LiveActive security incident?Get immediate response
CVE archive

April 2002

Browse CVE records published in April 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 326 matching CVEs · Page 2 of 7.

Unknown · CVSS Not scored

CVE-2002-0964: Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaust...

Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-0809: Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that...

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-0848: Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when usin...

Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-0788: An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File...

An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-0830: Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly o...

Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop.

Published Apr 2, 2003 · Updated Aug 8, 2024