Search criteria
8 vulnerabilities by engardelinux
CVE-2004-0535 (GCVE-0-2004-0535)
Vulnerability from cvelistv5 – Published: 2004-06-08 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10352"
},
{
"name": "RHSA-2004:413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
},
{
"name": "FEDORA-2004-186",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/91155/"
},
{
"name": "CLA-2004:845",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
},
{
"name": "MDKSA-2004:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
},
{
"name": "linux-e1000-bo(16159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
},
{
"name": "20040804-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
},
{
"name": "GLSA-200407-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
},
{
"name": "oval:org.mitre.oval:def:11136",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
},
{
"name": "SUSE-SA:2004:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10352"
},
{
"name": "RHSA-2004:413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
},
{
"name": "FEDORA-2004-186",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/91155/"
},
{
"name": "CLA-2004:845",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
},
{
"name": "MDKSA-2004:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
},
{
"name": "linux-e1000-bo(16159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
},
{
"name": "20040804-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
},
{
"name": "GLSA-200407-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
},
{
"name": "oval:org.mitre.oval:def:11136",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
},
{
"name": "SUSE-SA:2004:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0535",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10352"
},
{
"name": "RHSA-2004:413",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
},
{
"name": "FEDORA-2004-186",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/91155/"
},
{
"name": "CLA-2004:845",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
},
{
"name": "MDKSA-2004:062",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
},
{
"name": "linux-e1000-bo(16159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
},
{
"name": "20040804-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
},
{
"name": "GLSA-200407-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
},
{
"name": "oval:org.mitre.oval:def:11136",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
},
{
"name": "SUSE-SA:2004:020",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0535",
"datePublished": "2004-06-08T04:00:00",
"dateReserved": "2004-06-04T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0962 (GCVE-0-2003-0962)
Vulnerability from cvelistv5 – Published: 2003-12-10 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20031204 rsync security advisory (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"name": "2003-0048",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"name": "10362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10362"
},
{
"name": "10364",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10364"
},
{
"name": "10354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10354"
},
{
"name": "linux-rsync-heap-overflow(13899)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"name": "10363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10363"
},
{
"name": "10353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10353"
},
{
"name": "10357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10357"
},
{
"name": "10355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10355"
},
{
"name": "VU#325603",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"name": "10358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10358"
},
{
"name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"name": "10360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10360"
},
{
"name": "10361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10361"
},
{
"name": "CLA-2003:794",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"name": "10474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10474"
},
{
"name": "20031202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"name": "oval:org.mitre.oval:def:9415",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
},
{
"name": "RHSA-2003:398",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"name": "10356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10356"
},
{
"name": "2898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/2898"
},
{
"name": "MDKSA-2003:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"name": "9153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9153"
},
{
"name": "10359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10359"
},
{
"name": "10378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20031204 rsync security advisory (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"name": "2003-0048",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"name": "10362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10362"
},
{
"name": "10364",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10364"
},
{
"name": "10354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10354"
},
{
"name": "linux-rsync-heap-overflow(13899)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"name": "10363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10363"
},
{
"name": "10353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10353"
},
{
"name": "10357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10357"
},
{
"name": "10355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10355"
},
{
"name": "VU#325603",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"name": "10358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10358"
},
{
"name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"name": "10360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10360"
},
{
"name": "10361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10361"
},
{
"name": "CLA-2003:794",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"name": "10474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10474"
},
{
"name": "20031202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"name": "oval:org.mitre.oval:def:9415",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
},
{
"name": "RHSA-2003:398",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"name": "10356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10356"
},
{
"name": "2898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/2898"
},
{
"name": "MDKSA-2003:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"name": "9153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9153"
},
{
"name": "10359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10359"
},
{
"name": "10378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20031204 rsync security advisory (fwd)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"name": "2003-0048",
"refsource": "TRUSTIX",
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"name": "10362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10362"
},
{
"name": "10364",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10364"
},
{
"name": "10354",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10354"
},
{
"name": "linux-rsync-heap-overflow(13899)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"name": "10363",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10363"
},
{
"name": "10353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10353"
},
{
"name": "10357",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10357"
},
{
"name": "10355",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10355"
},
{
"name": "VU#325603",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"name": "10358",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10358"
},
{
"name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"name": "10360",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10360"
},
{
"name": "10361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10361"
},
{
"name": "CLA-2003:794",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"name": "10474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10474"
},
{
"name": "20031202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"name": "oval:org.mitre.oval:def:9415",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
},
{
"name": "RHSA-2003:398",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"name": "10356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10356"
},
{
"name": "2898",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2898"
},
{
"name": "MDKSA-2003:111",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"name": "9153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9153"
},
{
"name": "10359",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10359"
},
{
"name": "10378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0962",
"datePublished": "2003-12-10T05:00:00",
"dateReserved": "2003-11-26T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0101 (GCVE-0-2003-0101)
Vulnerability from cvelistv5 – Published: 2003-02-26 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-319",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-319"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-2886.html"
},
{
"name": "20030224 GLSA: usermin (200302-14)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104610336226274\u0026w=2"
},
{
"name": "N-058",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-058.shtml"
},
{
"name": "8163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8163"
},
{
"name": "MDKSA-2003:025",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:025"
},
{
"name": "HPSBUX0303-250",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2003-q1/0063.html"
},
{
"name": "8115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8115"
},
{
"name": "1006160",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006160"
},
{
"name": "20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability \"Episode 2\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104610300325629\u0026w=2"
},
{
"name": "ESA-20030225-006",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/linux/engarde/2003-q1/0008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://marc.info/?l=webmin-announce\u0026m=104587858408101\u0026w=2"
},
{
"name": "20030224 Webmin 1.050 - 1.060 remote exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104610245624895\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lac.co.jp/security/english/snsadv_e/62_e.html"
},
{
"name": "20030602-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030602-01-I"
},
{
"name": "webmin-usermin-root-access(11390)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/11390.php"
},
{
"name": "6915",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6915"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-319",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-319"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-2886.html"
},
{
"name": "20030224 GLSA: usermin (200302-14)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104610336226274\u0026w=2"
},
{
"name": "N-058",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-058.shtml"
},
{
"name": "8163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8163"
},
{
"name": "MDKSA-2003:025",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:025"
},
{
"name": "HPSBUX0303-250",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2003-q1/0063.html"
},
{
"name": "8115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8115"
},
{
"name": "1006160",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006160"
},
{
"name": "20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability \"Episode 2\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104610300325629\u0026w=2"
},
{
"name": "ESA-20030225-006",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://archives.neohapsis.com/archives/linux/engarde/2003-q1/0008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://marc.info/?l=webmin-announce\u0026m=104587858408101\u0026w=2"
},
{
"name": "20030224 Webmin 1.050 - 1.060 remote exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104610245624895\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lac.co.jp/security/english/snsadv_e/62_e.html"
},
{
"name": "20030602-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030602-01-I"
},
{
"name": "webmin-usermin-root-access(11390)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/11390.php"
},
{
"name": "6915",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6915"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-319",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-319"
},
{
"name": "http://www.linuxsecurity.com/advisories/gentoo_advisory-2886.html",
"refsource": "CONFIRM",
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-2886.html"
},
{
"name": "20030224 GLSA: usermin (200302-14)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104610336226274\u0026w=2"
},
{
"name": "N-058",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-058.shtml"
},
{
"name": "8163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8163"
},
{
"name": "MDKSA-2003:025",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:025"
},
{
"name": "HPSBUX0303-250",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2003-q1/0063.html"
},
{
"name": "8115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8115"
},
{
"name": "1006160",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006160"
},
{
"name": "20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability \"Episode 2\"",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104610300325629\u0026w=2"
},
{
"name": "ESA-20030225-006",
"refsource": "ENGARDE",
"url": "http://archives.neohapsis.com/archives/linux/engarde/2003-q1/0008.html"
},
{
"name": "http://marc.info/?l=webmin-announce\u0026m=104587858408101\u0026w=2",
"refsource": "CONFIRM",
"url": "http://marc.info/?l=webmin-announce\u0026m=104587858408101\u0026w=2"
},
{
"name": "20030224 Webmin 1.050 - 1.060 remote exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104610245624895\u0026w=2"
},
{
"name": "http://www.lac.co.jp/security/english/snsadv_e/62_e.html",
"refsource": "MISC",
"url": "http://www.lac.co.jp/security/english/snsadv_e/62_e.html"
},
{
"name": "20030602-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030602-01-I"
},
{
"name": "webmin-usermin-root-access(11390)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11390.php"
},
{
"name": "6915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6915"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0101",
"datePublished": "2003-02-26T05:00:00",
"dateReserved": "2003-02-24T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0083 (GCVE-0-2002-0083)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020311 TSLSA-2002-0039 - openssh",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
},
{
"name": "CSSA-2002-SCO.10",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
},
{
"name": "730",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/730"
},
{
"name": "4241",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4241"
},
{
"name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
},
{
"name": "CSSA-2002-SCO.11",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
},
{
"name": "HPSBTL0203-029",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3960"
},
{
"name": "DSA-119",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-119"
},
{
"name": "SuSE-SA:2002:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
},
{
"name": "CSSA-2002-012.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
},
{
"name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
},
{
"name": "ESA-20020307-007",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
},
{
"name": "CLA-2002:467",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
},
{
"name": "NetBSD-SA2002-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
},
{
"name": "FreeBSD-SA-02:13",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
},
{
"name": "20020307 OpenSSH Security Advisory (adv.channelalloc)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
},
{
"name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
},
{
"name": "MDKSA-2002:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
},
{
"name": "RHSA-2002:043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
},
{
"name": "openssh-channel-error(8383)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8383.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
},
{
"name": "20020328 OpenSSH channel_lookup() off by one exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/264657"
},
{
"name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-16T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020311 TSLSA-2002-0039 - openssh",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
},
{
"name": "CSSA-2002-SCO.10",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
},
{
"name": "730",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/730"
},
{
"name": "4241",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4241"
},
{
"name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
},
{
"name": "CSSA-2002-SCO.11",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
},
{
"name": "HPSBTL0203-029",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3960"
},
{
"name": "DSA-119",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-119"
},
{
