Page 22 of 169 results (0.014 seconds)

CVSS: 4.6EPSS: 0%CPEs: 18EXPL: 0

Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl. • http://marc.info/?l=bugtraq&m=102976839728706&w=2 http://www.iss.net/security_center/static/9903.php http://www.securityfocus.com/bid/5493 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-013.txt.asc http://marc.info/?l=bugtraq&m=102865517214722&w=2 http://www.info.apple.com/usen/security/security_updates.html http://www.osvdb.org/5072 http://www.securityfocus.com/bid/5402 https://exchange.xforce.ibmcloud.com/vulnerabilities/9772 •

CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0

The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end. • http://marc.info/?l=bugtraq&m=102865142610126&w=2 http://www.iss.net/security_center/static/9774.php http://www.osvdb.org/5069 http://www.securityfocus.com/bid/5405 •

CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. Kerberos 5 su (k5su) en FreeBSD 4.4 y anteriores se basa en la llamada al sistema getlogin para determinar si el usuario que esta ejecutando k5su es root, lo cual podría permitir a procesos sin privilegios, la obtención de permisos si ese proceso tiene un getlogin como root. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc http://www.iss.net/security_center/static/7956.php http://www.securityfocus.com/bid/3919 •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG http://www.iss.net/security_center/static/8416.php http://www.osvdb.org/5304 http://www.securityfocus.com/archive/1/259598 http://www.securityfocus.com/bid/4224 •