Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for secure_os by hp

    CVE-2001-1563 (GCVE-0-2001-1563)

    Vulnerability from cvelistv5 – Published: 2005-07-14 04:00 – Updated: 2024-08-08 04:58
    VLAI
    Summary
    Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:58:11.400Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tomcat-unspecified-unauthorized-access(42892)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
              },
              {
                "name": "HPSBTL0112-004",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources.  NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "tomcat-unspecified-unauthorized-access(42892)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
            },
            {
              "name": "HPSBTL0112-004",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1563",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources.  NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tomcat-unspecified-unauthorized-access(42892)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
                },
                {
                  "name": "HPSBTL0112-004",
                  "refsource": "HP",
                  "url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1563",
        "datePublished": "2005-07-14T04:00:00.000Z",
        "dateReserved": "2005-07-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:58:11.400Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1506 (GCVE-0-2001-1506)

    Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
    VLAI
    Summary
    Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/3468 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://online.securityfocus.com/advisories/3618 vendor-advisoryx_refsource_HP
    Date Public
    2001-10-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:58:11.626Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3468",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3468"
              },
              {
                "name": "hp-secure-unauth-privileges(7342)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
              },
              {
                "name": "HPSBTL0110-001",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/3618"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-10-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3468",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3468"
            },
            {
              "name": "hp-secure-unauth-privileges(7342)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
            },
            {
              "name": "HPSBTL0110-001",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/3618"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1506",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3468",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3468"
                },
                {
                  "name": "hp-secure-unauth-privileges(7342)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
                },
                {
                  "name": "HPSBTL0110-001",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/3618"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1506",
        "datePublished": "2005-06-21T04:00:00.000Z",
        "dateReserved": "2005-06-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:58:11.626Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0835 (GCVE-0-2002-0835)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/5596 vdb-entryx_refsource_BID
    ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… vendor-advisoryx_refsource_CALDERA
    http://www.iss.net/security_center/static/10003.php vdb-entryx_refsource_XF
    http://online.securityfocus.com/advisories/4449 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2002-162.html vendor-advisoryx_refsource_REDHAT
    http://www.redhat.com/support/errata/RHSA-2002-165.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2002-08-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:49.217Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5596",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5596"
              },
              {
                "name": "CSSA-2002-044.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
              },
              {
                "name": "pxe-dhcp-dos(10003)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10003.php"
              },
              {
                "name": "HPSBTL0209-066",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/4449"
              },
              {
                "name": "RHSA-2002:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
              },
              {
                "name": "RHSA-2002:165",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-11-14T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5596",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5596"
            },
            {
              "name": "CSSA-2002-044.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
            },
            {
              "name": "pxe-dhcp-dos(10003)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10003.php"
            },
            {
              "name": "HPSBTL0209-066",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/4449"
            },
            {
              "name": "RHSA-2002:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
            },
            {
              "name": "RHSA-2002:165",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0835",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5596",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5596"
                },
                {
                  "name": "CSSA-2002-044.0",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
                },
                {
                  "name": "pxe-dhcp-dos(10003)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10003.php"
                },
                {
                  "name": "HPSBTL0209-066",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/4449"
                },
                {
                  "name": "RHSA-2002:162",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
                },
                {
                  "name": "RHSA-2002:165",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0835",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-08-08T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:49.217Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0836 (GCVE-0-2002-0836)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=103497852330838&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/5978 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=104005975415582&w=2 mailing-listx_refsource_BUGTRAQ
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.kb.cert.org/vuls/id/169841 third-party-advisoryx_refsource_CERT-VN
    http://www.debian.org/security/2002/dsa-207 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/advisories/4567 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2002-195.html vendor-advisoryx_refsource_REDHAT
    http://www.iss.net/security_center/static/10365.php vdb-entryx_refsource_XF
    http://www.redhat.com/support/errata/RHSA-2002-194.html vendor-advisoryx_refsource_REDHAT
    http://www.linux-mandrake.com/en/security/2002/MD… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2002-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:49.020Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20021018 GLSA: tetex",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
              },
              {
                "name": "5978",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5978"
              },
              {
                "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
              },
              {
                "name": "CLA-2002:537",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
              },
              {
                "name": "VU#169841",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/169841"
              },
              {
                "name": "DSA-207",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2002/dsa-207"
              },
              {
                "name": "HPSBTL0210-073",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/4567"
              },
              {
                "name": "RHSA-2002:195",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
              },
              {
                "name": "dvips-system-execute-commands(10365)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10365.php"
              },
              {
                "name": "RHSA-2002:194",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
              },
              {
                "name": "MDKSA-2002:070",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-07-25T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20021018 GLSA: tetex",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
            },
            {
              "name": "5978",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5978"
            },
            {
              "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
            },
            {
              "name": "CLA-2002:537",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
            },
            {
              "name": "VU#169841",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/169841"
            },
            {
              "name": "DSA-207",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2002/dsa-207"
            },
            {
              "name": "HPSBTL0210-073",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/advisories/4567"
            },
            {
              "name": "RHSA-2002:195",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
            },
            {
              "name": "dvips-system-execute-commands(10365)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10365.php"
            },
            {
              "name": "RHSA-2002:194",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
            },
            {
              "name": "MDKSA-2002:070",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0836",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20021018 GLSA: tetex",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
                },
                {
                  "name": "5978",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5978"
                },
                {
                  "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
                },
                {
                  "name": "CLA-2002:537",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
                },
                {
                  "name": "VU#169841",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/169841"
                },
                {
                  "name": "DSA-207",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2002/dsa-207"
                },
                {
                  "name": "HPSBTL0210-073",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/advisories/4567"
                },
                {
                  "name": "RHSA-2002:195",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
                },
                {
                  "name": "dvips-system-execute-commands(10365)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10365.php"
                },
                {
                  "name": "RHSA-2002:194",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
                },
                {
                  "name": "MDKSA-2002:070",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0836",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-08-08T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:49.020Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1232 (GCVE-0-2002-1232)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
    VLAI
    Summary
    Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://online.securityfocus.com/advisories/4605 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2003-229.html vendor-advisoryx_refsource_REDHAT
    ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… vendor-advisoryx_refsource_CALDERA
    http://www.debian.org/security/2002/dsa-180 vendor-advisoryx_refsource_DEBIAN
    http://www.redhat.com/support/errata/RHSA-2002-224.html vendor-advisoryx_refsource_REDHAT
    http://www.linux-mandrake.com/en/security/2002/MD… vendor-advisoryx_refsource_MANDRAKE
    http://www.iss.net/security_center/static/10423.php vdb-entryx_refsource_XF
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.redhat.com/support/errata/RHSA-2002-223.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/6016 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=103582692228894&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2002-10-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:19:28.137Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBTL0210-074",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/4605"
              },
              {
                "name": "RHSA-2003:229",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
              },
              {
                "name": "CSSA-2002-054.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
              },
              {
                "name": "DSA-180",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2002/dsa-180"
              },
              {
                "name": "RHSA-2002:224",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
              },
              {
                "name": "MDKSA-2002:078",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
              },
              {
                "name": "ypserv-map-memory-leak(10423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10423.php"
              },
              {
                "name": "CLA-2002:539",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
              },
              {
                "name": "RHSA-2002:223",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
              },
              {
                "name": "6016",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6016"
              },
              {
                "name": "20021028 GLSA: ypserv",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-18T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "HPSBTL0210-074",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/4605"
            },
            {
              "name": "RHSA-2003:229",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
            },
            {
              "name": "CSSA-2002-054.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
            },
            {
              "name": "DSA-180",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2002/dsa-180"
            },
            {
              "name": "RHSA-2002:224",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
            },
            {
              "name": "MDKSA-2002:078",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
            },
            {
              "name": "ypserv-map-memory-leak(10423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10423.php"
            },
            {
              "name": "CLA-2002:539",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
            },
            {
              "name": "RHSA-2002:223",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
            },
            {
              "name": "6016",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6016"
            },
            {
              "name": "20021028 GLSA: ypserv",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1232",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBTL0210-074",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/4605"
                },
                {
                  "name": "RHSA-2003:229",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
                },
                {
                  "name": "CSSA-2002-054.0",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
                },
                {
                  "name": "DSA-180",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2002/dsa-180"
                },
                {
                  "name": "RHSA-2002:224",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
                },
                {
                  "name": "MDKSA-2002:078",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
                },
                {
                  "name": "ypserv-map-memory-leak(10423)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10423.php"
                },
                {
                  "name": "CLA-2002:539",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
                },
                {
                  "name": "RHSA-2002:223",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
                },
                {
                  "name": "6016",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6016"
                },
                {
                  "name": "20021028 GLSA: ypserv",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1232",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:19:28.137Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0638 (GCVE-0-2002-0638)

    Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
    VLAI
    Summary
    setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… vendor-advisoryx_refsource_CALDERA
    http://www.securityfocus.com/bid/5344 vdb-entryx_refsource_BID
    http://www.iss.net/security_center/static/9709.php vdb-entryx_refsource_XF
    http://www.linux-mandrake.com/en/security/2002/MD… vendor-advisoryx_refsource_MANDRAKE
    http://rhn.redhat.com/errata/RHSA-2002-132.html vendor-advisoryx_refsource_REDHAT
    http://www.kb.cert.org/vuls/id/405955 third-party-advisoryx_refsource_CERT-VN
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_VULNWATCH
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://online.securityfocus.com/advisories/4320 vendor-advisoryx_refsource_HP
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=102795787713996&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2002-137.html vendor-advisoryx_refsource_REDHAT
    http://www.osvdb.org/5164 vdb-entryx_refsource_OSVDB
    Date Public
    2002-07-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:56:38.516Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "CSSA-2002-043.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
              },
              {
                "name": "5344",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5344"
              },
              {
                "name": "utillinux-chfn-race-condition(9709)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9709.php"
              },
              {
                "name": "MDKSA-2002:047",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
              },
              {
                "name": "RHSA-2002:132",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
              },
              {
                "name": "VU#405955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/405955"
              },
              {
                "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
              },
              {
                "name": "CLA-2002:523",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
              },
              {
                "name": "HPSBTL0207-054",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/4320"
              },
              {
                "name": "20020730 TSLSA-2002-0064 - util-linux",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
              },
              {
                "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
              },
              {
                "name": "RHSA-2002:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
              },
              {
                "name": "5164",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/5164"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-07-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "CSSA-2002-043.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
            },
            {
              "name": "5344",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5344"
            },
            {
              "name": "utillinux-chfn-race-condition(9709)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9709.php"
            },
            {
              "name": "MDKSA-2002:047",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
            },
            {
              "name": "RHSA-2002:132",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
            },
            {
              "name": "VU#405955",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/405955"
            },
            {
              "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
            },
            {
              "name": "CLA-2002:523",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
            },
            {
              "name": "HPSBTL0207-054",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/4320"
            },
            {
              "name": "20020730 TSLSA-2002-0064 - util-linux",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
            },
            {
              "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
            },
            {
              "name": "RHSA-2002:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
            },
            {
              "name": "5164",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/5164"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0638",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "CSSA-2002-043.0",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
                },
                {
                  "name": "5344",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5344"
                },
                {
                  "name": "utillinux-chfn-race-condition(9709)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9709.php"
                },
                {
                  "name": "MDKSA-2002:047",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
                },
                {
                  "name": "RHSA-2002:132",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
                },
                {
                  "name": "VU#405955",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/405955"
                },
                {
                  "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
                },
                {
                  "name": "CLA-2002:523",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
                },
                {
                  "name": "HPSBTL0207-054",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/4320"
                },
                {
                  "name": "20020730 TSLSA-2002-0064 - util-linux",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
                },
                {
                  "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
                },
                {
                  "name": "RHSA-2002:137",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
                },
                {
                  "name": "5164",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/5164"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0638",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-06-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:56:38.516Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1232 (GCVE-0-2002-1232)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
    VLAI
    Summary
    Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://online.securityfocus.com/advisories/4605 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2003-229.html vendor-advisoryx_refsource_REDHAT
    ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… vendor-advisoryx_refsource_CALDERA
    http://www.debian.org/security/2002/dsa-180 vendor-advisoryx_refsource_DEBIAN
    http://www.redhat.com/support/errata/RHSA-2002-224.html vendor-advisoryx_refsource_REDHAT
    http://www.linux-mandrake.com/en/security/2002/MD… vendor-advisoryx_refsource_MANDRAKE
    http://www.iss.net/security_center/static/10423.php vdb-entryx_refsource_XF
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.redhat.com/support/errata/RHSA-2002-223.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/6016 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=103582692228894&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    2002-10-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:19:28.137Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBTL0210-074",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/4605"
              },
              {
                "name": "RHSA-2003:229",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
              },
              {
                "name": "CSSA-2002-054.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
              },
              {
                "name": "DSA-180",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2002/dsa-180"
              },
              {
                "name": "RHSA-2002:224",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
              },
              {
                "name": "MDKSA-2002:078",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
              },
              {
                "name": "ypserv-map-memory-leak(10423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10423.php"
              },
              {
                "name": "CLA-2002:539",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
              },
              {
                "name": "RHSA-2002:223",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
              },
              {
                "name": "6016",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6016"
              },
              {
                "name": "20021028 GLSA: ypserv",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-18T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "HPSBTL0210-074",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/4605"
            },
            {
              "name": "RHSA-2003:229",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
            },
            {
              "name": "CSSA-2002-054.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
            },
            {
              "name": "DSA-180",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2002/dsa-180"
            },
            {
              "name": "RHSA-2002:224",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
            },
            {
              "name": "MDKSA-2002:078",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
            },
            {
              "name": "ypserv-map-memory-leak(10423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10423.php"
            },
            {
              "name": "CLA-2002:539",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
            },
            {
              "name": "RHSA-2002:223",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
            },
            {
              "name": "6016",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6016"
            },
            {
              "name": "20021028 GLSA: ypserv",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1232",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBTL0210-074",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/4605"
                },
                {
                  "name": "RHSA-2003:229",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
                },
                {
                  "name": "CSSA-2002-054.0",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
                },
                {
                  "name": "DSA-180",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2002/dsa-180"
                },
                {
                  "name": "RHSA-2002:224",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
                },
                {
                  "name": "MDKSA-2002:078",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
                },
                {
                  "name": "ypserv-map-memory-leak(10423)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10423.php"
                },
                {
                  "name": "CLA-2002:539",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
                },
                {
                  "name": "RHSA-2002:223",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
                },
                {
                  "name": "6016",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6016"
                },
                {
                  "name": "20021028 GLSA: ypserv",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1232",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:19:28.137Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0836 (GCVE-0-2002-0836)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=103497852330838&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/5978 vdb-entryx_refsource_BID
    http://marc.info/?l=bugtraq&m=104005975415582&w=2 mailing-listx_refsource_BUGTRAQ
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://www.kb.cert.org/vuls/id/169841 third-party-advisoryx_refsource_CERT-VN
    http://www.debian.org/security/2002/dsa-207 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/advisories/4567 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2002-195.html vendor-advisoryx_refsource_REDHAT
    http://www.iss.net/security_center/static/10365.php vdb-entryx_refsource_XF
    http://www.redhat.com/support/errata/RHSA-2002-194.html vendor-advisoryx_refsource_REDHAT
    http://www.linux-mandrake.com/en/security/2002/MD… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2002-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:49.020Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20021018 GLSA: tetex",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
              },
              {
                "name": "5978",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5978"
              },
              {
                "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
              },
              {
                "name": "CLA-2002:537",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
              },
              {
                "name": "VU#169841",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/169841"
              },
              {
                "name": "DSA-207",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2002/dsa-207"
              },
              {
                "name": "HPSBTL0210-073",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/4567"
              },
              {
                "name": "RHSA-2002:195",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
              },
              {
                "name": "dvips-system-execute-commands(10365)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10365.php"
              },
              {
                "name": "RHSA-2002:194",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
              },
              {
                "name": "MDKSA-2002:070",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-07-25T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20021018 GLSA: tetex",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
            },
            {
