CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 3CVE-2016-1885 – FreeBSD 10.2 (x64) - 'amd64_set_ldt' Heap Overflow
https://notcve.org/view.php?id=CVE-2016-1885
17 Mar 2016 — Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow. Error de entero sin signo en la función amd64_set_ldt en sys/amd64/amd64/sys_machdep.c en FreeBSD 9.3 en versiones anteriores a p39, 10.1 en versiones anteriores a p31 y 10.2 en versiones anteriores a p14 permite a usua... • https://packetstorm.news/files/id/136276 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 6%CPEs: 91EXPL: 0CVE-2015-7977 – ntp: restriction list NULL pointer dereference
https://notcve.org/view.php?id=CVE-2015-7977
25 Feb 2016 — ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. ntpd en NTP en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) mediante un comando ntpdc reslist. A NULL pointer dereference flaw was found in the way ntpd processed 'ntpdc reslist' commands that queried restriction lists with a large a... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1883 – FreeBSD Security Advisory - FreeBSD-SA-16:10.linux
https://notcve.org/view.php?id=CVE-2016-1883
27 Jan 2016 — The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors. La llamada de sistema issetugid en la capa de compatibilidad de Linux en FreeBSD 9.3, 10.1 y 10.2 permite a usuarios locales obtener privilegios a través de vectores no especificados. A programming error in the Linux compatibility layer could cause the issetugid(2) system call to return incorrect information. If an application relies on output of the issetug... • http://www.securitytracker.com/id/1034872 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 3%CPEs: 81EXPL: 0CVE-2015-7973 – HPE Security Bulletin HPESBHF03750 1
https://notcve.org/view.php?id=CVE-2015-7973
27 Jan 2016 — NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network. NTP en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90, cuando está configurado en modo de difusión, permite a atacantes man-in-the-middle realizar ataques de repetición rastreando la red. Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perfo... • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html • CWE-254: 7PK - Security Features •
CVSS: 7.8EPSS: 30%CPEs: 3EXPL: 2CVE-2016-1879 – FreeBSD SCTP ICMPv6 - Error Processing
https://notcve.org/view.php?id=CVE-2016-1879
15 Jan 2016 — The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet. El módulo Stream Control Transmission Protocol (SCTP) en FreeBSD 9.3 en versiones anteriores a p33, 10.1 en versiones anteriores a p26 y 10.2 en versiones anteriores a p9, cuando el kernel está configurado ... • https://packetstorm.news/files/id/135369 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1880 – FreeBSD Security Advisory - FreeBSD-SA-16:03.linux
https://notcve.org/view.php?id=CVE-2016-1880
15 Jan 2016 — The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists." La capa de compatibilidad de Linux en el kernel en FreeBSD 9.3, 10.1 y 10.2 permite a usuarios locales leer porciones de la memoria del kernel y potencialmente obtener privilegios a través de vectores no especificados, relacionado con "manejo de listas robustas de futex de Lin... • http://www.securitytracker.com/id/1034675 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1881 – FreeBSD Security Advisory - FreeBSD-SA-16:04.linux
https://notcve.org/view.php?id=CVE-2016-1881
15 Jan 2016 — The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call. El kernel en FreeBSD 9.3, 10.1 y 10.2 permite a usuarios locales provocar una denegación de servicio (caída) o potencialmente obtener privilegios a través de una llamada de sistema setgroups de capa de compatibilidad de Linux. A programming error in the Linux compatibility layer setgroups(2) system call can lead to an u... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1882 – FreeBSD Security Advisory - FreeBSD-SA-16:05.tcp
https://notcve.org/view.php?id=CVE-2016-1882
15 Jan 2016 — FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options. FreeBSD 9.3 en versiones anteriores a p33, 10.1 en versiones anteriores a p26 y 10.2 en versiones anteriores a p9 permiten a atacantes remotos causar una denegación de servicio (caída de kernel) a través de vectores relacionados con la creación de una conexión TCP con las opciones sock... • http://www.securitytracker.com/id/1034677 • CWE-19: Data Processing Errors •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2015-5677 – FreeBSD bsnmpd Information Disclosure
https://notcve.org/view.php?id=CVE-2015-5677
15 Jan 2016 — bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file. bsnmpd, como se utiliza en FreeBSD 9.3, 10.1 y 10.2, utiliza permisos de lectura universal en el archivo snmpd.config, lo que permite a usuarios locales obtener la clave secreta para autenticación USM leyendo el archivo. The SNMP protocol supports an authentication model called USM, which relies on a shared sec... • https://packetstorm.news/files/id/135296 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 0CVE-2015-1418 – FreeBSD Security Advisory - patch Shell Injection
https://notcve.org/view.php?id=CVE-2015-1418
06 Aug 2015 — The do_ed_script function in pch.c in GNU patch through 2.7.6, and patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1, allows remote attackers to execute arbitrary commands via a crafted patch file, because a '!' character can be passed to the ed program. La función do_ed_script en pch.c en GNU patch hasta la versión 2.7.6; y patch in FreeBSD en versiones 10.1 anteriores a la 10.1-RELEASE-p17, versiones 10.2 anteriores a la 1... • http://rachelbythebay.com/w/2018/04/05/bangpatch • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •