Page 30 of 345 results (0.007 seconds)

CVSS: 5.0EPSS: 4%CPEs: 9EXPL: 0

A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-004.txt.asc http://secunia.com/advisories/18609 http://securitytracker.com/id?1015542 http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104 http://www.osvdb.org/22732 http://www.securityfocus.com/bid/16375 https://exchange.xforce.ibmcloud.com/vulnerabilities/24337 •

CVSS: 10.0EPSS: 8%CPEs: 2EXPL: 0

Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc http://kernelwars.blogspot.com/2007/01/alive.html http://secunia.com/advisories/18353 http://securitytracker.com/id?1015518 http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson http://www.osvdb.org/22537 http://www.securityfocus.com/bid/16296 http://www.signedness.org/advisories/sps-0x1.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/24192 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:04.ipfw.asc http://secunia.com/advisories/18378 http://securitytracker.com/id?1015477 http://www.osvdb.org/22319 http://www.securityfocus.com/bid/16209 https://exchange.xforce.ibmcloud.com/vulnerabilities/24073 • CWE-824: Access of Uninitialized Pointer •

CVSS: 2.1EPSS: 0%CPEs: 28EXPL: 0

The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc http://secunia.com/advisories/18404 http://securitytracker.com/id?1015469 http://www.osvdb.org/22320 http://www.securityfocus.com/bid/16207 https://exchange.xforce.ibmcloud.com/vulnerabilities/24074 •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 2

The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. • http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/24037 •