CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2006-5680
https://notcve.org/view.php?id=CVE-2006-5680
The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before 2006-11-08 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive that causes libarchive to skip a region past the actual end of the archive, which triggers an infinite loop that attempts to read more data. La biblioteca libarchive en FreeBSD 6-STABLE posterior a 2006-09-05 y anterior a 2006-11-08 permite a atacantes locales o remotos provocar una denegación de servicio (agotamiento de CPU) mediante un fichero mal formado que provoca al libarchive saltar a una región mas allá del final del fichero, que dispara un bucle infinito que intenta leer mas datos. • http://secunia.com/advisories/22723 http://secunia.com/advisories/22801 http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc http://securitytracker.com/id?1017199 http://www.securityfocus.com/bid/20961 https://exchange.xforce.ibmcloud.com/vulnerabilities/30137 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5679
https://notcve.org/view.php?id=CVE-2006-5679
Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem. Desbordamiento de enteros en la función ffs_mountfs en FreeBSD 6.1 permite a un usuario local provocar denegación de servicio (panico) y posiblemente ejecutar código a través de un sitema de ficheros UFS manipulado que provoca parámetros inválidos o de gran tamaño para proveer la función kmem_alloc. NOTA: Una tercera parte indica que este asunto no pasa los limites de privilegio en FreeBSD ya que solo el root podría montar un sistema de archivos. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.freebsd.org/pipermail/freebsd-security/2007-January/004218.html http://projects.info-pull.com/mokb/MOKB-03-11-2006.html http://secunia.com/advisories/22736 http://secunia.com/advisories/24479 http://www.kb.cert.org/vuls/id/552136 http://www.securityfocus.com/bid/20918 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov& • CWE-189: Numeric Errors •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 3CVE-2006-5550 – FreeBSD 6.1 - '/dev/crypto' Local Kernel Denial of Service
https://notcve.org/view.php?id=CVE-2006-5550
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. El núcleo en FreeBSD 6.1 y OpenBSD 4.0 permite a usuarios locales provocar una denegación de servicio mediante vectores sin especificar relativas a peticiones concretas ioctl al /dev/crypto. • https://www.exploit-db.com/exploits/2639 http://elegerov.blogspot.com/2006/10/here-is-lame-proof-of-concept-code-for.html http://secunia.com/advisories/22543 http://www.securityfocus.com/bid/20713 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1CVE-2006-5482 – FreeBSD 6.1-RELEASE-p10 - 'ftruncate' Local Denial of Service
https://notcve.org/view.php?id=CVE-2006-5482
ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX. ufs_vnops.c en FreeBSD 6.1 permite a usuarios locales provocar una denegación de servicio llamando a la función ftruncate en un archivo que no es del tipo VREG, VLNK ni VDIR, el cual no está definido en POSIX. Month of Apple Bugs - This is a specially crafted HFS+ filesystem in a DMG image that can cause the do_hfs_truncate() function to panic the kernel (denial of service), when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+ filesystems corruption. • https://www.exploit-db.com/exploits/2541 http://lists.freebsd.org/pipermail/cvs-src/2006-May/064488.html http://secunia.com/advisories/22413 http://www.securityfocus.com/bid/20522 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1CVE-2006-5483 – FreeBSD 6.1-RELEASE-p10 - 'scheduler' Local Denial of Service
https://notcve.org/view.php?id=CVE-2006-5483
p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root. p1003_1b.c en FreeBSD 6.1 permite a usuarios locales provocar una denegación de servicio no especificada estableciendo una política de tareas, lo cual sólo debe ser configurable por el usuario root. • https://www.exploit-db.com/exploits/2542 http://lists.freebsd.org/pipermail/cvs-src/2006-May/063969.html http://secunia.com/advisories/22413 http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/posix4/p1003_1b.c.diff?r1=1.24&r2=1.24.2.1 http://www.securityfocus.com/bid/20517 •