CVSS: 8.1EPSS: 83%CPEs: 54EXPL: 99CVE-2024-6387 – Openssh: regresshion - race condition in ssh allows rce/dos
https://notcve.org/view.php?id=CVE-2024-6387
01 Jul 2024 — A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Se encontró una condición de ejecución del controlador de señales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anter... • https://packetstorm.news/files/id/179290 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-364: Signal Handler Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-45484
https://notcve.org/view.php?id=CVE-2021-45484
25 Dec 2021 — In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. En NetBSD versiones hasta 9.2, el algoritmo de generación de ID de fragmentos IPv6 emplea un PRNG criptográfico débil • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-45487
https://notcve.org/view.php?id=CVE-2021-45487
25 Dec 2021 — In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. En NetBSD versiones hasta 9.2, el algoritmo de generación de IPv4 ID no usa medidas criptográficas apropiadas • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-45488
https://notcve.org/view.php?id=CVE-2021-45488
25 Dec 2021 — In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. En NetBSD versiones hasta 9.2, se presenta un filtrado de información en el algoritmo de generación de TCP ISN (ISS) • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-45489
https://notcve.org/view.php?id=CVE-2021-45489
25 Dec 2021 — In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. En NetBSD versiones hasta 9.2, el algoritmo de generación de etiquetas de flujo IPv6 emplea un PRNG criptográfico débil • http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 5.3EPSS: 0%CPEs: 330EXPL: 0CVE-2020-26139 – kernel: Forwarding EAPOL from unauthenticated wifi client
https://notcve.org/view.php?id=CVE-2020-26139
11 May 2021 — An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. Se detectó un problema en el kernel en NetBSD versión 7.1. Un punto de acceso (AP) reenvía tramas EAPOL a otros clientes aunque el remitente... • http://www.openwall.com/lists/oss-security/2021/05/11/12 • CWE-287: Improper Authentication CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5363
https://notcve.org/view.php?id=CVE-2012-5363
20 Feb 2020 — The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393. La implementación de IPv6 en FreeBSD y NetBSD (versiones desconocidas, año 2012 y anteriores), permite a atacantes remotos causar una denegación de servicio por medio de una avalancha de mensajes ICMPv6 Neighbor Solicitation, una vulnerabilidad diferente de CVE-2011-2393... • http://www.openwall.com/lists/oss-security/2012/10/10/12 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5365
https://notcve.org/view.php?id=CVE-2012-5365
20 Feb 2020 — The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. La implementación de IPv6 en FreeBSD y NetBSD (versiones desconocidas, año 2012 y anteriores) permite a atacantes remotos causar una denegación de servicio por medio de una avalancha de paquetes ICMPv6 Router Advertisement, que contienen múltiples entradas de Enrutamiento. • http://www.openwall.com/lists/oss-security/2012/10/10/12 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2480
https://notcve.org/view.php?id=CVE-2011-2480
27 Nov 2019 — Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. Una vulnerabilidad de Divulgación de Información en el protocolo 802.11 stack, como es usado en FreeBSD versiones anteriores a la versión 8.2 y NetBSD cuando es... • https://access.redhat.com/security/cve/cve-2011-2480 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 38%CPEs: 1EXPL: 3CVE-2017-1000375 – NetBSD - 'Stack Clash' (PoC)
https://notcve.org/view.php?id=CVE-2017-1000375
19 Jun 2017 — NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions. NetBSD asigna el editor de enlace del tiempo de ejecución del archivo ld.so directamente debajo de la región stack, incluso si ASLR está habilitada, esto permite a los atacantes manipular más fácilmente la memoria, lo que conlleva a la ejecución de código arbitrar... • https://packetstorm.news/files/id/143200 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •