Search
Find a vulnerability
Search criteria
12 vulnerabilities found for secure_os by hp
CVE-2001-1563 (GCVE-0-2001-1563)
Vulnerability from cvelistv5 – Published: 2005-07-14 04:00 – Updated: 2024-08-08 04:58
VLAI
Summary
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/hp/2001-q4… | vendor-advisoryx_refsource_HP |
Date Public
2001-12-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1563",
"datePublished": "2005-07-14T04:00:00.000Z",
"dateReserved": "2005-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:58:11.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1506 (GCVE-0-2001-1506)
Vulnerability from cvelistv5 – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
VLAI
Summary
Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/3468 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/advisories/3618 | vendor-advisoryx_refsource_HP |
Date Public
2001-10-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-10-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1506",
"datePublished": "2005-06-21T04:00:00.000Z",
"dateReserved": "2005-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:58:11.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0835 (GCVE-0-2002-0835)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/5596 | vdb-entryx_refsource_BID |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/10003.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/advisories/4449 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2002-162.html | vendor-advisoryx_refsource_REDHAT |
| http://www.redhat.com/support/errata/RHSA-2002-165.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2002-08-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-11-14T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0835",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0836 (GCVE-0-2002-0836)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=103497852330838&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/5978 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=104005975415582&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://www.kb.cert.org/vuls/id/169841 | third-party-advisoryx_refsource_CERT-VN |
| http://www.debian.org/security/2002/dsa-207 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/advisories/4567 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2002-195.html | vendor-advisoryx_refsource_REDHAT |
| http://www.iss.net/security_center/static/10365.php | vdb-entryx_refsource_XF |
| http://www.redhat.com/support/errata/RHSA-2002-194.html | vendor-advisoryx_refsource_REDHAT |
| http://www.linux-mandrake.com/en/security/2002/MD… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2002-10-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021018 GLSA: tetex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021018 GLSA: tetex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021018 GLSA: tetex",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0836",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1232 (GCVE-0-2002-1232)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI
Summary
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://online.securityfocus.com/advisories/4605 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2003-229.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… | vendor-advisoryx_refsource_CALDERA |
| http://www.debian.org/security/2002/dsa-180 | vendor-advisoryx_refsource_DEBIAN |
| http://www.redhat.com/support/errata/RHSA-2002-224.html | vendor-advisoryx_refsource_REDHAT |
| http://www.linux-mandrake.com/en/security/2002/MD… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.iss.net/security_center/static/10423.php | vdb-entryx_refsource_XF |
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://www.redhat.com/support/errata/RHSA-2002-223.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/6016 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=103582692228894&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2002-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBTL0210-074",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBTL0210-074",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBTL0210-074",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1232",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:19:28.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0638 (GCVE-0-2002-0638)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
VLAI
Summary
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2002-07-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5164"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5164"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-043.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5164"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0638",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-06-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:56:38.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1232 (GCVE-0-2002-1232)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI
Summary
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://online.securityfocus.com/advisories/4605 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2003-229.html | vendor-advisoryx_refsource_REDHAT |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… | vendor-advisoryx_refsource_CALDERA |
| http://www.debian.org/security/2002/dsa-180 | vendor-advisoryx_refsource_DEBIAN |
| http://www.redhat.com/support/errata/RHSA-2002-224.html | vendor-advisoryx_refsource_REDHAT |
| http://www.linux-mandrake.com/en/security/2002/MD… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.iss.net/security_center/static/10423.php | vdb-entryx_refsource_XF |
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://www.redhat.com/support/errata/RHSA-2002-223.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/6016 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=103582692228894&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2002-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBTL0210-074",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBTL0210-074",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBTL0210-074",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4605"
},
{
"name": "RHSA-2003:229",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-229.html"
},
{
"name": "CSSA-2002-054.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt"
},
{
"name": "DSA-180",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-180"
},
{
"name": "RHSA-2002:224",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-224.html"
},
{
"name": "MDKSA-2002:078",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php"
},
{
"name": "ypserv-map-memory-leak(10423)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10423.php"
},
{
"name": "CLA-2002:539",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539"
},
{
"name": "RHSA-2002:223",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-223.html"
},
{
