Page 21 of 143 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 87EXPL: 3

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt http://archives.neohapsis.com/archives/hp/2001-q4/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 2

FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:42.signal.v1.1.asc http://archives.neohapsis.com/archives/bugtraq/2001-07/0179.html http://ciac.llnl.gov/ciac/bulletins/l-111.shtml http://www.kb.cert.org/vuls/id/943633 http://www.osvdb.org/1897 http://www.securityfocus.com/bid/3007 https://exchange.xforce.ibmcloud.com/vulnerabilities/6829 •

CVSS: 5.0EPSS: 1%CPEs: 29EXPL: 2

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. • https://www.exploit-db.com/exploits/20997 http://www.securityfocus.com/archive/1/195457 http://www.securityfocus.com/bid/2997 https://exchange.xforce.ibmcloud.com/vulnerabilities/6824 •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. • http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3 http://www.osvdb.org/5641 http://www.redhat.com/support/errata/RHSA-2001-022.html http://www.redhat.com/support/errata/RHSA-2001-023.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6261 •

CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0

time server daemon timed allows remote attackers to cause a denial of service via malformed packets. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:28.timed.asc http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-034.php3 http://www.novell.com/linux/security/advisories/2001_007_nkitserv.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6228 •