CVSS: 5.0EPSS: 4%CPEs: 9EXPL: 0CVE-2004-0171
https://notcve.org/view.php?id=CVE-2004-0171
FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. FreeBSD 5.1 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de recursos de búferes de memoria) mediante un gran número de paquetes TCP fuera de secuencia, lo que impide que FreeBSD cree nuevas conexiones. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:04.tcp.asc http://lists.seifried.org/pipermail/security/2004-May/003743.html http://www.idefense.com/application/poi/display?id=78&type=vulnerabilities http://www.kb.cert.org/vuls/id/395670 http://www.osvdb.org/4124 http://www.securityfocus.com/bid/9792 https://exchange.xforce.ibmcloud.com/vulnerabilities/15369 •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 1CVE-2004-0114 – BSD - SHMAT System Call Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0114
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. La llamada de sistema shmat en el interfaz de Memoria Compartida de Sistema V de FreeBSD 5.2 y anteriores, NetBSD 1.3 y anteriores, y OpenBSD 2.6 y anteriores, no decrementa adecuadamente un contador de referencias de segmentos de memoria compartidos cuando al función vm_map_find falla, lo que podría permitir a usuarios locales ganar acceso de lectura y escritura a una porción de memoria del kernel y ganar privilegios. • https://www.exploit-db.com/exploits/23655 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-004.txt.asc http://marc.info/?l=bugtraq&m=107608375207601&w=2 http://www.openbsd.org/errata33.html#sysvshm http://www.osvdb.org/3836 http://www.pine.nl/press/pine-cert-20040201.txt http://www.securityfocus.com/bid/9586 https://exchange.xforce.ibmcloud.com/vulnerabilities/15061 •
CVSS: 10.0EPSS: 0%CPEs: 59EXPL: 0CVE-2004-0002
https://notcve.org/view.php?id=CVE-2004-0002
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. La funcionalidad TCP MSS (maximum segment size) en netinet permite a atacantes remotos causar una denegación de servicio (consumición de recursos) mediante un: MTU bajo, que causa que se produzcan un gran número de pequeños paquetes, o mediante un grán número de paquetes con contenido TCP pequeño, lo que hace que se hagan un gran número de llamadas a la función sowakeup, que consumen muchos recursos. • http://lists.freebsd.org/pipermail/cvs-src/2004-January/016271.html •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2003-1230
https://notcve.org/view.php?id=CVE-2003-1230
The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic. • http://secunia.com/advisories/8142 http://www.osvdb.org/19785 http://www.securityfocus.com/advisories/5013 http://www.securityfocus.com/bid/6920 https://exchange.xforce.ibmcloud.com/vulnerabilities/11397 •
CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 0CVE-2003-1289
https://notcve.org/view.php?id=CVE-2003-1289
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc http://secunia.com/advisories/9504 http://securitytracker.com/id?1007460 http://www.osvdb.org/2406 https://exchange.xforce.ibmcloud.com/vulnerabilities/12892 •