Page 17 of 118 results (0.007 seconds)

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with world-searchable permissions, which may allow local users to modify world-writable parts of the package during installation. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:01.pkg_add.asc http://www.securityfocus.com/bid/3819 https://exchange.xforce.ibmcloud.com/vulnerabilities/7852 •

CVSS: 1.2EPSS: 0%CPEs: 6EXPL: 0

procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:09.fstatfs.asc http://www.securityfocus.com/bid/4040 https://exchange.xforce.ibmcloud.com/vulnerabilities/8112 •

CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0

tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. • http://online.securityfocus.com/archive/1/283033 http://www.iss.net/security_center/static/9633.php http://www.securityfocus.com/bid/5265 • CWE-667: Improper Locking •

CVSS: 3.7EPSS: 0%CPEs: 52EXPL: 0

Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc http://www.osvdb.org/19475 http://www.securityfocus.com/bid/3891 https://exchange.xforce.ibmcloud.com/vulnerabilities/7945 •

CVSS: 5.0EPSS: 12%CPEs: 11EXPL: 1

BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. BIND 8.3.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (terminación debido a fallo en aseveración) mediante una petición para un subdominio que no existe, con un registro de recurso OPT con una carga UDP grande. • https://www.exploit-db.com/exploits/22011 http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://marc.info/?l=bugtraq&m=103713117612842&w=2 http://marc.info/?l=bugtraq&m=103763574715133&w=2 http://online.securityfocus.com/advisories/4999 http://online.securityfocus.com/archive/1/300019 http://www.cert.org/advisories/CA-2002-31.html http://www.ciac.org/ciac/bulletins/n-013. •