"name": "SuSE-SA:2002:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
},
{
"name": "CSSA-2002-012.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
},
{
"name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
},
{
"name": "ESA-20020307-007",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
},
{
"name": "CLA-2002:467",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
},
{
"name": "NetBSD-SA2002-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
},
{
"name": "FreeBSD-SA-02:13",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
},
{
"name": "20020307 OpenSSH Security Advisory (adv.channelalloc)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
},
{
"name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
},
{
"name": "MDKSA-2002:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
},
{
"name": "RHSA-2002:043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
},
{
"name": "openssh-channel-error(8383)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8383.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
},
{
"name": "20020328 OpenSSH channel_lookup() off by one exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/264657"
},
{
"name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020311 TSLSA-2002-0039 - openssh",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
},
{
"name": "CSSA-2002-SCO.10",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
},
{
"name": "730",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/730"
},
{
"name": "4241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4241"
},
{
"name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
},
{
"name": "CSSA-2002-SCO.11",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
},
{
"name": "HPSBTL0203-029",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3960"
},
{
"name": "DSA-119",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-119"
},
{
"name": "SuSE-SA:2002:009",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
},
{
"name": "CSSA-2002-012.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
},
{
"name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
},
{
"name": "ESA-20020307-007",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
},
{
"name": "CLA-2002:467",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
},
{
"name": "NetBSD-SA2002-004",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
},
{
"name": "FreeBSD-SA-02:13",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
},
{
"name": "20020307 OpenSSH Security Advisory (adv.channelalloc)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
},
{
"name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
},
{
"name": "MDKSA-2002:019",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
},
{
"name": "RHSA-2002:043",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
},
{
"name": "openssh-channel-error(8383)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8383.php"
},
{
"name": "http://www.openbsd.org/advisories/ssh_channelalloc.txt",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
},
{
"name": "20020328 OpenSSH channel_lookup() off by one exploit",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/264657"
},
{
"name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0083",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-03-06T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0002 (GCVE-0-2002-0002)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3748"
},
{
"name": "MDKSA-2002:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"name": "20020102 Stunnel: Format String Bug update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"name": "stunnel-client-format-string(7741)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://stunnel.mirt.net/news.html"
},
{
"name": "RHSA-2002:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"name": "20011227 Stunnel: Format String Bug in versions \u003c3.22",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/247427"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"name": "3748",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3748"
},
{
"name": "MDKSA-2002:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"name": "20020102 Stunnel: Format String Bug update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"name": "stunnel-client-format-string(7741)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://stunnel.mirt.net/news.html"
},
{
"name": "RHSA-2002:002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"name": "20011227 Stunnel: Format String Bug in versions \u003c3.22",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/247427"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2"
},
{
"name": "3748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3748"
},
{
"name": "MDKSA-2002:004",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3"
},
{
"name": "20020102 Stunnel: Format String Bug update",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/248149"
},
{
"name": "stunnel-client-format-string(7741)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741"
},
{
"name": "http://stunnel.mirt.net/news.html",
"refsource": "CONFIRM",
"url": "http://stunnel.mirt.net/news.html"
},
{
"name": "RHSA-2002:002",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-002.html"
},
{
"name": "20011227 Stunnel: Format String Bug in versions \u003c3.22",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/247427"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0002",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-01-02T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1240 (GCVE-0-2001-1240)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ESA-20010711-02",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1493.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-05-09T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ESA-20010711-02",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1493.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1240",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ESA-20010711-02",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1493.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1240",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0739 (GCVE-0-2001-0739)
Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:30
VLAI?
Summary
Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ESA-20010529-02",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1404.html"
},
{
"name": "RHSA-2001:126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-126.html"
},
{
"name": "linux-webtool-inherit-privileges(7404)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ESA-20010529-02",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1404.html"
},
{
"name": "RHSA-2001:126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-126.html"
},
{
"name": "linux-webtool-inherit-privileges(7404)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ESA-20010529-02",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1404.html"
},
{
"name": "RHSA-2001:126",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-126.html"
},
{
"name": "linux-webtool-inherit-privileges(7404)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0739",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0736 (GCVE-0-2001-0736)
Vulnerability from cvelistv5 – Published: 2001-10-12 04:00 – Updated: 2024-08-08 04:30
VLAI?
Summary
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010416 Immunix OS Security update for pine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
},
{
"name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
},
{
"name": "MDKSA-2001:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
},
{
"name": "RHSA-2001:042",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
},
{
"name": "pine-tmp-file-symlink(6367)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010416 Immunix OS Security update for pine",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
},
{
"name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
},
{
"name": "MDKSA-2001:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
},
{
"name": "RHSA-2001:042",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
},
{
"name": "pine-tmp-file-symlink(6367)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010416 Immunix OS Security update for pine",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
},
{
"name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
},
{
"name": "MDKSA-2001:047",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
},
{
"name": "RHSA-2001:042",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
},
{
"name": "pine-tmp-file-symlink(6367)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0736",
"datePublished": "2001-10-12T04:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}