Page 14 of 111 results (0.058 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL. PF en OpenBSD 3.0 con la regla return-rst establece el TTL (Time to Live) a 128 en el paquete RST, lo que permite a atacantes remotos determinar si un puerto está siendo filtrado porque el TTL es diferente del de por defecto. • http://www.iss.net/security_center/static/8738.php http://www.securityfocus.com/archive/1/265188 http://www.securityfocus.com/bid/4401 • CWE-203: Observable Discrepancy •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). • http://www.iss.net/security_center/static/8625.php http://www.openbsd.org/errata30.html#approval http://www.securityfocus.com/bid/4338 •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3

The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference. • https://www.exploit-db.com/exploits/21167 http://archives.neohapsis.com/archives/bugtraq/2001-12/0014.html http://monkey.org/openbsd/archive/tech/0112/msg00015.html http://www.iss.net/security_center/static/7690.php • CWE-476: NULL Pointer Dereference •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/016_recover.patch http://www.kb.cert.org/vuls/id/191675 https://exchange.xforce.ibmcloud.com/vulnerabilities/10149 •

CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0

fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html http://www.iss.net/security_center/static/8715.php http://www.openbsd.org/errata28.html http://www.osvdb.org/5466 http://www.securityfocus.com/bid/3205 •