987",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-26T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0884 (GCVE-0-2002-0884)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "CSSA-2002-SCO.29",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "CSSA-2002-SCO.29",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "CSSA-2002-SCO.29",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9150.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0884",
"datePublished": "2002-08-31T04:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1570 (GCVE-0-1999-1570)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-01 17:18
VLAI?
Summary
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990909 19 SCO 5.0.5+Skunware98 buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"name": "CSSA-2002-SCO.17",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt"
},
{
"name": "4089",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4089"
},
{
"name": "openserver-sar-bo(8989)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"name": "20020509 Sar -o exploitation process info.",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-09-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990909 19 SCO 5.0.5+Skunware98 buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"name": "CSSA-2002-SCO.17",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt"
},
{
"name": "4089",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4089"
},
{
"name": "openserver-sar-bo(8989)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"name": "20020509 Sar -o exploitation process info.",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990909 19 SCO 5.0.5+Skunware98 buffer overflows",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/27074"
},
{
"name": "CSSA-2002-SCO.17",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt"
},
{
"name": "4089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4089"
},
{
"name": "openserver-sar-bo(8989)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8989.php"
},
{
"name": "20020509 Sar -o exploitation process info.",
"refsource": "VULN-DEV",
"url": "http://marc.info/?l=vuln-dev\u0026m=102098949103708\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1570",
"datePublished": "2002-08-31T04:00:00",
"dateReserved": "2002-06-11T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0885 (GCVE-0-2002-0885)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9150.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4791"
},
{
"name": "20020521 [VulnWatch] [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0074.html"
},
{
"name": "20020522 [DER Adv #7] - Multiple Vulnerabilities in solaris in.rarpd",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/273584"
},
{
"name": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt",
"refsource": "MISC",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.29/CSSA-2002-SCO.29.txt"
},
{
"name": "solaris-inrarpd-code-execution(9150)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9150.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0885",
"datePublished": "2002-08-31T04:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0827 (GCVE-0-2002-0827)
Vulnerability from cvelistv5 – Published: 2002-08-07 04:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ppptalk-local-elevated-privileges(9380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9380.php"
},
{
"name": "5051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5051"
},
{
"name": "CSSA-2002-SCO.27.txt",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.27/CSSA-2002-SCO.27.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-08-20T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ppptalk-local-elevated-privileges(9380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9380.php"
},
{
"name": "5051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5051"
},
{
"name": "CSSA-2002-SCO.27.txt",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.27/CSSA-2002-SCO.27.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ppptalk-local-elevated-privileges(9380)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9380.php"
},
{
"name": "5051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5051"
},
{
"name": "CSSA-2002-SCO.27.txt",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.27/CSSA-2002-SCO.27.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0827",
"datePublished": "2002-08-07T04:00:00",
"dateReserved": "2002-08-06T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0677 (GCVE-0-2002-0677)
Vulnerability from cvelistv5 – Published: 2002-07-12 04:00 – Updated: 2024-08-08 02:56
VLAI?
Summary
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:39.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021102-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
},
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "VU#975403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/975403"
},
{
"name": "oval:org.mitre.oval:def:15",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
},
{
"name": "oval:org.mitre.oval:def:91",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:1099",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021102-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
},
{
"name": "CSSA-2002-SCO.28",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "VU#975403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/975403"
},
{
"name": "oval:org.mitre.oval:def:15",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
},
{
"name": "oval:org.mitre.oval:def:91",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:1099",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021102-02-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P"
},
{
"name": "CSSA-2002-SCO.28",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt"
},
{
"name": "CA-2002-20",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-20.html"
},
{
"name": "VU#975403",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/975403"
},
{
"name": "oval:org.mitre.oval:def:15",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15"
},
{
"name": "oval:org.mitre.oval:def:91",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A91"
},
{
"name": "20020710 [CORE-20020528] Multiple vulnerabilities in ToolTalk Database server",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102635906423617\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:1099",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0677",
"datePublished": "2002-07-12T04:00:00",
"dateReserved": "2002-07-09T00:00:00",
"dateUpdated": "2024-08-08T02:56:39.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0869 (GCVE-0-2001-0869)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:37
VLAI?
Summary
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"name": "CSSA-2001-040.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"name": "RHSA-2001:151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"name": "3498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3498"
},
{
"name": "SuSE-SA:2001:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"name": "cyrus-sasl-format-string(7443)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
},
{
"name": "FreeBSD-SA-02:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"name": "CLA-2001:444",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"name": "MDKSA-2002:018",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-16T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"name": "CSSA-2001-040.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"name": "RHSA-2001:151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"name": "3498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3498"
},
{
"name": "SuSE-SA:2001:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"name": "cyrus-sasl-format-string(7443)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
},
{
"name": "FreeBSD-SA-02:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"name": "CLA-2001:444",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"name": "MDKSA-2002:018",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0869",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:150",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"name": "CSSA-2001-040.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"name": "RHSA-2001:151",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"name": "3498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3498"
},
{
"name": "SuSE-SA:2001:042",
"refsource": "SUSE",
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"name": "cyrus-sasl-format-string(7443)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
},
{
"name": "FreeBSD-SA-02:15",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"name": "CLA-2001:444",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"name": "MDKSA-2002:018",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0869",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2001-11-29T00:00:00",
"dateUpdated": "2024-08-08T04:37:06.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1153 (GCVE-0-2001-1153)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:44
VLAI?
Summary
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:08.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2001-SCO.15",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html"
},
{
"name": "3248",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3248"
},
{
"name": "openunix-lpsystem-bo(7041)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7041.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2001-SCO.15",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html"
},
{
"name": "3248",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3248"
},
{
"name": "openunix-lpsystem-bo(7041)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7041.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2001-SCO.15",
"refsource": "CALDERA",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html"
},
{
"name": "3248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3248"
},
{
"name": "openunix-lpsystem-bo(7041)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7041.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1153",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:08.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1062 (GCVE-0-2001-1062)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:44
VLAI?
Summary
Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:06.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2001-SCO.12",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.12/CSSA-2001-SCO.12.txt"
},
{
"name": "openserver-mana-bo(7034)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7034.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-28T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2001-SCO.12",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.12/CSSA-2001-SCO.12.txt"
},
{
"name": "openserver-mana-bo(7034)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7034.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2001-SCO.12",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.12/CSSA-2001-SCO.12.txt"
},
{
"name": "openserver-mana-bo(7034)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7034.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1062",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:44:06.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}