Page 3 of 66 results (0.003 seconds)

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.8/SCOSA-2005.8.txt http://www.vupen.com/english/advisories/2005/0077 •

CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://securitytracker.com/id?1013967 http://sunsolve.sun.com/search/document.do? •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.1/SCOSA-2005.1.txt http://secunia.com/advisories/13805 http://www.securityfocus.com/archive/1/386814 http://www.securityfocus.com/bid/12225 •

CVSS: 7.5EPSS: 4%CPEs: 68EXPL: 0

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https: •

CVSS: 2.1EPSS: 0%CPEs: 21EXPL: 3

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. main.c de cscope 15-4 y 15-5 crea ficheros temporales con nombres predecibles, lo que permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos. • https://www.exploit-db.com/exploits/24750 https://www.exploit-db.com/exploits/24749 http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://marc.info/?l=bugtraq&m=110133485519690&w=2 http://secunia.com/advisories/26235 http://www.debian.org/security/2004/dsa-610 http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml http://www.securityfocus.com/archive/1/381443 http://www.securit •