Page 5 of 193 results (0.010 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1

The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root. El componente barracudavpn de Barracuda VPN Client, en versiones anteriores a la 5.0.2.7 para Linux, macOS y OpenBSD, se ejecuta como proceso privilegiado y puede permitir que un atacante local sin privilegios cargue una librería maliciosa, lo que resulta en la ejecución de código arbitrario como root. • http://campus.barracuda.com/product/networkaccessclient/doc/78154147/release-notes-barracuda-vpn-client-for-macos https://blog.mirch.io/2019/02/14/cve-2019-6724-barracuda-vpn-client-privilege-escalation-on-linux-and-macos https://campus.barracuda.com/product/networkaccessclient/doc/78154149/release-notes-barracuda-vpn-client-for-linux • CWE-426: Untrusted Search Path •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture. tss_alloc en sys/arch/i386/i386/gdt.c en OpenBSD 6.2 y 6.3 tiene una denegación de servicio (DoS) local (cierre inesperado del sistema) debido a un acceso incorrecto al puerto I/O en la arquitectura i386. • http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c.diff?r1=1.37&r2=1.37.8.1&f=h http://www.securitytracker.com/id/1041550 https://ftp.openbsd.org/pub/OpenBSD/patches/6.2/common/020_ioport.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/015_ioport.patch.sig • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions. Existe un error en la implementación de OpenBSD de la página stack guard que permite que los atacantes la omitan, lo que resulta en la ejecución de código arbitrario mediante el uso de binarios setuid como /usr/bin/at. Esto afecta a OpenBSD 6.1 y posiblemente a versiones anteriores. • http://www.securityfocus.com/bid/99172 https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/008_exec_subr.patch.sig https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt •

CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 1

The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions. La función qsort() de OpenBSD es recursiva y no aleatorizada, por lo que un atacante puede construir un array de entrada patológica de elementos N que provoca que qsort() se repita inevitablemente N/4 veces. Esto permite que los atacantes consuman cantidades de memoria de pila arbitrarias y manipulen la memoria de pila para ayudar en los ataques de ejecución de código arbitrario. • https://www.exploit-db.com/exploits/42271 http://www.securityfocus.com/bid/99177 http://www.securitytracker.com/id/1039427 https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/stdlib/qsort.c?rev=1.15&content-type=text/x-cvsweb-markup https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/HT208115 https://support.apple.com/HT208144 https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. La extensión mmap __MAP_NOFAULT en OpenBSD 5.8 y 5.9 permite a atacantes provocar una denegación de servicio (pánico en el kernel y caída) a través de un valor de gran tamaño. • http://www.openbsd.org/errata58.html http://www.openbsd.org/errata59.html http://www.openwall.com/lists/oss-security/2016/07/14/5 http://www.openwall.com/lists/oss-security/2016/07/17/7 http://www.securityfocus.com/bid/91805 http://www.securitytracker.com/id/1036318 • CWE-20: Improper Input Validation •