| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. |
| FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. |
| FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument. |
| Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument. |
| Buffer overflow in FreeBSD angband allows local users to gain privileges. |
| Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources. |
| Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable. |
| The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory map created with MAP_ANON and MAP_NOSYNC flags. |
| pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with world-searchable permissions, which may allow local users to modify world-writable parts of the package during installation. |
| FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes. |
| cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. |
| Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. |
| NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option. |
| The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. |
| FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. |
