Page 7 of 81 results (0.011 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling. En FreeBSD, en versiones anteriores a la 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE y 10.3-RELEASE-p19, cuando ipfilter emplea las opciones "keep state" o "keep frags", puede provocar un pánico del kernel cuando se le alimentan fragmentos de paquetes manipulados debido a la gestión incorrecta de memoria. • http://www.securityfocus.com/bid/98089 http://www.securitytracker.com/id/1038369 https://www.freebsd.org/security/advisories/FreeBSD-SA-17:04.ipfilter.asc • CWE-20: Improper Input Validation CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. La implementación del protocolo Neighbor Discovery (ND) en la pila de IPv6 en FreeBSD versiones hasta 10.1, permite a atacantes remotos reconfigurar una configuración de hop-limit por medio de un valor hop_limit pequeño en un mensaje Router Advertisement (RA). • http://openwall.com/lists/oss-security/2015/04/04/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041934.html https://www.freebsd.org/security/advisories/FreeBSD-SA-15:09.ipv6.asc • CWE-20: Improper Input Validation •

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 2

The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file. El instalador bsdinstall en FreeBSD 10.x anterior a 10.1 p9, cuando configura ZFS codificado de disco completo, utiliza permisos de lectura universal para el fichero de claves GELI (/boot/encryption.key), lo que permite a usuarios locales obtener información sensible de claves mediante la lectura del fichero. FreeBSD 10.x installer supports the installation of FreeBSD 10.x on an encrypted ZFS filesystem by default. When using the encryption system within ZFS during the installation of FreeBSD 10.0 and FreeBSD 10.1, the encryption.key has wrong permissions which allow local users to read this file. Even if the keyfile is passphrase-encrypted, it can present a risk. • http://packetstormsecurity.com/files/131338/FreeBSD-10.x-ZFS-encryption.key-Disclosure.html http://www.securityfocus.com/archive/1/535209/100/0/threaded http://www.securitytracker.com/id/1032042 https://www.freebsd.org/security/advisories/FreeBSD-SA-15:08.bsdinstall.asc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discarded and allows context-dependent attackers to bypass authentication via a login (1) without a password or (2) with an incorrect password. OpenPAM Nummularia versiones 9.2 hasta 10.0, maneja inapropiadamente un error reportado cuando una directiva de inclusión hace referencia a una política que no existe, lo que causa que la cadena de políticas cargada no sea descartada y permita a atacantes dependiendo del contexto omitir una autenticación por medio de un inicio de sesión (1) sin contraseña o (2) con una contraseña incorrecta. • http://www.freebsd.org/security/advisories/FreeBSD-SA-14:13.pam.asc http://www.openpam.org/browser/openpam/trunk/HISTORY http://www.securityfocus.com/bid/67808 http://www.securitytracker.com/id/1030330 • CWE-287: Improper Authentication •

CVSS: 1.9EPSS: 0%CPEs: 56EXPL: 0

The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. La función sm_close_on_exec en conf.c en sendmail anterior a 8.14.9 tiene argumentos en el orden erróneo, y como consecuencia evade configurar etiquetas FD_CLOEXEC esperadas, lo que permite a usuarios locales acceder a descriptores de archivos de número alto no intencionados a través de un programa de entrega de correo personalizado. • ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES http://advisories.mageia.org/MGASA-2014-0270.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html http://secunia.com/advisories/57455 http://secunia.com/advisories/58628 http://security.gentoo.org&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •