Page 16 of 124 results (0.011 seconds)

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. • http://marc.info/?l=bugtraq&m=102865404413458&w=2 http://www.iss.net/security_center/static/9771.php http://www.osvdb.org/5073 http://www.securityfocus.com/bid/5399 •

CVSS: 10.0EPSS: 82%CPEs: 10EXPL: 4

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P http://archives.neohapsis.com/archives/aix/2002-q4/0002.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html http://archives.neohapsis.com/archives/hp/2002-q3/0077.html http://bvl • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc http://www.iss.net/security_center/static/8893.php http://www.osvdb.org/5232 http://www.securityfocus.com/bid/4539 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1

The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. • ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137 http://online.securityfocus.com/archive/1/262733 http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022 http://www.iss.net/security_center/static/8485.php http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110 http://www.osvdb.org/5308 http://www.securityfocus.com/bi •

CVSS: 7.2EPSS: 0%CPEs: 28EXPL: 0

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." El desbordamiento del búfer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en él, permite a usuarios locales la obtención de privilegios. • http://www.debian.org/security/2002/dsa-113 http://www.iss.net/security_center/static/8222.php http://www.redhat.com/support/errata/RHSA-2002-020.html http://www.securityfocus.com/bid/2116 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •