Page 25 of 321 results (0.006 seconds)

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc http://secunia.com/advisories/18599 http://securitytracker.com/id?1015541 http://www.osvdb.org/22731 http://www.securityfocus.com/bid/16373 https://exchange.xforce.ibmcloud.com/vulnerabilities/24340 •

CVSS: 5.0EPSS: 4%CPEs: 9EXPL: 0

A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-004.txt.asc http://secunia.com/advisories/18609 http://securitytracker.com/id?1015542 http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104 http://www.osvdb.org/22732 http://www.securityfocus.com/bid/16375 https://exchange.xforce.ibmcloud.com/vulnerabilities/24337 •

CVSS: 10.0EPSS: 8%CPEs: 2EXPL: 0

Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc http://kernelwars.blogspot.com/2007/01/alive.html http://secunia.com/advisories/18353 http://securitytracker.com/id?1015518 http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson http://www.osvdb.org/22537 http://www.securityfocus.com/bid/16296 http://www.signedness.org/advisories/sps-0x1.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/24192 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:04.ipfw.asc http://secunia.com/advisories/18378 http://securitytracker.com/id?1015477 http://www.osvdb.org/22319 http://www.securityfocus.com/bid/16209 https://exchange.xforce.ibmcloud.com/vulnerabilities/24073 • CWE-824: Access of Uninitialized Pointer •

CVSS: 2.1EPSS: 0%CPEs: 28EXPL: 0

The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc http://secunia.com/advisories/18404 http://securitytracker.com/id?1015469 http://www.osvdb.org/22320 http://www.securityfocus.com/bid/16207 https://exchange.xforce.ibmcloud.com/vulnerabilities/24074 •