              "name": "5978",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5978"
            },
            {
              "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
            },
            {
              "name": "CLA-2002:537",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
            },
            {
              "name": "VU#169841",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/169841"
            },
            {
              "name": "DSA-207",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2002/dsa-207"
            },
            {
              "name": "HPSBTL0210-073",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/advisories/4567"
            },
            {
              "name": "RHSA-2002:195",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
            },
            {
              "name": "dvips-system-execute-commands(10365)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10365.php"
            },
            {
              "name": "RHSA-2002:194",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
            },
            {
              "name": "MDKSA-2002:070",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0836",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20021018 GLSA: tetex",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
                },
                {
                  "name": "5978",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5978"
                },
                {
                  "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
                },
                {
                  "name": "CLA-2002:537",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
                },
                {
                  "name": "VU#169841",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/169841"
                },
                {
                  "name": "DSA-207",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2002/dsa-207"
                },
                {
                  "name": "HPSBTL0210-073",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/advisories/4567"
                },
                {
                  "name": "RHSA-2002:195",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
                },
                {
                  "name": "dvips-system-execute-commands(10365)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10365.php"
                },
                {
                  "name": "RHSA-2002:194",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
                },
                {
                  "name": "MDKSA-2002:070",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0836",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-08-08T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:49.020Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0835 (GCVE-0-2002-0835)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/5596 vdb-entryx_refsource_BID
    ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… vendor-advisoryx_refsource_CALDERA
    http://www.iss.net/security_center/static/10003.php vdb-entryx_refsource_XF
    http://online.securityfocus.com/advisories/4449 vendor-advisoryx_refsource_HP
    http://www.redhat.com/support/errata/RHSA-2002-162.html vendor-advisoryx_refsource_REDHAT
    http://www.redhat.com/support/errata/RHSA-2002-165.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2002-08-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:49.217Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5596",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5596"
              },
              {
                "name": "CSSA-2002-044.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
              },
              {
                "name": "pxe-dhcp-dos(10003)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10003.php"
              },
              {
                "name": "HPSBTL0209-066",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/4449"
              },
              {
                "name": "RHSA-2002:162",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
              },
              {
                "name": "RHSA-2002:165",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-11-14T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5596",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5596"
            },
            {
              "name": "CSSA-2002-044.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
            },
            {
              "name": "pxe-dhcp-dos(10003)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10003.php"
            },
            {
              "name": "HPSBTL0209-066",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/4449"
            },
            {
              "name": "RHSA-2002:162",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
            },
            {
              "name": "RHSA-2002:165",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0835",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5596",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5596"
                },
                {
                  "name": "CSSA-2002-044.0",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
                },
                {
                  "name": "pxe-dhcp-dos(10003)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10003.php"
                },
                {
                  "name": "HPSBTL0209-066",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/4449"
                },
                {
                  "name": "RHSA-2002:162",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
                },
                {
                  "name": "RHSA-2002:165",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0835",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-08-08T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:49.217Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0638 (GCVE-0-2002-0638)

    Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
    VLAI
    Summary
    setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… vendor-advisoryx_refsource_CALDERA
    http://www.securityfocus.com/bid/5344 vdb-entryx_refsource_BID
    http://www.iss.net/security_center/static/9709.php vdb-entryx_refsource_XF
    http://www.linux-mandrake.com/en/security/2002/MD… vendor-advisoryx_refsource_MANDRAKE
    http://rhn.redhat.com/errata/RHSA-2002-132.html vendor-advisoryx_refsource_REDHAT
    http://www.kb.cert.org/vuls/id/405955 third-party-advisoryx_refsource_CERT-VN
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_VULNWATCH
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://online.securityfocus.com/advisories/4320 vendor-advisoryx_refsource_HP
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=102795787713996&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.redhat.com/support/errata/RHSA-2002-137.html vendor-advisoryx_refsource_REDHAT
    http://www.osvdb.org/5164 vdb-entryx_refsource_OSVDB
    Date Public
    2002-07-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:56:38.516Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "CSSA-2002-043.0",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
              },
              {
                "name": "5344",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5344"
              },
              {
                "name": "utillinux-chfn-race-condition(9709)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9709.php"
              },
              {
                "name": "MDKSA-2002:047",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
              },
              {
                "name": "RHSA-2002:132",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
              },
              {
                "name": "VU#405955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/405955"
              },
              {
