LiveActive security incident?Get immediate response
CVE archive

September 2002

Browse CVE records published in September 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 294 matching CVEs · Page 2 of 6.

Unknown · CVSS Not scored

CVE-2002-1476: Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, whe...

Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh.

Published Sep 1, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1278: The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, an...

The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.

Published Sep 1, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1367: Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without au...

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke.

Published Sep 1, 2004 · Updated Aug 8, 2024