Page 5 of 51 results (0.008 seconds)

CVSS: 10.0EPSS: 35%CPEs: 51EXPL: 4

24 May 2001 — Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. • https://www.exploit-db.com/exploits/20731 •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

03 May 2001 — The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. • http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

03 May 2001 — Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. • http://www.openbsd.org/errata.html#ipsec_ah •

CVSS: 7.5EPSS: 7%CPEs: 7EXPL: 3

19 Dec 2000 — OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. • https://www.exploit-db.com/exploits/20271 •

CVSS: 7.5EPSS: 1%CPEs: 23EXPL: 0

30 Dec 1999 — ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. ip_input.c en implementaciones de TCP/IP derivadas de BSD permiten a atacantes remotos causar una denegación de servicio (cuelgue o caída) mediante paquetes artesanales. • http://www.openbsd.org/errata23.html#tcpfix • CWE-20: Improper Input Validation •

CVSS: 7.2EPSS: 0%CPEs: 27EXPL: 2

09 Aug 1999 — The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. • https://www.exploit-db.com/exploits/19447 •

CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0

04 Nov 1998 — IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. • http://www.osvdb.org/908 • CWE-476: NULL Pointer Dereference •

CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0

21 May 1998 — Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303 •

CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0

20 Feb 1998 — FreeBSD mmap function allows users to modify append-only or immutable files. • ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

01 Feb 1998 — The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. • http://www.openbsd.org/advisories/sourceroute.txt •