Page 14 of 98 results (0.011 seconds)

CVSS: 10.0EPSS: 0%CPEs: 59EXPL: 0

The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. La funcionalidad TCP MSS (maximum segment size) en netinet permite a atacantes remotos causar una denegación de servicio (consumición de recursos) mediante un: MTU bajo, que causa que se produzcan un gran número de pequeños paquetes, o mediante un grán número de paquetes con contenido TCP pequeño, lo que hace que se hagan un gran número de llamadas a la función sowakeup, que consumen muchos recursos. • http://lists.freebsd.org/pipermail/cvs-src/2004-January/016271.html •

CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0

The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic. • http://secunia.com/advisories/8142 http://www.osvdb.org/19785 http://www.securityfocus.com/advisories/5013 http://www.securityfocus.com/bid/6920 https://exchange.xforce.ibmcloud.com/vulnerabilities/11397 •

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 0

The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc http://secunia.com/advisories/9504 http://securitytracker.com/id?1007460 http://www.osvdb.org/2406 https://exchange.xforce.ibmcloud.com/vulnerabilities/12892 •

CVSS: 3.6EPSS: 0%CPEs: 43EXPL: 0

Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:44.filedesc.asc http://archives.neohapsis.com/archives/bugtraq/2003-01/0057.html http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0006.html http://secunia.com/advisories/7821 http://www.iss.net/security_center/static/10993.php http://www.pine.nl/press/pine-cert-20030101.txt http://www.securityfocus.com/archive/1/305308/30/26420/threaded http://www.securityfocus.com/bid/6524 http://www.securitytracker.co •

CVSS: 4.3EPSS: 2%CPEs: 58EXPL: 0

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt http://secunia.com/advisories/10542 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434 http://www.debian.org/security/2004/dsa-409 http://www.kb.cert.org/vuls/id/734644 http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt https://oval.cisecurity.org/repository& •