CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2005-4351
https://notcve.org/view.php?id=CVE-2005-4351
31 Dec 2005 — The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. • http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html •
CVSS: 7.5EPSS: 79%CPEs: 296EXPL: 2CVE-2005-0356 – TCP TIMESTAMPS - Denial of Service
https://notcve.org/view.php?id=CVE-2005-0356
31 May 2005 — Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 •
CVSS: 6.3EPSS: 0%CPEs: 104EXPL: 0CVE-2005-0988
https://notcve.org/view.php?id=CVE-2005-0988
06 Apr 2005 — Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt •
CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0CVE-2005-0109
https://notcve.org/view.php?id=CVE-2005-0109
05 Mar 2005 — Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt •
CVSS: 9.8EPSS: 5%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
31 Dec 2004 — Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 •
CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 1CVE-2004-0114 – BSD - SHMAT System Call Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0114
03 Mar 2004 — The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. La llamada de sistema shmat en el interfaz de Memoria Compartida de Sistema V de FreeBSD 5.2 y anteriores, NetBSD 1.3 y anteriores, y OpenBSD 2.6 y ant... • https://www.exploit-db.com/exploits/23655 •
CVSS: 10.0EPSS: 1%CPEs: 59EXPL: 0CVE-2004-0002
https://notcve.org/view.php?id=CVE-2004-0002
03 Feb 2004 — The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. La funcionalidad TCP MSS (maximum segment size) en netinet permite a atacantes remotos causar una denegación de servicio (consumición de recursos) median... • http://lists.freebsd.org/pipermail/cvs-src/2004-January/016271.html •