Page 2 of 17 results (0.010 seconds)

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.8/SCOSA-2005.8.txt http://www.vupen.com/english/advisories/2005/0077 •

CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://securitytracker.com/id?1013967 http://sunsolve.sun.com/search/document.do? •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.1/SCOSA-2005.1.txt http://secunia.com/advisories/13805 http://www.securityfocus.com/archive/1/386814 http://www.securityfocus.com/bid/12225 •

CVSS: 2.1EPSS: 0%CPEs: 21EXPL: 3

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. main.c de cscope 15-4 y 15-5 crea ficheros temporales con nombres predecibles, lo que permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos. • https://www.exploit-db.com/exploits/24750 https://www.exploit-db.com/exploits/24749 http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://marc.info/?l=bugtraq&m=110133485519690&w=2 http://secunia.com/advisories/26235 http://www.debian.org/security/2004/dsa-610 http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml http://www.securityfocus.com/archive/1/381443 http://www.securit •

CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 8

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes inyectando repetidamente un paquete TCP RST, especialmente en protocolos que usan conexiones de vida larga, como BGP. • https://www.exploit-db.com/exploits/291 https://www.exploit-db.com/exploits/24030 https://www.exploit-db.com/exploits/24031 https://www.exploit-db.com/exploits/24033 https://www.exploit-db.com/exploits/24032 https://www.exploit-db.com/exploits/942 https://www.exploit-db.com/exploits/276 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt ftp://ftp.sco.com/ •