"name": "6016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6016"
},
{
"name": "20021028 GLSA: ypserv",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1232",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:19:28.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0836 (GCVE-0-2002-0836)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=103497852330838&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/5978 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=104005975415582&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://www.kb.cert.org/vuls/id/169841 | third-party-advisoryx_refsource_CERT-VN |
| http://www.debian.org/security/2002/dsa-207 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/advisories/4567 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2002-195.html | vendor-advisoryx_refsource_REDHAT |
| http://www.iss.net/security_center/static/10365.php | vdb-entryx_refsource_XF |
| http://www.redhat.com/support/errata/RHSA-2002-194.html | vendor-advisoryx_refsource_REDHAT |
| http://www.linux-mandrake.com/en/security/2002/MD… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2002-10-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021018 GLSA: tetex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021018 GLSA: tetex",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021018 GLSA: tetex",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2"
},
{
"name": "5978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5978"
},
{
"name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2"
},
{
"name": "CLA-2002:537",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537"
},
{
"name": "VU#169841",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/169841"
},
{
"name": "DSA-207",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-207"
},
{
"name": "HPSBTL0210-073",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/4567"
},
{
"name": "RHSA-2002:195",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-195.html"
},
{
"name": "dvips-system-execute-commands(10365)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10365.php"
},
{
"name": "RHSA-2002:194",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-194.html"
},
{
"name": "MDKSA-2002:070",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0836",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0835 (GCVE-0-2002-0835)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:03
VLAI
Summary
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/5596 | vdb-entryx_refsource_BID |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA… | vendor-advisoryx_refsource_CALDERA |
| http://www.iss.net/security_center/static/10003.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/advisories/4449 | vendor-advisoryx_refsource_HP |
| http://www.redhat.com/support/errata/RHSA-2002-162.html | vendor-advisoryx_refsource_REDHAT |
| http://www.redhat.com/support/errata/RHSA-2002-165.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2002-08-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-11-14T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0835",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5596"
},
{
"name": "CSSA-2002-044.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-044.0.txt"
},
{
"name": "pxe-dhcp-dos(10003)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10003.php"
},
{
"name": "HPSBTL0209-066",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4449"
},
{
"name": "RHSA-2002:162",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-162.html"
},
{
"name": "RHSA-2002:165",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-165.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0835",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0638 (GCVE-0-2002-0638)
Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
VLAI
Summary
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2002-07-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2002-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5164"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2002-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5164"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2002-043.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
},
{
"name": "5344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5344"
},
{
"name": "utillinux-chfn-race-condition(9709)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9709.php"
},
{
"name": "MDKSA-2002:047",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
},
{
"name": "RHSA-2002:132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
},
{
"name": "VU#405955",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/405955"
},
{
"name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
},
{
"name": "CLA-2002:523",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
},
{
"name": "HPSBTL0207-054",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4320"
},
{
"name": "20020730 TSLSA-2002-0064 - util-linux",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
},
{
"name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
},
{
"name": "RHSA-2002:137",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
},
{
"name": "5164",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5164"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0638",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-06-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:56:38.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1563 (GCVE-0-2001-1563)
Vulnerability from nvd – Published: 2005-07-14 04:00 – Updated: 2024-08-08 04:58
VLAI
Summary
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://archives.neohapsis.com/archives/hp/2001-q4… | vendor-advisoryx_refsource_HP |
Date Public
2001-12-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "tomcat-unspecified-unauthorized-access(42892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42892"
},
{
"name": "HPSBTL0112-004",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0062.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1563",
"datePublished": "2005-07-14T04:00:00.000Z",
"dateReserved": "2005-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:58:11.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1506 (GCVE-0-2001-1506)
Vulnerability from nvd – Published: 2005-06-21 04:00 – Updated: 2024-08-08 04:58
VLAI
Summary
Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/3468 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/advisories/3618 | vendor-advisoryx_refsource_HP |
Date Public
2001-10-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-10-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3468"
},
{
"name": "hp-secure-unauth-privileges(7342)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7342"
},
{
"name": "HPSBTL0110-001",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1506",
"datePublished": "2005-06-21T04:00:00.000Z",
"dateReserved": "2005-06-21T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:58:11.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}