11 results (0.015 seconds)

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 1

In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006. • https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/006_bgpd.patch.sig https://github.com/openbgpd-portable/openbgpd-portable/releases/tag/8.1 https://news.ycombinator.com/item?id=37305800 https://www.openbsd.org/errata73.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed verification callback that instructs the verifier to continue upon detecting an invalid certificate. • https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.1-relnotes.txt https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/001_x509.patch.sig https://github.com/openbsd/src/commit/4f94258c65a918ee3d8670e93916d15bf879e6ec • CWE-295: Improper Certificate Validation •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address. • https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.49&r2=1.49.4.1&f=h https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.50&r2=1.50.4.1&f=h https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/envelope.c.diff?r1=1.50&r2=1.51&f=h https://ftp.openbsd.org/pub/OpenBSD/patches/7.1/common/024_smtpd.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/020_smtpd&# •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 2

It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service. Se encontró en FreeBSD versiones 8.0, 6.3 y 4.9, y en OpenBSD versiones 4.6 que una desreferencia de puntero null en el archivo ftpd/popen.c puede conllevar a una denegación de servicio remota del servicio ftpd • https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=144761 https://seclists.org/fulldisclosure/2010/Mar/117 https://seclists.org/oss-sec/2011/q3/284 • CWE-476: NULL Pointer Dereference •

CVSS: 7.1EPSS: 2%CPEs: 2049EXPL: 0

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, permite a atacantes remotos provocar una denegación de servicio (agotamiento de cola de conexión) a través de múltiples vectores que manipulan información en la tabla de estados del TCP, como lo demuestra sockstress. • http://blog.robertlee.name/2008/10/conjecture-speculation.html http://insecure.org/stf/tcp-dos-attack-explained.html http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html http://www.cpni • CWE-16: Configuration •