KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
Max CVSS
7.5
EPSS Score
0.45%
Published
2002-08-12
Updated
2008-09-05
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
Max CVSS
7.5
EPSS Score
4.80%
Published
2002-10-28
Updated
2008-09-10
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
Max CVSS
7.2
EPSS Score
0.06%
Published
2002-08-12
Updated
2016-10-18
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-02-27
Updated
2017-10-10
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
Max CVSS
5.5
EPSS Score
0.04%
Published
2002-12-31
Updated
2024-02-08
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
Max CVSS
5.0
EPSS Score
0.16%
Published
2002-06-25
Updated
2008-09-05
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
Max CVSS
5.0
EPSS Score
3.32%
Published
2002-11-04
Updated
2008-09-10
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
Max CVSS
4.6
EPSS Score
0.14%
Published
2002-10-11
Updated
2016-10-18
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-10-28
Updated
2017-07-11
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
Max CVSS
3.7
EPSS Score
0.04%
Published
2002-12-31
Updated
2017-12-19
10 vulnerabilities found