CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2CVE-2005-0356 – TCP TIMESTAMPS - Denial of Service
https://notcve.org/view.php?id=CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •
CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0CVE-2005-0109
https://notcve.org/view.php?id=CVE-2005-0109
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://securitytracker.com/id?1013967 http://sunsolve.sun.com/search/document.do? •
CVSS: 7.1EPSS: 1%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html http://security.e-matters.de/advisories/092004.html http://www.securityfocus.com/bid/10499 https://exchange.xforce.ibmcloud.com/vulnerabilities/16365 •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 1CVE-2004-0114 – BSD - SHMAT System Call Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0114
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. La llamada de sistema shmat en el interfaz de Memoria Compartida de Sistema V de FreeBSD 5.2 y anteriores, NetBSD 1.3 y anteriores, y OpenBSD 2.6 y anteriores, no decrementa adecuadamente un contador de referencias de segmentos de memoria compartidos cuando al función vm_map_find falla, lo que podría permitir a usuarios locales ganar acceso de lectura y escritura a una porción de memoria del kernel y ganar privilegios. • https://www.exploit-db.com/exploits/23655 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-004.txt.asc http://marc.info/?l=bugtraq&m=107608375207601&w=2 http://www.openbsd.org/errata33.html#sysvshm http://www.osvdb.org/3836 http://www.pine.nl/press/pine-cert-20040201.txt http://www.securityfocus.com/bid/9586 https://exchange.xforce.ibmcloud.com/vulnerabilities/15061 •
CVSS: 10.0EPSS: 0%CPEs: 59EXPL: 0CVE-2004-0002
https://notcve.org/view.php?id=CVE-2004-0002
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. La funcionalidad TCP MSS (maximum segment size) en netinet permite a atacantes remotos causar una denegación de servicio (consumición de recursos) mediante un: MTU bajo, que causa que se produzcan un gran número de pequeños paquetes, o mediante un grán número de paquetes con contenido TCP pequeño, lo que hace que se hagan un gran número de llamadas a la función sowakeup, que consumen muchos recursos. • http://lists.freebsd.org/pipermail/cvs-src/2004-January/016271.html •