5 results (0.006 seconds)

CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 3

Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes. Niels Provos Systrace v1.6f y anteriores en las plataformas Linux x86_64 permite a usuarios locales evitar las restricciones de acceso previstas, mediante una syscal de 32 bit, con un número correspondiente a una llamada de 64 bit. Relacionada con las condiciones de carrera en la monitorización de procesos de 64 bit. • https://www.exploit-db.com/exploits/32751 http://scary.beasts.org/security/CESA-2009-001.html http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html http://www.citi.umich.edu/u/provos/systrace http://www.securityfocus.com/archive/1/500377/100/0/threaded http://www.securityfocus.com/bid/33417 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 4%CPEs: 2EXPL: 0

Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset. Niels Provos libevent 1.2 y 1.2a permite a atacantes remotos provocar denegación de servicio (bucle infinito) a través de una respuesta DNS que contiene una puntero de etiqueta que referencia a su propio offset. • http://monkey.org/~provos/libevent http://osvdb.org/33228 http://secunia.com/advisories/24181 http://securityreason.com/securityalert/2268 http://www.securityfocus.com/archive/1/460530/100/0/threaded http://www.securityfocus.com/bid/22606 http://www.vupen.com/english/advisories/2007/0647 •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows remote attackers to cause a denial of service (application crash) via certain Address Resolution Protocol (ARP) packets. Vulnerabilidad no especificada en Niels Provos Honeyd anterior a 1.5b permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) mediante determinados paquetes ARP (Address Resolution Protocol). • http://secunia.com/advisories/21591 http://www.honeyd.org/release.php?version=1.5b http://www.securityfocus.com/bid/19614 http://www.vupen.com/english/advisories/2006/3329 https://exchange.xforce.ibmcloud.com/vulnerabilities/28480 •

CVSS: 5.0EPSS: 1%CPEs: 10EXPL: 0

Niels Provos Honeyd before 1.5 replies to certain illegal IP packet fragments that other IP stack implementations would drop, which allows remote attackers to identify IP addresses that are being simulated using honeyd. • http://secunia.com/advisories/18867 http://www.honeyd.org/adv.2006-01 http://www.honeyd.org/phpBB2/viewtopic.php?t=106 http://www.securityfocus.com/archive/1/425112/100/0/threaded http://www.securityfocus.com/bid/16595 http://www.vupen.com/english/advisories/2006/0552 https://exchange.xforce.ibmcloud.com/vulnerabilities/24728 •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd. • http://marc.info/?l=bugtraq&m=107471181426047&w=2 http://marc.info/?l=bugtraq&m=107473095118505&w=2 http://secunia.com/advisories/10694 http://secunia.com/advisories/10695 http://www.osvdb.org/3690 http://www.securityfocus.com/bid/9464 http://www.securitytracker.com/id?1008818 https://exchange.xforce.ibmcloud.com/vulnerabilities/14905 •