Page 47 of 255 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0

The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. • http://www.openbsd.org/advisories/sourceroute.txt http://www.osvdb.org/11502 https://exchange.xforce.ibmcloud.com/vulnerabilities/736 •

CVSS: 5.0EPSS: 14%CPEs: 33EXPL: 1

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. • https://www.exploit-db.com/exploits/19117 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513 •

CVSS: 7.5EPSS: 1%CPEs: 32EXPL: 0

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017 •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

The open() function in FreeBSD allows local attackers to write to arbitrary files. • http://www.osvdb.org/6092 •

CVSS: 2.1EPSS: 0%CPEs: 17EXPL: 2

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. • https://www.exploit-db.com/exploits/19346 http://marc.info/?l=bugtraq&m=87602167418317&w=2 http://marc.info/?l=bugtraq&m=87602248718482&w=2 http://www.iss.net/security_center/static/7172.php http://www.securityfocus.com/bid/456 •