Page 24 of 176 results (0.005 seconds)

CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 1

Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file. • https://www.exploit-db.com/exploits/21881 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc http://marc.info/?l=bugtraq&m=103342413220529&w=2 http://secunia.com/advisories/7181 http://secunia.com/advisories/7252 http://www.osvdb.org/6098 http://www.securityfocus.com/bid/5837 https://exchange.xforce.ibmcloud.com/vulnerabilities/10261 •

CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 3

Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. Sendmail Consortium's Restricted Shell (SMRSH) en Sendmail 8.12.6, 8.11.6-15 y anteriores, permite a atacantes puentear las restricciones pretendidas de smrsh insertando caractéres adicionales después de secuencias "||" (dos barras verticales) o "/" (barra), que no son adecuadamente filtradas o verificadas. • https://www.exploit-db.com/exploits/21884 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000532 http://marc.info/?l=bugtraq&m=103350914307274&w=2 http://secunia.com/advisories/7826 http://www.iss.net/security_center/static/10232.php http://www.mandriva.com/security/advisories?name=MDKSA-2002:083 http://www.redhat.com/support/errata/RHSA-2003-073.html http://www.securityfocus.com/bi •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG http://www.iss.net/security_center/static/8416.php http://www.osvdb.org/5304 http://www.securityfocus.com/archive/1/259598 http://www.securityfocus.com/bid/4224 •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. Vulnerabilidad de cadena de formato en la función startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote(). • http://marc.info/?l=bugtraq&m=96994604300675&w=2 http://online.securityfocus.com/archive/1/137555 http://www.iss.net/security_center/static/5286.php http://www.redhat.com/support/errata/RHSA-2000-066.html http://www.securityfocus.com/bid/1711 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1

The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. • ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137 http://online.securityfocus.com/archive/1/262733 http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022 http://www.iss.net/security_center/static/8485.php http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110 http://www.osvdb.org/5308 http://www.securityfocus.com/bi •