Page 4 of 52 results (0.006 seconds)

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 2

The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. • http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041177.html http://www.redteam-pentesting.de/advisories/rt-sa-2005-015.txt http://www.redteam-pentesting.de/advisories/rt-sa-2005-15.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/24037 •

CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •

CVSS: 5.0EPSS: 4%CPEs: 17EXPL: 1

The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. • http://secunia.com/advisories/13819 http://securitytracker.com/id?1012861 http://www.openbsd.org/errata35.html http://www.securityfocus.com/bid/12250 •

CVSS: 5.0EPSS: 38%CPEs: 1EXPL: 0

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y anteriores permite a atacantes remotos causar una denegación de servicio (bucle infinito) mediante un paquete ISAKMP con una carga útil de logitud cero, como se ha demostrado por la Suite de pruebas de protocolos ISAKMP Striker. • http://marc.info/?l=bugtraq&m=108008530028019&w=2 http://secunia.com/advisories/11156 http://www.kb.cert.org/vuls/id/349113 http://www.openbsd.org/errata.html http://www.rapid7.com/advisories/R7-0018.html http://www.securityfocus.com/bid/10028 http://www.securitytracker.com/alerts/2004/Mar/1009468.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15518 •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio a través de un paquete ISAKMP con una carga útil Cert Request malformada, lo que provoca un desbordamiento inferior de entero que es usado en una operación malloc que no se maneja adecuadamente, según lo demonstrado por el Striker ISAKMP Protocol Test Suite. • http://marc.info/?l=bugtraq&m=108008530028019&w=2 http://www.kb.cert.org/vuls/id/223273 http://www.openbsd.org/errata.html http://www.rapid7.com/advisories/R7-0018.html http://www.securityfocus.com/bid/9907 http://www.securitytracker.com/alerts/2004/Mar/1009468.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15629 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •