Vulnerabilites related to netbsd - netbsd
Vulnerability from fkie_nvd
Published
2011-05-23 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netbsd | netbsd | * | |
| netbsd | netbsd | * | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.3 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| ihji | pmake | 1.111 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26A936FF-9942-4A95-BE65-57A8C1B6C8AC",
"versionEndIncluding": "1.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ihji:pmake:1.111:*:*:*:*:*:*:*",
"matchCriteriaId": "CABB6C56-E62F-4A49-8B75-A7744E6A5363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk."
},
{
"lang": "es",
"value": "El \"make\" incluye ficheros en NetBSD anterior a v1.6.2 usados en pmake v1.111 y otros productos, permite a usuarios locales sobreescribir ficheros de su elecci\u00f3n a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre un archivo temporal /tmp/_depend#####, relacionado con (1) bsd.lib.mk y (2) bsd.prog.mk."
}
],
"id": "CVE-2011-1920",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-23T22:55:01.410",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239\u0026r2=1.240\u0026f=h"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192\u0026r2=1.193\u0026f=h"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/8"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/47878"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705090"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705100"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239\u0026r2=1.240\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192\u0026r2=1.193\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67495"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-02-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process."
}
],
"id": "CVE-2000-0157",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-02-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/992"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-01-17 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 4.2 | |
| freebsd | freebsd | 4.3 | |
| freebsd | freebsd | 4.4 | |
| freebsd | freebsd | 4.5 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.7 | |
| linux | linux_kernel | 2.4.1 | |
| linux | linux_kernel | 2.4.2 | |
| linux | linux_kernel | 2.4.3 | |
| linux | linux_kernel | 2.4.4 | |
| linux | linux_kernel | 2.4.5 | |
| linux | linux_kernel | 2.4.6 | |
| linux | linux_kernel | 2.4.7 | |
| linux | linux_kernel | 2.4.8 | |
| linux | linux_kernel | 2.4.9 | |
| linux | linux_kernel | 2.4.10 | |
| linux | linux_kernel | 2.4.11 | |
| linux | linux_kernel | 2.4.12 | |
| linux | linux_kernel | 2.4.13 | |
| linux | linux_kernel | 2.4.14 | |
| linux | linux_kernel | 2.4.15 | |
| linux | linux_kernel | 2.4.16 | |
| linux | linux_kernel | 2.4.17 | |
| linux | linux_kernel | 2.4.18 | |
| linux | linux_kernel | 2.4.19 | |
| linux | linux_kernel | 2.4.20 | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000_terminal_services | * | |
| microsoft | windows_2000_terminal_services | * | |
| microsoft | windows_2000_terminal_services | * | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D34EFE5-22B7-4E8D-B5B2-2423C37CFFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "8208AFC9-0EFC-4A90-AD5A-FD94F5542885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000_terminal_services:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4D4168AE-D19E-482E-8F2B-3E798B2D84E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak."
},
{
"lang": "es",
"value": "M\u00faltiples controladores de dispositivo (device drivers) de Tarjetas de Interfaz de Red (Network Interface Card - NIC) Ethernet no rellenan las tramas con bytes nulos, lo que permite a atacantes remotos obtener informaci\u00f3n de paquetes anteriores o memoria del kernel usando paquetes malformados, como ha sido demostrado por Etherleak."
}
],
"id": "CVE-2003-0001",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-01-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104222046632243\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/7996"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/412115"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/9962"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1040185"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104222046632243\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/7996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/412115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/9962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1040185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-01 13:00
Modified
2025-04-09 00:30
Severity ?
