Page 30 of 245 results (0.013 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:53.ipfw.asc http://www.osvdb.org/1937 http://www.securityfocus.com/bid/3206 https://exchange.xforce.ibmcloud.com/vulnerabilities/7002 •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:56.tcp_wrappers.asc http://www.osvdb.org/5454 • CWE-863: Incorrect Authorization •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:55.procfs.asc http://www.iss.net/security_center/static/7017.php http://www.osvdb.org/1938 http://www.securityfocus.com/bid/3217 •

CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0

fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html http://www.iss.net/security_center/static/8715.php http://www.openbsd.org/errata28.html http://www.osvdb.org/5466 http://www.securityfocus.com/bid/3205 •

CVSS: 10.0EPSS: 0%CPEs: 87EXPL: 3

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt http://archives.neohapsis.com/archives/hp/2001-q4/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •