Page 41 of 321 results (0.007 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. • http://www.securityfocus.com/archive/1/215984 http://www.securityfocus.com/bid/3357 https://exchange.xforce.ibmcloud.com/vulnerabilities/7164 •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 2

libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. • https://www.exploit-db.com/exploits/21114 http://archives.neohapsis.com/archives/bugtraq/2001-09/0173.html http://www.osvdb.org/6073 https://exchange.xforce.ibmcloud.com/vulnerabilities/8697 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 1

NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc http://www.securityfocus.com/bid/2799 https://exchange.xforce.ibmcloud.com/vulnerabilities/6636 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:59.rmuser.v1.1.asc http://www.osvdb.org/1947 http://www.securityfocus.com/bid/3282 https://exchange.xforce.ibmcloud.com/vulnerabilities/7086 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:53.ipfw.asc http://www.osvdb.org/1937 http://www.securityfocus.com/bid/3206 https://exchange.xforce.ibmcloud.com/vulnerabilities/7002 •