Summary
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| k-meleon_project | k-meleon | 1.5.3 | |
| mozilla | firefox | 3.0.1 | |
| mozilla | firefox | 3.0.2 | |
| mozilla | firefox | 3.0.3 | |
| mozilla | firefox | 3.0.4 | |
| mozilla | firefox | 3.0.5 | |
| mozilla | firefox | 3.0.6 | |
| mozilla | firefox | 3.0.7 | |
| mozilla | firefox | 3.0.8 | |
| mozilla | firefox | 3.0.9 | |
| mozilla | firefox | 3.0.10 | |
| mozilla | firefox | 3.0.11 | |
| mozilla | firefox | 3.0.12 | |
| mozilla | firefox | 3.0.13 | |
| mozilla | firefox | 3.0.14 | |
| mozilla | firefox | 3.5 | |
| mozilla | firefox | 3.5.1 | |
| mozilla | firefox | 3.5.2 | |
| mozilla | firefox | 3.5.3 | |
| mozilla | seamonkey | 1.1.8 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 6.4 | |
| freebsd | freebsd | 7.2 | |
| freebsd | freebsd | 7.2 | |
| freebsd | freebsd | 7.2 | |
| netbsd | netbsd | 5.0 | |
| openbsd | openbsd | 4.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:k-meleon_project:k-meleon:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "34C36C0A-5A73-4E19-A798-7337AF0F353E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11E07FED-ABDB-4B0A-AB2E-4CBF1EAC4301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6558F1-9E0D-4107-909A-8EF4BC8A9C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A9024117-2E8B-4240-9E21-CC501F3879B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC3CAD3-2F54-4E32-A0C9-0D826C45AC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "52624B41-AB34-40AD-8709-D9646B618AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "917E9856-9556-4FD6-A834-858F8837A6B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98BBD74D-930C-4D80-A91B-0D61347BAA63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF2E696-883D-4DE5-8B79-D8E5D9470253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "94E04FD9-38E8-462D-82C2-729F7F7F0465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5888517E-3C57-4A0A-9895-EA4BCB0A0ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB21291-B9F3-445E-A9E9-EA1822083DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D595F649-ECBE-45E0-8AAD-BCBC65A654B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE6E920-9A4C-431B-89EA-683A22F15ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "76CD3BDF-A079-4EF3-ABDE-43CBDD08DB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "031E8624-5161-43AF-AF19-6BAB5A94FDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54186D4A-C6F0-44AD-94FB-73B4346ABB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47E50AD9-BA35-4817-BD4D-5D678FC5A3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C5521DA3-E6AF-4350-B971-10B4A1C9B1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F7F02A-C845-40BF-8490-510A070000F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release:*:*:*:*:*:*",
"matchCriteriaId": "53D1AD5E-4007-4AFA-A18B-69D1AC055C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p2:*:*:*:*:*:*",
"matchCriteriaId": "06BFEE54-DBF3-4546-AE57-2C25FC9F0F04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p3:*:*:*:*:*:*",
"matchCriteriaId": "BE1FC1A8-E499-45A0-B89A-5BFA24727DBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p4:*:*:*:*:*:*",
"matchCriteriaId": "8E08DCB9-9064-4DB7-B43A-7B415882EB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "E4A5E6FF-617E-4173-A948-F3728454A012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "06FB0EEA-254E-4A1F-99E7-058FCD518E22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F948527C-A01E-4315-80B6-47FACE18A34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.2:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "8B573401-DC6F-4AFE-92F5-D96F785D2107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "60D40129-108B-421B-9990-6C6F381C96AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B32BB973-60E5-402B-83FE-547786BC7A57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number."
},
{
"lang": "es",
"value": "Error de \u00edndice de matriz en la (1) implementaci\u00f3n dtoa en archivo dtoa.c (tambi\u00e9n se conoce como pdtoa.c) y (2) la implementaci\u00f3n gdtoa (tambi\u00e9n se conoce como dtoa new dtoa) en archivo gdtoa/misc.c en libc, tal y como es usado en m\u00faltiples sistemas operativos y productos, incluidos FreeBSD versiones 6.4 y 7.2, Net versi\u00f3n 5.0, OpenBSD versi\u00f3n 4.5, Mozilla Firefox versi\u00f3n 3.0.x y anteriores a las versi\u00f3n 3.0.15 y 3.5.x anterior a versi\u00f3n 3.5.4, K-Meleon versi\u00f3n 1.5.3, SeaMonkey versi\u00f3n 1.1.8 y otros productos, permite a los atacantes dependiendo del contexto causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario por medio de un valor de precisi\u00f3n largo en el argumento de formato para una funci\u00f3n printf, que desencadena una asignaci\u00f3n de memoria inapropiada y un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria durante la conversi\u00f3n a un n\u00famero de punto flotante."
