CVSS: 9.8EPSS: 0%CPEs: 29EXPL: 0CVE-2011-2168
https://notcve.org/view.php?id=CVE-2011-2168
24 May 2011 — Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418. Múltiples desbordamientos de entero en la implementación de glob en libc en OpenBSD anterior a v4.9 podría permitir a atacantes dependientes de contexto tener un impacto no especificado a través de una cadena manipulada, relacionado con el GLOB_APP... • http://securityreason.com/achievement_securityalert/97 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2011-1013 – kernel: drm_modeset_ctl signedness issue
https://notcve.org/view.php?id=CVE-2011-1013
09 May 2011 — Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument. Error de enteros sin signo en F... • https://packetstorm.news/files/id/105078 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2009-3572
https://notcve.org/view.php?id=CVE-2009-3572
06 Oct 2009 — OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not properly handle XMM exceptions, which allows local users to cause a denial of service (kernel panic) via unspecified vectors. OpenBSD v4.4, v4.5, y v4.6, cuando se ejecuta sobre un kernel i386 no maneja adecuadamente la excepciones XMM, lo que permite a usuarios locales producir una denegación de servicio (kernel panic) a través de vectores inespecíficos. • http://marc.info/?l=openbsd-security-announce&m=125474331811594 •
CVSS: 7.8EPSS: 12%CPEs: 7EXPL: 3CVE-2009-0687 – Multiple Vendor - PF Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2009-0687
11 Aug 2009 — The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload. La función pf_test_rule de OpenBSD Packet Filter (PF), tal como es usada en OpenBSD v4.2 hasta v4.5, NetBSD v5.0 anterior a RC3, MirOS v10 y anteriores ... • https://www.exploit-db.com/exploits/8581 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 4%CPEs: 26EXPL: 2CVE-2009-0537 – Libc - 'libc:fts_*()' Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-0537
05 Mar 2009 — Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise. Desbordamiento de entero en la función fts_build en fts.c de libc sobre (1) OpenBSD v4.4 y anteriore... • https://www.exploit-db.com/exploits/8163 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2009-0780
https://notcve.org/view.php?id=CVE-2009-0780
04 Mar 2009 — The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote attackers to cause a denial of service (application crash) via an Autonomous System (AS) advertisement containing a long AS path. La función aspath_prepend de rde_attr.c de bgpd de OpenBSD v4.3 y v4.4, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un aviso Autonomous System (AS) que contiene una ruta AS larga. • http://openbsd.org/errata43.html#010_bgpd •
CVSS: 7.5EPSS: 0%CPEs: 2049EXPL: 1CVE-2008-4609 – HP Security Bulletin HPSBMI02473 SSRT080138
https://notcve.org/view.php?id=CVE-2008-4609
20 Oct 2008 — The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, p... • https://github.com/mrclki/sockstress • CWE-16: Configuration •
CVSS: 9.3EPSS: 14%CPEs: 10EXPL: 0CVE-2008-2476 – TP-Link VxWorks / 2-Series Switches Fail
https://notcve.org/view.php?id=CVE-2008-2476
02 Oct 2008 — The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). La implementación IPv6 Neighbor Discovery ... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 10%CPEs: 3EXPL: 3CVE-2008-4247 – Multiple Vendor FTP Server - Long Command Handling Security
https://notcve.org/view.php?id=CVE-2008-4247
25 Sep 2008 — ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser. ftpd en OpenBSD 4.3, FreeBSD 7.0, y NetBSD 4.0 interpreta como múltiples comandos los comandos largos desde un cliente FTP, lo... • https://www.exploit-db.com/exploits/32399 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 4CVE-2008-1215 – BSD PPP 'pppx.conf' - Local Denial of Service
https://notcve.org/view.php?id=CVE-2008-1215
09 Mar 2008 — Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters. Desbordamiento de búfer basado en pila en la función command_Expand_Interpret de command.c en ppp (aka user-ppp), como se distribuyó en FreeBSD 6.3 y 7.0, OpenBSD 4.1 y 4.2, y el paquete net/userppp para NetBSD, permite a us... • https://www.exploit-db.com/exploits/31333 • CWE-264: Permissions, Privileges, and Access Controls •