Page 11 of 65 results (0.006 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc http://www.iss.net/security_center/static/8893.php http://www.osvdb.org/5232 http://www.securityfocus.com/bid/4539 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1

The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. • ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137 http://online.securityfocus.com/archive/1/262733 http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022 http://www.iss.net/security_center/static/8485.php http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110 http://www.osvdb.org/5308 http://www.securityfocus.com/bi •

CVSS: 7.5EPSS: 19%CPEs: 4EXPL: 0

Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt http://www.cert.org/advisories/CA-2001-30.html http://www.kb.cert.org/vuls/id/274043 http://www.openbsd.com/errata28.html http://www.redhat.com/support/errata/RHSA-2001-147.html http://www.securityfocus.com/bid/3252 http://xforce.iss.net/alerts/advise94.php https://exchange.xforce.ibmcloud.com/vulnera •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 2

libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. • https://www.exploit-db.com/exploits/21114 http://archives.neohapsis.com/archives/bugtraq/2001-09/0173.html http://www.osvdb.org/6073 https://exchange.xforce.ibmcloud.com/vulnerabilities/8697 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 1

NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc http://www.securityfocus.com/bid/2799 https://exchange.xforce.ibmcloud.com/vulnerabilities/6636 •