38 results (0.003 seconds)

CVSS: 7.1EPSS: 2%CPEs: 2049EXPL: 0

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, permite a atacantes remotos provocar una denegación de servicio (agotamiento de cola de conexión) a través de múltiples vectores que manipulan información en la tabla de estados del TCP, como lo demuestra sockstress. • http://blog.robertlee.name/2008/10/conjecture-speculation.html http://insecure.org/stf/tcp-dos-attack-explained.html http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html http://www.cpni • CWE-16: Configuration •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1

Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument. • http://www.iss.net/security_center/static/7633.php http://www.securityfocus.com/archive/1/243096 http://www.securityfocus.com/bid/3603 •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients. • http://www.securityfocus.com/archive/1/211056 http://www.securityfocus.com/bid/3260 https://exchange.xforce.ibmcloud.com/vulnerabilities/7053 •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 2

Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (reboot) in the kernel via a particular sequence of instructions. • https://www.exploit-db.com/exploits/21077 http://www.iss.net/security_center/static/7023.php http://www.securityfocus.com/archive/1/209192 http://www.securityfocus.com/bid/3220 •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 3

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line. • https://www.exploit-db.com/exploits/202 http://www.securityfocus.com/archive/1/147120 http://www.securityfocus.com/bid/2009 •