Page 60 of 300 results (0.015 seconds)

CVSS: 7.8EPSS: 17%CPEs: 8EXPL: 2

The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. La función accept_connections en el demonio de red privada virtual (vpnd) en Apple Mac OS X versiones 10.5 anteriores a 10.5.4, permite a los atacantes remotos causar una denegación de servicio (error de división por cero y bloqueo del demonio) por medio de un paquete de balance de carga diseñado para UDP puerto 4112. • https://www.exploit-db.com/exploits/4690 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://secunia.com/advisories/27938 http://secunia.com/advisories/30802 http://support.apple.com/kb/HT2163 http://www.securityfocus.com/bid/26699 http://www.securitytracker.com/id?1019052 http://www.vupen.com/english/advisories/2007/4145 http://www.vupen.com/english/advisories/2008/1981/references https://exchange.xforce.ibmcloud.com/vulnerabilities/38855 • CWE-189: Numeric Errors •

CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 0

Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Una vulnerabilidad de doble liberación en la función gss_krb5int_make_seal_token_v3 en la biblioteca lib/gssapi/krb5/k5sealv3.c en MIT Kerberos 5 (krb5), presenta un impacto desconocido y vectores de ataques. • http://bugs.gentoo.org/show_bug.cgi?id=199212 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://osvdb.org/43345 http://seclists.org/fulldisclosure/2007/Dec/0176.html http://seclists.org/fulldisclosure/2007/Dec/0321.html http://secunia.com/advisories/28636 http://secunia.com/advisories/29420 http://secunia.com/advisories/29450 http://secunia.com/advisories/29451 http://secunia.com/advisories • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 1

Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Vulnerabilidad de uso después de liberación (use-after-free) en la función gss_indicate_mechs de lib/gssapi/mechglue/g_initialize.c en MIT Kerberos 5 (krb5) tiene impacto y vectores de ataque desconocidos. NOTA: esto podría ser resultado de una errata en el código fuente. • http://bugs.gentoo.org/show_bug.cgi?id=199214 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://osvdb.org/43346 http://seclists.org/fulldisclosure/2007/Dec/0176.html http://seclists.org/fulldisclosure/2007/Dec/0321.html http://secunia.com/advisories/29451 http://secunia.com/advisories/29464 http://secunia.com/advisories/29516 http://secunia.com/advisories/39290 http://security.gentoo.org • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 9.3EPSS: 18%CPEs: 2EXPL: 0

The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions. El Cortafuegos de Aplicación de Apple Mac OS X 10.5, cuando la opción "Bloquear todas las conexiones entrantes" se encuentra habilitada, no impide que procesos de root o mDNSResponder acepten conexiones, lo cual podría permitir a atacantes remotos o procesos locales de root evitar las restricciones de seguridad establecidas. • http://docs.info.apple.com/article.html?artnum=307004 http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html http://secunia.com/advisories/27695 http://securitytracker.com/id?1018958 http://www.securityfocus.com/bid/26461 http://www.vupen.com/english/advisories/2007/3897 https://exchange.xforce.ibmcloud.com/vulnerabilities/38506 •

CVSS: 10.0EPSS: 35%CPEs: 2EXPL: 0

The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions. El Firewall de Aplicación en Apple Mac OS X versión 10.5, no previene a un proceso de root de aceptar conexiones entrantes, incluso cuando ha sido establecido "Block incoming connections" para su ejecutable asociado, lo que podría permitir a atacantes remotos o procesos de root locales omitir las restricciones de acceso previstas. • http://docs.info.apple.com/article.html?artnum=307004 http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html http://secunia.com/advisories/27695 http://securitytracker.com/id?1018958 http://www.securityfocus.com/bid/26460 http://www.vupen.com/english/advisories/2007/3897 https://exchange.xforce.ibmcloud.com/vulnerabilities/38479 •