CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2006-4516 – FreeBSD 5.4/6.0 - 'ptrace PT_LWPINFO' Local Denial of Service
https://notcve.org/view.php?id=CVE-2006-4516
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call. Error de signo de entero en FreeBSD 6.0-RELEASE permite a usuarios locales propiciar una denegación de servicio (corrupción de memoria y pánico kernel) mediante una órden PT_LWPINFO ptrace con un valor de dato grande y negativo que concuerda con una validación de máximo valor con signo, pero que es usado en la devolución sin signo de una función. • https://www.exploit-db.com/exploits/2524 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=419 http://secunia.com/advisories/22367 http://www.securityfocus.com/bid/20440 https://exchange.xforce.ibmcloud.com/vulnerabilities/29476 •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2006-4172
https://notcve.org/view.php?id=CVE-2006-4172
Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178. Vulnerabilidad por desbordamiento de entero en la llamada i386_set_ldt en FreeBSD 5.5, y posiblemente versiones anteriores desde la 5.2, permite a usuarios locales provocar denegación de servicio (caída) y posiblemente ejecutar código mediante vectores no especificados, una vulnerabilidad diferente a CVE-2006-4178. • http://archives.neohapsis.com/archives/bugtraq/2006-09/0376.html http://secunia.com/advisories/22064 http://securitytracker.com/id?1016926 http://securitytracker.com/id?1016928 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=414 http://www.securityfocus.com/archive/1/446945/100/0/threaded http://www.securityfocus.com/bid/20158 https://exchange.xforce.ibmcloud.com/vulnerabilities/29132 •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 1CVE-2006-4178 – FreeBSD 5.x - 'I386_Set_LDT()' Multiple Local Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-4178
Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a different vulnerability than CVE-2006-4172. Error de presencia de signo (signedness) de entero en la llamada i386_set_ldt en FreeBSD 5.5, y posiblemente versiones anteriores desde la 5.2, permite a usuarios locales provocar una denegación de servicio (caída) mediante argumentos no especificados que usan enteros con signo negativo para provocar la llamada a la función bzero con un parámetro de gran longitud, una vulnerabilidad diferente a CVE-2006-4172. • https://www.exploit-db.com/exploits/28648 http://secunia.com/advisories/22064 http://securitytracker.com/id?1016927 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=415 http://www.securityfocus.com/archive/1/446946/100/0/threaded http://www.securityfocus.com/bid/20158 •
CVSS: 10.0EPSS: 6%CPEs: 11EXPL: 0CVE-2006-4304
https://notcve.org/view.php?id=CVE-2006-4304
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. Desbordamiento de búfer en el controlador sppp en FreeBSD 4.11 hasta 6.1, NetBSD 2.0 hasta 4.0 beta anterior al 23/08/2006, y OpenBSD 3.8 y 3.9 anterior al 02/09/2006 permite a atacanets remotos provocar una denegación de servicio (panic), obtener información sensible, y posiblemente ejecutar código de su elección mediante paquetes LCP (Link Control Protocol) modificados con una longitud de opciones que excede la longitud total, lo que provoca un desbordamiento en (1) pppoe y (2) ippp. NOTA: este problema fue inicial e incorrectamente reportado para el controlador ppp. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc http://secunia.com/advisories/21587 http://secunia.com/advisories/21731 http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch http://securitytracker.com/id?1016745 http://www.openbsd.org/errata.html#sppp http://www.openbsd.org/errata38.html#sppp http://www.securityfocus.com/bid/19684 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •
CVSS: 6.4EPSS: 0%CPEs: 15EXPL: 0CVE-2006-2655
https://notcve.org/view.php?id=CVE-2006-2655
The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. • http://secunia.com/advisories/20389 http://security.freebsd.org/advisories/FreeBSD-SA-06:15.ypserv.asc http://securitytracker.com/id?1016193 http://www.osvdb.org/25852 http://www.securityfocus.com/bid/18204 https://exchange.xforce.ibmcloud.com/vulnerabilities/26792 •