CVE List 2002

Product
Score
Severity
Status
CVE
               
CVE Score Severity Package Description Published
CVE-2002-2439
4.0 MV Product/Version
affected:
MVL6 Toolchain 4.3 Resolved
MVL6 Toolchain 4.4 Resolved
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. September 4, 2012, 07:09 am
CVE-2002-2185
4.9 MV Product/Version
affected:
Medium kernel The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a targets Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. December 30, 2002, 23:12 pm
CVE-2002-1438
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
Medium netware The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option. April 10, 2003, 23:04 pm
CVE-2002-1437
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
Medium netware Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing ..%5c (URL-encoded dot-dot backslash) sequences. April 10, 2003, 23:04 pm
CVE-2002-1436
7.5 MV Product/Version
affected:
CGE 7.0 Resolved
High netware The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. April 10, 2003, 23:04 pm
CVE-2002-1216
5.0 MV Product/Version
affected:
Medium tar GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check. October 27, 2002, 23:10 pm
CVE-2002-0659
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
Medium openssl The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. August 11, 2002, 23:08 pm
CVE-2002-0657
7.5 MV Product/Version
affected:
CGE 7.0 Resolved
High openssl Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key. August 11, 2002, 23:08 pm
CVE-2002-0656
7.5 MV Product/Version
affected:
CGE 7.0 Resolved
High openssl Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. August 11, 2002, 23:08 pm
CVE-2002-0655
7.5 MV Product/Version
affected:
CGE 7.0 Resolved
High openssl OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. August 11, 2002, 23:08 pm