CVSS: 10.0EPSS: 6%CPEs: 11EXPL: 0CVE-2006-4304
https://notcve.org/view.php?id=CVE-2006-4304
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. Desbordamiento de búfer en el controlador sppp en FreeBSD 4.11 hasta 6.1, NetBSD 2.0 hasta 4.0 beta anterior al 23/08/2006, y OpenBSD 3.8 y 3.9 anterior al 02/09/2006 permite a atacanets remotos provocar una denegación de servicio (panic), obtener información sensible, y posiblemente ejecutar código de su elección mediante paquetes LCP (Link Control Protocol) modificados con una longitud de opciones que excede la longitud total, lo que provoca un desbordamiento en (1) pppoe y (2) ippp. NOTA: este problema fue inicial e incorrectamente reportado para el controlador ppp. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc http://secunia.com/advisories/21587 http://secunia.com/advisories/21731 http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch http://securitytracker.com/id?1016745 http://www.openbsd.org/errata.html#sppp http://www.openbsd.org/errata38.html#sppp http://www.securityfocus.com/bid/19684 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2006-3202
https://notcve.org/view.php?id=CVE-2006-3202
The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket. La función ip6_savecontrol en NetBSD v2.0 hasta v3.0, bajo ciertas configuraciones, no permite comprobar si el sockets IPv4-mapped ha sido usado antes del proceso de opciones del socket IPv6, lo que permite a atacantes locales causar una denegación de servicio (caída) por creación de un socket IPv4-mapped IPv6 con opción SO_TIMESTAMP activada, para luego enviar un paquete IPv4 a través del socket. • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc http://securitytracker.com/id?1016250 https://exchange.xforce.ibmcloud.com/vulnerabilities/27139 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-2205
https://notcve.org/view.php?id=CVE-2006-2205
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-014.txt.asc http://securitytracker.com/id?1016004 http://www.osvdb.org/25086 http://www.securityfocus.com/bid/17999 •
CVSS: 2.6EPSS: 1%CPEs: 10EXPL: 0CVE-2006-1833
https://notcve.org/view.php?id=CVE-2006-1833
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc http://secunia.com/advisories/19585 http://securitytracker.com/id?1015907 http://www.osvdb.org/24577 http://www.securityfocus.com/bid/17496 https://exchange.xforce.ibmcloud.com/vulnerabilities/25786 •
CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0CVE-2006-1797
https://notcve.org/view.php?id=CVE-2006-1797
The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference. • http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html http://secunia.com/advisories/19615 http://securitytracker.com/id?1015908 http://www.osvdb.org/24578 http://www.securityfocus.com/bid/17497 https://exchange.xforce.ibmcloud.com/vulnerabilities/25766 •