CVSS: 6.4EPSS: 0%CPEs: 15EXPL: 0CVE-2006-2655
https://notcve.org/view.php?id=CVE-2006-2655
The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. • http://secunia.com/advisories/20389 http://security.freebsd.org/advisories/FreeBSD-SA-06:15.ypserv.asc http://securitytracker.com/id?1016193 http://www.osvdb.org/25852 http://www.securityfocus.com/bid/18204 https://exchange.xforce.ibmcloud.com/vulnerabilities/26792 •
CVSS: 6.4EPSS: 0%CPEs: 27EXPL: 0CVE-2006-2654
https://notcve.org/view.php?id=CVE-2006-2654
Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier. • http://secunia.com/advisories/20390 http://security.freebsd.org/advisories/FreeBSD-SA-06:16.smbfs.asc http://securitytracker.com/id?1016194 http://www.osvdb.org/25851 http://www.securityfocus.com/bid/18202 https://exchange.xforce.ibmcloud.com/vulnerabilities/26860 •
CVSS: 2.1EPSS: 0%CPEs: 143EXPL: 0CVE-2006-1056
https://notcve.org/view.php?id=CVE-2006-1056
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. El kernel de Linux en versiones anteriores a 2.6.16.9 y el kernel de FreeBSD, cuando se ejecuta en AMD64 y otros procesadores AuthenticAMD de 7ª y 8ª generación, solo guarda/restablece los registros FOP, FIP y FDP x87 en FXSAVE/FXRSTOR cuando una excepción está pendiente, lo que permite un proceso para determinar las porciones del estado de instrucciones de punto flotante de otros procesos, lo que puede ser aprovechado para obtener información sensible como claves criptográficas. NOTA: este es un comportamiento documentado de procesadores AMD64, pero es inconsistente con procesadores Intel en una forma relevante para la seguridad que no fue abordada por los kernels. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc http://kb.vmware.com/kb/2533126 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lwn.net/Alerts/180820 http://marc.info/?l=linux-kernel&m=114548768214478&w=2 http://secunia.com/advisories/19715 http://secunia.com/advisories/19724 http://secunia.com/advisories/19735 http://secunia.com/advisories& • CWE-310: Cryptographic Issues •
CVSS: 7.2EPSS: 0%CPEs: 100EXPL: 0CVE-2006-1283
https://notcve.org/view.php?id=CVE-2006-1283
opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd. 'opiepasswd' en One-Time Passwords en Everything (OPIE) en FreeBSDE 4.10-RELEASE-p22 a 6.1-STABLE anteriores a 20060322 usa la función "getlogin" para determinar la cuenta de usuario invocante, lo que podría permitir a usuarios locales para configurar acceso de OPIE a la cuenta 'root' y posiblemente ganar privilegios de root si un intérprete de comandos de root es permitido por la configuración del grupo 'wheel' o sshd. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:12.opie.asc http://secunia.com/advisories/19347 http://securitytracker.com/id?1015817 http://www.osvdb.org/24067 http://www.securityfocus.com/bid/17194 http://www.vupen.com/english/advisories/2006/1074 https://exchange.xforce.ibmcloud.com/vulnerabilities/25397 •
CVSS: 7.5EPSS: 1%CPEs: 38EXPL: 0CVE-2006-0905
https://notcve.org/view.php?id=CVE-2006-0905
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc http://secunia.com/advisories/19366 http://securitytracker.com/id?1015809 http://www.osvdb.org/24068 http://www.securityfocus.com/bid/17191 https://exchange.xforce.ibmcloud.com/vulnerabilities/25398 •