Page 13 of 175 results (0.010 seconds)

CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 1

Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference. Vulnerabilidad no especificada en sys/dev/pci/vga_pci.c en los controladores gráficos VGA para wscons en OpenBSD 3.9 y 4.0, cuando el núcleo está compilado la opción PCIAGP y un dispositivo no-AGP está siendo usado, permite a un usuario local obtener privilegios a través de vectores no especificados, posiblemente relacionado con la referencia de puntero NULL agp_ioctl. • https://www.exploit-db.com/exploits/3094 http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf http://marc.info/?l=openbsd-cvs&m=116781980706409&w=2 http://marc.info/?l=openbsd-cvs&m=116785923301416&w=2 http://secunia.com/advisories/23608 http://securitytracker.com/id?1017468 http://www.openbsd.org/errata.html#agp http://www.openbsd.org/errata39.html#agp http://www.osvdb.org/32574 http://www.vupen.com/english/advisories/2007/0043 https://exchange.xforce.ibm •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges. La función _dl_unsetenv en loader.c en el ELF ld.so en OpenBSD 3.9 y 4.0 no borra adecuadamente variables de entorno duplicadas, lo cual permite a usuarios locales pasar variables peligrosas como LD_PRELOAD a procesos de carga, lo cual puede ser utilizado para obtener privilegios. • http://secunia.com/advisories/22993 http://securitytracker.com/id?1017253 http://www.matasano.com/log/592/finger-79tcp-mcdonald-dowd-and-schuh-challenge-part-2 http://www.openbsd.org/errata.html#ldso http://www.openbsd.org/errata39.html#ldso http://www.securityfocus.com/archive/1/452371/100/0/threaded http://www.securityfocus.com/archive/1/452428/100/0/threaded http://www.securityfocus.com/bid/21188 https://exchange.xforce.ibmcloud.com/vulnerabilities/30441 •

CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 3

The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. El núcleo en FreeBSD 6.1 y OpenBSD 4.0 permite a usuarios locales provocar una denegación de servicio mediante vectores sin especificar relativas a peticiones concretas ioctl al /dev/crypto. • https://www.exploit-db.com/exploits/2639 http://elegerov.blogspot.com/2006/10/here-is-lame-proof-of-concept-code-for.html http://secunia.com/advisories/22543 http://www.securityfocus.com/bid/20713 •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 1

Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl. Desbordamiento de entero en la función systrace_preprepl (STRIOCREPLACE) en systrace de OpenBSD 3.9 y NetBSD 3 permite a usuarios locales provocar una denegación de servicio (caída), escalar privilegios, o leer memoria del núcleo de su elección mediante argumentos numéricos muy grandes en la llamada ioctl systrace. • http://openbsd.org/errata.html#systrace http://scary.beasts.org/security/CESA-2006-003.html http://secunia.com/advisories/22324 http://securitytracker.com/id?1017009 http://www.osvdb.org/29570 http://www.securityfocus.com/bid/20392 https://exchange.xforce.ibmcloud.com/vulnerabilities/29392 •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default. OpenBSD 3.8, 3.9,y posiblemente versiones anteriores permiten a un atacante dependiente del contexto provocar denegación de servicio (kernel panic) destinando mas semaforos que los que hay por defecto. • http://secunia.com/advisories/21642 http://securitytracker.com/id?1016756 http://www.openbsd.org/errata.html#sem http://www.openbsd.org/errata38.html#sem http://www.osvdb.org/28195 http://www.securityfocus.com/bid/19713 https://exchange.xforce.ibmcloud.com/vulnerabilities/28617 •