CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 3CVE-2008-5736 – FreeBSD 6.4 - Netgraph Privilege Escalation
https://notcve.org/view.php?id=CVE-2008-5736
26 Dec 2008 — Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets. Múltiples vulnerabilidades sin especificar en FreeBSD 6 antes de 6.4-STABLE, 6.3 antes de 6.3-RELEASE-p7, 6.4 antes de 6.4-RELEASE-p1... • https://www.exploit-db.com/exploits/16951 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 30EXPL: 0CVE-2008-5162
https://notcve.org/view.php?id=CVE-2008-5162
26 Nov 2008 — The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various network protocols, related to the Yarrow random number generator. La función arc4random en el kernel enFreeBSD 6.3 a 7.1 no tiene una adecuada fuente de entropía durante un corto período de tiempo inmediatamente despué... • http://osvdb.org/50137 • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 0%CPEs: 2049EXPL: 1CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
20 Oct 2008 — The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, p... • https://github.com/mrclki/sockstress • CWE-16: Configuration •
CVSS: 9.3EPSS: 8%CPEs: 10EXPL: 0CVE-2008-2476 – TP-Link VxWorks / 2-Series Switches Fail
https://notcve.org/view.php?id=CVE-2008-2476
03 Oct 2008 — The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). La implementación IPv6 Neighbor Discovery ... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 9%CPEs: 3EXPL: 3CVE-2008-4247 – Multiple Vendor FTP Server - Long Command Handling Security
https://notcve.org/view.php?id=CVE-2008-4247
25 Sep 2008 — ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser. ftpd en OpenBSD 4.3, FreeBSD 7.0, y NetBSD 4.0 interpreta como múltiples comandos los comandos largos desde un cliente FTP, lo... • https://www.exploit-db.com/exploits/32399 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 0CVE-2008-3530
https://notcve.org/view.php?id=CVE-2008-3530
05 Sep 2008 — sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message. sys/netinet6/icmp6.c del kernel en FreeBSD 6.3 hasta la 7.1 no comprueba correctamente la nueva MTU propuesta en un paquete ICMPv6 de mensaje demasiado grande, lo cual permite a los atacantes remotos p... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-015.txt.asc • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2008-3531 – FreeBSD 7.0/7.1 - 'vfs.usermount' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2008-3531
05 Sep 2008 — Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions." Desbordamiento de búfer basado en pila en sys/kern/vfs_mount.c del núcleo de FreeBSD 7.0 y 7.1, cuando vfs.usermount está habilitado; permite a usuarios locales obtener privilegios a través de una llamada al sistema manipulada a ... • https://www.exploit-db.com/exploits/9082 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3890
https://notcve.org/view.php?id=CVE-2008-3890
05 Sep 2008 — The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call. El kernel de FreeBSD 6.3 hasta 7.0 en las plataformas de amd64 , puede hacer excesivas llamadas swapgs después de un Fallo General de Protección -General Protection Fault (GPF)-; esto permite a usuarios locales obtener privilegios provoc... • http://secunia.com/advisories/31743 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 18%CPEs: 9EXPL: 3CVE-2008-1391 – BSD (Multiple Distributions) - 'strfmon()' Integer Overflow
https://notcve.org/view.php?id=CVE-2008-1391
27 Mar 2008 — Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec. Múltiples desbordamientos de entero en libc de NetBSD 4.x, FreeBSD 6.x y 7.x, y posiblemente otras plataform... • https://www.exploit-db.com/exploits/31550 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 4CVE-2008-1215 – BSD PPP 'pppx.conf' - Local Denial of Service
https://notcve.org/view.php?id=CVE-2008-1215
09 Mar 2008 — Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters. Desbordamiento de búfer basado en pila en la función command_Expand_Interpret de command.c en ppp (aka user-ppp), como se distribuyó en FreeBSD 6.3 y 7.0, OpenBSD 4.1 y 4.2, y el paquete net/userppp para NetBSD, permite a us... • https://www.exploit-db.com/exploits/31333 • CWE-264: Permissions, Privileges, and Access Controls •