                "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
              },
              {
                "name": "CLA-2002:523",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
              },
              {
                "name": "HPSBTL0207-054",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/4320"
              },
              {
                "name": "20020730 TSLSA-2002-0064 - util-linux",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
              },
              {
                "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
              },
              {
                "name": "RHSA-2002:137",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
              },
              {
                "name": "5164",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/5164"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-07-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "CSSA-2002-043.0",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
            },
            {
              "name": "5344",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5344"
            },
            {
              "name": "utillinux-chfn-race-condition(9709)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9709.php"
            },
            {
              "name": "MDKSA-2002:047",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
            },
            {
              "name": "RHSA-2002:132",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
            },
            {
              "name": "VU#405955",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/405955"
            },
            {
              "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
            },
            {
              "name": "CLA-2002:523",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
            },
            {
              "name": "HPSBTL0207-054",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/4320"
            },
            {
              "name": "20020730 TSLSA-2002-0064 - util-linux",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
            },
            {
              "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
            },
            {
              "name": "RHSA-2002:137",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
            },
            {
              "name": "5164",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/5164"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0638",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "CSSA-2002-043.0",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
                },
                {
                  "name": "5344",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5344"
                },
                {
                  "name": "utillinux-chfn-race-condition(9709)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9709.php"
                },
                {
                  "name": "MDKSA-2002:047",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
                },
                {
                  "name": "RHSA-2002:132",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
                },
                {
                  "name": "VU#405955",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/405955"
                },
                {
                  "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
                },
                {
                  "name": "CLA-2002:523",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
                },
                {
                  "name": "HPSBTL0207-054",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/4320"
                },
                {
                  "name": "20020730 TSLSA-2002-0064 - util-linux",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
                },
                {
                  "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
                },
                {
                  "name": "RHSA-2002:137",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
                },
                {
                  "name": "5164",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/5164"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0638",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-06-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:56:38.516Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1563 (GCVE-0-2001-1563)

    Vulnerability from nvd – Published: 2005-07-14 04:00 – Updated: 2024-08-08 04:58
    VLAI
    Summary
    Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2001-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:58:11.400Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tomcat-unspecified-unauthorized-access(42892)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
              },
              {
                "name": "HPSBTL0112-004",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources.  NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "tomcat-unspecified-unauthorized-access(42892)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
            },
            {
              "name": "HPSBTL0112-004",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1563",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources.  NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tomcat-unspecified-unauthorized-access(42892)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
                },
                {
                  "name": "HPSBTL0112-004",
                  "refsource": "HP",
                  "url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1563",
        "datePublished": "2005-07-14T04:00:00.000Z",
        "dateReserved": "2005-07-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:58:11.400Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-1506 (GCVE-0-2001-1506)

    Vulnerability from nvd – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
    VLAI
    Summary
    Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/3468 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://online.securityfocus.com/advisories/3618 vendor-advisoryx_refsource_HP
    Date Public
    2001-10-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:58:11.626Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3468",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3468"
              },
              {
                "name": "hp-secure-unauth-privileges(7342)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
              },
              {
                "name": "HPSBTL0110-001",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/advisories/3618"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-10-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3468",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3468"
            },
            {
              "name": "hp-secure-unauth-privileges(7342)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
            },
            {
              "name": "HPSBTL0110-001",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://online.securityfocus.com/advisories/3618"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-1506",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3468",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3468"
                },
                {
                  "name": "hp-secure-unauth-privileges(7342)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
                },
                {
                  "name": "HPSBTL0110-001",
                  "refsource": "HP",
                  "url": "http://online.securityfocus.com/advisories/3618"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-1506",
        "datePublished": "2005-06-21T04:00:00.000Z",
        "dateReserved": "2005-06-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:58:11.626Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }