Page 11 of 79 results (0.010 seconds)

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 0

The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc http://secunia.com/advisories/9504 http://securitytracker.com/id?1007460 http://www.osvdb.org/2406 https://exchange.xforce.ibmcloud.com/vulnerabilities/12892 •

CVSS: 3.6EPSS: 0%CPEs: 43EXPL: 0

Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:44.filedesc.asc http://archives.neohapsis.com/archives/bugtraq/2003-01/0057.html http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0006.html http://secunia.com/advisories/7821 http://www.iss.net/security_center/static/10993.php http://www.pine.nl/press/pine-cert-20030101.txt http://www.securityfocus.com/archive/1/305308/30/26420/threaded http://www.securityfocus.com/bid/6524 http://www.securitytracker.co •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-013.txt.asc http://marc.info/?l=bugtraq&m=102865517214722&w=2 http://www.info.apple.com/usen/security/security_updates.html http://www.osvdb.org/5072 http://www.securityfocus.com/bid/5402 https://exchange.xforce.ibmcloud.com/vulnerabilities/9772 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. • http://marc.info/?l=bugtraq&m=102865404413458&w=2 http://www.iss.net/security_center/static/9771.php http://www.osvdb.org/5073 http://www.securityfocus.com/bid/5399 •

CVSS: 10.0EPSS: 82%CPEs: 10EXPL: 4

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P http://archives.neohapsis.com/archives/aix/2002-q4/0002.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html http://archives.neohapsis.com/archives/hp/2002-q3/0077.html http://bvl • CWE-190: Integer Overflow or Wraparound •