Page 8 of 85 results (0.010 seconds)

CVSS: 7.5EPSS: 4%CPEs: 5EXPL: 0

Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message. Desbordamiento de búfer en talkd en NetBSD 1.6 y anteriores, y posiblemente otros sistemas operativos, pueden permitir a atacantes remotos ejecutar código arbitrario mediante un mensaje largo entrante. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc http://www.iss.net/security_center/static/10303.php http://www.securityfocus.com/bid/5910 •

CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 1

Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file. • https://www.exploit-db.com/exploits/21881 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc http://marc.info/?l=bugtraq&m=103342413220529&w=2 http://secunia.com/advisories/7181 http://secunia.com/advisories/7252 http://www.osvdb.org/6098 http://www.securityfocus.com/bid/5837 https://exchange.xforce.ibmcloud.com/vulnerabilities/10261 •

CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 3

Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. Sendmail Consortium's Restricted Shell (SMRSH) en Sendmail 8.12.6, 8.11.6-15 y anteriores, permite a atacantes puentear las restricciones pretendidas de smrsh insertando caractéres adicionales después de secuencias "||" (dos barras verticales) o "/" (barra), que no son adecuadamente filtradas o verificadas. • https://www.exploit-db.com/exploits/21884 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000532 http://marc.info/?l=bugtraq&m=103350914307274&w=2 http://secunia.com/advisories/7826 http://www.iss.net/security_center/static/10232.php http://www.mandriva.com/security/advisories?name=MDKSA-2002:083 http://www.redhat.com/support/errata/RHSA-2003-073.html http://www.securityfocus.com/bi •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG http://www.iss.net/security_center/static/8416.php http://www.osvdb.org/5304 http://www.securityfocus.com/archive/1/259598 http://www.securityfocus.com/bid/4224 •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. Vulnerabilidad de cadena de formato en la función startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote(). • http://marc.info/?l=bugtraq&m=96994604300675&w=2 http://online.securityfocus.com/archive/1/137555 http://www.iss.net/security_center/static/5286.php http://www.redhat.com/support/errata/RHSA-2000-066.html http://www.securityfocus.com/bid/1711 •