CVSS: 9.8EPSS: 74%CPEs: 49EXPL: 2CVE-2007-3798 – tcpdump - Print-bgp.C Remote Integer Underflow
https://notcve.org/view.php?id=CVE-2007-3798
16 Jul 2007 — Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. Un desbordamiento de enteros en el archivo print-bgp.c en el disector BGP en tcpdump versión 3.9.6 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de TLVs especialmente diseñados en un paquete BGP, relacionado a un valor de retorno no comprobado. • https://www.exploit-db.com/exploits/30319 • CWE-190: Integer Overflow or Wraparound CWE-252: Unchecked Return Value •
CVSS: 7.8EPSS: 32%CPEs: 9EXPL: 0CVE-2007-2242 – IPv6 routing headers issue
https://notcve.org/view.php?id=CVE-2007-2242
25 Apr 2007 — The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. El protocolo IPv6 permite a atacantes remotos provocar una denegación de servicio mediante cabeceras IPv6 de enrutamiento de tipo 0 (IPV6_RTHDR_TYPE_0) lo cual provoca amplificación de la red entre dos enrutadores. • http://docs.info.apple.com/article.html?artnum=305712 •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 1CVE-2007-0166
https://notcve.org/view.php?id=CVE-2007-0166
11 Jan 2007 — The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/console.log during a jail start-up, or when file systems are mounted or unmounted, which allows local root users to overwrite arbitrary files, or mount/unmount files, outside of the jail via a symlink attack. El script de cárcel rc.d en FreeBSD 5.3 hasta to 6.2 no verifica nombres de ruta cuando escribe en /var/log/console.log durante un arranque de cárcel, o cuando ficheros del sistema están montados o desmonta... • http://osvdb.org/32726 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2006-4172
https://notcve.org/view.php?id=CVE-2006-4172
26 Sep 2006 — Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178. Vulnerabilidad por desbordamiento de entero en la llamada i386_set_ldt en FreeBSD 5.5, y posiblemente versiones anteriores desde la 5.2, permite a usuarios locales provocar denegación de servicio (caída) y posiblemente ejecutar código... • http://archives.neohapsis.com/archives/bugtraq/2006-09/0376.html •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2006-4178 – FreeBSD 5.x - 'I386_Set_LDT()' Multiple Local Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-4178
26 Sep 2006 — Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a different vulnerability than CVE-2006-4172. Error de presencia de signo (signedness) de entero en la llamada i386_set_ldt en FreeBSD 5.5, y posiblemente versiones anteriores desde la 5.2, permite a usuarios locale... • https://www.exploit-db.com/exploits/28648 •
CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0CVE-2006-1283
https://notcve.org/view.php?id=CVE-2006-1283
23 Mar 2006 — opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd. 'opiepasswd' en One-Time Passwords en Everything (OPIE) en FreeBSDE 4.10-RELEASE-p22 a 6.1-STABLE anteriores a 20060322 usa la función "getlo... • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:12.opie.asc •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2005-4351
https://notcve.org/view.php?id=CVE-2005-4351
31 Dec 2005 — The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. • http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html •
CVSS: 7.5EPSS: 79%CPEs: 296EXPL: 2CVE-2005-0356 – TCP TIMESTAMPS - Denial of Service
https://notcve.org/view.php?id=CVE-2005-0356
31 May 2005 — Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 •
CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0CVE-2005-0109
https://notcve.org/view.php?id=CVE-2005-0109
05 Mar 2005 — Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt •
CVSS: 9.8EPSS: 5%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
31 Dec 2004 — Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 •