Search Results (6022 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1090 2 Libesmtp, Redhat 3 Libesmtp, Enterprise Linux, Linux 2025-04-03 N/A
Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via long server responses.
CVE-2003-0022 2 Redhat, Rxvt 3 Enterprise Linux, Linux, Rxvt 2025-04-03 N/A
The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.
CVE-2003-0019 1 Redhat 1 Linux 2025-04-03 N/A
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
CVE-2003-0018 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2025-04-03 N/A
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
CVE-2002-0972 2 Postgresql, Redhat 3 Postgresql, Enterprise Linux, Linux 2025-04-03 N/A
Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
CVE-2002-0970 2 Kde, Redhat 4 Kde, Konqueror, Enterprise Linux and 1 more 2025-04-03 N/A
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
CVE-2002-0839 3 Apache, Debian, Redhat 6 Http Server, Debian Linux, Enterprise Linux and 3 more 2025-04-03 N/A
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.
CVE-2002-0836 3 Hp, Mandrakesoft, Redhat 4 Secure Os, Mandrake Linux, Enterprise Linux and 1 more 2025-04-03 N/A
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
CVE-2002-0822 2 Ethereal Group, Redhat 4 Ethereal, Enterprise Linux, Linux and 1 more 2025-04-03 N/A
Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump.
CVE-2002-0658 2 Ossp, Redhat 5 Mm, Enterprise Linux, Linux and 2 more 2025-04-03 N/A
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
CVE-2002-0400 2 Isc, Redhat 3 Bind, Enterprise Linux, Linux 2025-04-03 N/A
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
CVE-2002-0382 2 Redhat, Xchat 3 Enterprise Linux, Linux, Xchat 2025-04-03 N/A
XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters.
CVE-2002-1574 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2025-04-03 N/A
Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors.
CVE-2002-1573 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2025-04-03 N/A
Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling."
CVE-2002-1572 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2025-04-03 N/A
Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors.
CVE-2002-1510 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, X11r6 2025-04-03 N/A
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.
CVE-2002-1509 1 Redhat 2 Enterprise Linux, Linux 2025-04-03 N/A
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
CVE-2002-1508 2 Openldap, Redhat 3 Openldap, Enterprise Linux, Linux 2025-04-03 N/A
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.
CVE-2002-1472 2 Redhat, Xfree86 Project 2 Linux, X11r6 2025-04-03 N/A
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
CVE-2002-1467 2 Macromedia, Redhat 4 Flash Player, Shockwave, Enterprise Linux and 1 more 2025-04-03 N/A
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).