Page 38 of 391 results (0.007 seconds)

CVSS: 7.5EPSS: 1%CPEs: 38EXPL: 0

A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc http://secunia.com/advisories/19366 http://securitytracker.com/id?1015809 http://www.osvdb.org/24068 http://www.securityfocus.com/bid/17191 https://exchange.xforce.ibmcloud.com/vulnerabilities/25398 •

CVSS: 5.0EPSS: 4%CPEs: 9EXPL: 0

OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:09.openssh.asc http://bugzilla.mindrot.org/show_bug.cgi?id=839 http://securityreason.com/securityalert/520 http://securitytracker.com/id?1015706 http://www.osvdb.org/23797 http://www.securityfocus.com/bid/16892 http://www.vupen.com/english/advisories/2006/0805 https://exchange.xforce.ibmcloud.com/vulnerabilities/25116 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 96%CPEs: 1EXPL: 1

nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite. • https://www.exploit-db.com/exploits/1540 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:10.nfs.asc http://lists.immunitysec.com/pipermail/dailydave/2006-February/002982.html http://secunia.com/advisories/19017 http://securityreason.com/securityalert/521 http://www.osvdb.org/23511 http://www.securityfocus.com/bid/16838 https://exchange.xforce.ibmcloud.com/vulnerabilities/24918 •

CVSS: 5.0EPSS: 6%CPEs: 2EXPL: 0

Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:08.sack.asc http://secunia.com/advisories/18696 http://securityreason.com/securityalert/399 http://securitytracker.com/id?1015566 http://www.osvdb.org/22861 http://www.securityfocus.com/bid/16466 http://www.vupen.com/english/advisories/2006/0409 https://exchange.xforce.ibmcloud.com/vulnerabilities/24453 •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc http://secunia.com/advisories/18599 http://securitytracker.com/id?1015541 http://www.osvdb.org/22730 http://www.securityfocus.com/bid/16373 https://exchange.xforce.ibmcloud.com/vulnerabilities/24338 •