Page 8 of 64 results (0.008 seconds)

CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 3

Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. • https://www.exploit-db.com/exploits/22331 https://www.exploit-db.com/exploits/22332 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch ftp://patches.sgi.com/support/free/security/advisories/20030406-02-P http://marc.info/?l=bugtraq&m=104690434504429&w=2 http://marc.info/?l=bugtraq&m=104714441925019&w=2 http://secunia.com/advisories/8293 http://www.debian.org/security/2003/dsa-267 http://www.debian.org/security/2003/dsa-275 http://www& •

CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0

tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. • http://online.securityfocus.com/archive/1/283033 http://www.iss.net/security_center/static/9633.php http://www.securityfocus.com/bid/5265 • CWE-667: Improper Locking •

CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 1

The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/032_kerntime.patch http://www.iss.net/security_center/static/10278.php http://www.openbsd.org/plus32.html http://www.securityfocus.com/bid/5861 •

CVSS: 3.7EPSS: 0%CPEs: 52EXPL: 0

Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc http://www.osvdb.org/19475 http://www.securityfocus.com/bid/3891 https://exchange.xforce.ibmcloud.com/vulnerabilities/7945 •

CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0

fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html http://www.iss.net/security_center/static/8715.php http://www.openbsd.org/errata28.html http://www.osvdb.org/5466 http://www.securityfocus.com/bid/3205 •