CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2007-2768
https://notcve.org/view.php?id=CVE-2007-2768
21 May 2007 — OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243. OpenSSH, cuando utiliza OPIE(One-Time Passwords in Everything) para PAM, permiet a atacantes remotos determinar la existencia de ciertas cuentas de usuarios, lo cual muestra una respuesta diferente si la cuenta de usua... • http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0635.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 19%CPEs: 9EXPL: 0CVE-2007-2242 – IPv6 routing headers issue
https://notcve.org/view.php?id=CVE-2007-2242
25 Apr 2007 — The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. El protocolo IPv6 permite a atacantes remotos provocar una denegación de servicio mediante cabeceras IPv6 de enrutamiento de tipo 0 (IPV6_RTHDR_TYPE_0) lo cual provoca amplificación de la red entre dos enrutadores. • http://docs.info.apple.com/article.html?artnum=305712 •
CVSS: 5.3EPSS: 0%CPEs: 62EXPL: 0CVE-2007-2243
https://notcve.org/view.php?id=CVE-2007-2243
25 Apr 2007 — OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483. OpenSSH 4.6 y anteriores, cuando ChallengeResponseAuthentication está habilitado, permite a atacantes remotos determinar la existencia de cuentas de usuario intentando autenticarse mediante S/KEY, lo cual muestra una respuesta dife... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053906.html • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 7%CPEs: 45EXPL: 0CVE-2007-1351 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1351
06 Apr 2007 — Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. Desbordamiento de enteros en la función bdfReadCharacters en (1) X.Org libXfont before 20070403 y (2) freetype 2.3.2 y permite a usuarios remotos validados ejecutar código de su elección a través de fuentes manipuladas BDF, las cueles dan como resultado un de... • http://issues.foresightlinux.org/browse/FL-223 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 9%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
06 Apr 2007 — Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 •
CVSS: 10.0EPSS: 37%CPEs: 2EXPL: 1CVE-2007-1365 – OpenBSD 3.x/4.x - ICMPv6 Packet Handling Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1365
10 Mar 2007 — Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service. Desbordamiento de búfer en kern/uipc_mbuf2.c en OpenBSD 3.9 y 4.0 permite a atacantes remotos ejecutar código arbitrario a través de paquetes IPv6 framentados debido a "manipulación incorrecta de mbuf para paquetes ICMP6". NOTA: Esto fue reportado originalmente c... • https://www.exploit-db.com/exploits/29725 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2007-0343
https://notcve.org/view.php?id=CVE-2007-0343
18 Jan 2007 — OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. OpenBSD anterior a 20070116 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y agotamiento de CPU) a través de ciertos IPv6 ICMP (también conocido como ICMP6) repitiendo los paquetes de peticiones. • http://secunia.com/advisories/23830 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2007-0085 – OpenBSD 3.x < 4.0 - 'vga_ioctl()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-0085
05 Jan 2007 — Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference. Vulnerabilidad no especificada en sys/dev/pci/vga_pci.c en los controladores gráficos VGA para wscons en OpenBSD 3.9 y 4.0, cuando el núcleo está compilado la opción PCIAGP y un dispositivo no-AG... • https://www.exploit-db.com/exploits/3094 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-6730
https://notcve.org/view.php?id=CVE-2006-6730
26 Dec 2006 — OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2. OpenBSD y NetBSD permiten al código en modo de usuario ... • http://lists.freedesktop.org/archives/xorg/2004-June/000927.html •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6397
https://notcve.org/view.php?id=CVE-2006-6397
08 Dec 2006 — Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability ** IMPUGNADO ** Desbordamiento de entero en banner/banner.c de FreeBSD, NetBSD, y OpenBSD podría permitir a usuarios locales modificar la memoria mediante un banner largo. NOTA: CVE y múltiples t... • http://www.securityfocus.com/archive/1/452322/100/200/threaded •