Page 9 of 50 results (0.004 seconds)

CVSS: 10.0EPSS: 2%CPEs: 10EXPL: 3

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. • https://www.exploit-db.com/exploits/234 https://www.exploit-db.com/exploits/20512 ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html http://www.openbsd.org/advisories/ftpd_replydirname.txt http://www.securityfocus.com/bid/2124 https://exchange.xforce.ibmcloud.com/vulnerabilities/5776 •

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 2

Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. • https://www.exploit-db.com/exploits/20256 ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch http://marc.info/?l=bugtraq&m=97068555106135&w=2 http://www.securityfocus.com/bid/1746 https://exchange.xforce.ibmcloud.com/vulnerabilities/5338 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. • http://archives.neohapsis.com/archives/bugtraq/2000-09/0299.html http://www.osvdb.org/1574 http://www.securityfocus.com/bid/1723 https://exchange.xforce.ibmcloud.com/vulnerabilities/5634 •

CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 2

Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. • https://www.exploit-db.com/exploits/243 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc http://marc.info/?l=bugtraq&m=97068555106135&w=2 http://www.openbsd.org/errata27.html#pw_error http://www.securityfocus.com/bid/1744 https://exchange.xforce.ibmcloud.com/vulnerabilities/5339 •

CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. • http://www.securityfocus.com/archive/1/137890 http://www.securityfocus.com/bid/1764 https://exchange.xforce.ibmcloud.com/vulnerabilities/5344 •