}
],
"id": "CVE-2009-0689",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-01T13:00:01.360",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"source": "cret@cert.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0311.html"
},
{
"source": "cret@cert.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0312.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37431"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37682"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37683"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38066"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38977"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39001"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-35/"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/63"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/69"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/71"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/72"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/73"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/75"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/76"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/77"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/78"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/achievement_securityalert/81"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1022478"
},
{
"source": "cret@cert.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT4225"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:294"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-59.html"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c"
},
{
"source": "cret@cert.org",
"url": "http://www.opera.com/support/kb/view/942/"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1601.html"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/507977/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/507979/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/508417/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/508423/100/0/threaded"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/35510"
},
{
"source": "cret@cert.org",
"url": "http://www.ubuntu.com/usn/USN-915-1"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3297"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3299"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3334"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0094"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0648"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0650"
},
{
"source": "cret@cert.org",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516396"
},
{
"source": "cret@cert.org",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516862"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0311.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0312.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-35/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/71"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/72"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/73"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/75"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/76"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/77"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/78"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/81"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1022478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-59.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.opera.com/support/kb/view/942/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1601.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507977/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507979/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508417/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508423/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/35510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-915-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-25 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F7F02A-C845-40BF-8490-510A070000F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte."
},
{
"lang": "es",
"value": ""
}
],
"id": "CVE-2006-7252",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-25T19:55:01.570",
"references": [
{
"source": "cve@mitre.org",
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=161263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=161263"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-07 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 4.3 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.0.4 | |
| hp | hp-ux | 11.11 | |
| hp | vvos | 11.04 | |
| linux | linux_kernel | 2.4.0 | |
| linux | linux_kernel | 2.4.1 | |
| linux | linux_kernel | 2.4.2 | |
| linux | linux_kernel | 2.4.3 | |
| linux | linux_kernel | 2.4.4 | |
| linux | linux_kernel | 2.4.5 | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| openbsd | openbsd | 2.8 | |
| openbsd | openbsd | 2.9 | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.7 | |
| sun | sunos | 5.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:workstation:*:*:*:*:*",
"matchCriteriaId": "FE4E91DD-FA6B-4735-A07C-0A88BADCAFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BB76E7EC-C396-4537-9065-4E815DA7097C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "4CD026E2-B073-40A6-AD4A-8C76B9169B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "DBFB3E49-3FB5-4947-856D-727CBFFBA543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "B9236480-6450-42E1-B1FF-F336488A683A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*",
"matchCriteriaId": "14F55877-A759-4C8A-84D5-70508E449799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process."
}
],
"id": "CVE-2001-1244",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2997"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-01 13:15
Modified
2025-04-24 19:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1102FFF5-77B1-400E-93F8-AC6CFE2CC93C",
"versionEndExcluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC13B91D-82A4-48B1-83AB-EC129C83D316",
"versionEndExcluding": "9.8",
"versionStartIncluding": "8.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "4C37CBBB-A4AA-40D0-9609-0620FDC12BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:8.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7945F60B-460E-4CA6-9EB4-BEE663386D50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_micro:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09F471C6-69AF-4E78-8143-17E783C80B9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*",
"matchCriteriaId": "47842532-D2B6-44CB-ADE2-4AC8630A4D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "21538C5B-A130-411E-B5F7-BBBA4C9D488A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amazon:linux_2023:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4BE4FC-249C-4B58-9513-BF482444CB64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5DA53D-744B-4087-AEA9-257F18949E4D",
"versionEndIncluding": "11.70.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "2888B0C1-4D85-42EC-9696-03FAD0A9C28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p10:*:*:*:*:*:*",
"matchCriteriaId": "556F4943-7BA4-4E09-94B3-4515DC3C7807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p11:*:*:*:*:*:*",
"matchCriteriaId": "6AFEC561-D79B-498B-B59D-1D82B21BDF1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "A3306F11-D3C0-41D6-BB5E-2ABDC3927715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "9E584FE1-3A34-492B-B10F-508DA7CBA768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "A5605E90-D125-4CC9-8B9F-F5EED9D4EE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "761B4382-E857-4868-9F80-189B7F60256B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "51B17801-15FD-4425-BA6C-BE06B14F1BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "E9CAFF74-AD36-4D29-83F3-23E0417C485D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "1B2D2A82-BFFE-45FE-9F79-4AF12C6DE69D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "E7A81663-047E-4328-BE3A-CF65AB55B29F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:-:*:*:*:*:*:*",
"matchCriteriaId": "17DAE911-21E1-4182-85A0-B9F0059DDA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "ABEA48EC-24EA-4106-9465-CE66B938635F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "8DFB5BD0-E777-4CAA-B2E0-3F3357D06D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.3:p3:*:*:*:*:*:*",
"matchCriteriaId": "BC8C769C-A23E-4F61-AC42-4DA64421B096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FA25530A-133C-4D7C-8993-D5C42D79A0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "DB7B021E-F4AD-44AC-96AB-8ACAF8AB1B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "69A72B5A-2189-4700-8E8B-1E5E7CA86C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "5771F187-281B-4680-B562-EFC7441A8F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "0A4437F5-9DDA-4769-974E-23BFA085E0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "A9C3A3D4-C9F4-41EB-B532-821AF83470B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "878A1F0A-087F-47D7-9CA5-A54BB8D6676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "CE73CDC3-B5A7-4921-89C6-8F9DC426CB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "50A5E650-31FB-45BE-8827-641B58A83E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "038E5B85-7F60-4D71-8D3F-EDBF6E036CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1:*:*:*:*:*:*",
"matchCriteriaId": "BF309824-D379-4749-A1FA-BCB2987DD671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*",
"matchCriteriaId": "79D770C6-7A57-4A49-8164-C55391F62301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:14.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "AA813990-8C8F-4EE8-9F2B-9F73C510A7B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A2EBE8-012E-470E-9E56-56ACBE345F78",
"versionEndIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una condici\u00f3n de ejecuci\u00f3n del controlador de se\u00f1ales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincr\u00f3nica. Sin embargo, este controlador de se\u00f1ales llama a varias funciones que no son seguras para se\u00f1ales as\u00edncronas, por ejemplo, syslog()."
}
],
"id": "CVE-2024-6387",
"lastModified": "2025-04-24T19:15:46.257",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-01T13:15:06.467",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"source": "secalert@redhat.com",
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2024/Jul/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2024/Jul/19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2024/Jul/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/AlmaLinux/updates/issues/629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/Azure/AKS/issues/4379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/microsoft/azurelinux/issues/9555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/oracle/oracle-linux/issues/149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/rapier1/hpn-ssh/issues/87"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/zgzhang/cve-2024-6387-poc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://news.ycombinator.com/item?id=40843778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://packetstorm.news/files/id/190587/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT214118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT214119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT214120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ubuntu.com/security/CVE-2024-6387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ubuntu.com/security/notices/USN-6859-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/52269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-364"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:file:file:3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "345D0583-A534-47DA-917C-82E18A71D661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "40484250-D324-4068-AD46-14F3663E89B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "32774741-CD88-4401-AC2C-BB46F1CCD100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.33:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE7D6A6-0A24-484A-9D57-1FD7792D8D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.34:*:*:*:*:*:*:*",
"matchCriteriaId": "358179A6-57E9-4F26-B4CE-733D34922649",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.35:*:*:*:*:*:*:*",
"matchCriteriaId": "D25DEC28-4531-44A6-B6C5-3B79CEA8D0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.36:*:*:*:*:*:*:*",
"matchCriteriaId": "0A079E68-BB58-4FFC-AADE-1BA4B3F1C2BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.37:*:*:*:*:*:*:*",
"matchCriteriaId": "D7B379D5-30E1-4C54-8D5E-FF6E35C531FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.39:*:*:*:*:*:*:*",
"matchCriteriaId": "20A676AE-1534-42EF-8885-3C654A0EEC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:file:file:3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE83984-EBE3-4C6D-8F9F-83D4D076270C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize)."
}
],
"id": "CVE-2003-0102",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lwn.net/Alerts/34908/"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104680706201721\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-260"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/03.04.03.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/611865"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2003_017_file.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-086.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-087.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7008"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lwn.net/Alerts/34908/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104680706201721\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/03.04.03.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/611865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2003_017_file.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-087.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11469"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-29 17:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netbsd | netbsd | * | |
| netbsd | netbsd | 0.8 | |
| netbsd | netbsd | 0.9 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.3 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| netbsd | netbsd | 1.6 | |
| netbsd | netbsd | 1.6.1 | |
| netbsd | netbsd | 1.6.2 | |
| netbsd | netbsd | 2.0 | |
| netbsd | netbsd | 2.0.1 | |
| netbsd | netbsd | 2.0.2 | |
| netbsd | netbsd | 2.0.3 | |
| netbsd | netbsd | 2.0.4 | |
| netbsd | netbsd | 2.1 | |
| netbsd | netbsd | 2.1.1 | |
| netbsd | netbsd | 3.0 | |
| netbsd | netbsd | 3.0.1 | |
| netbsd | netbsd | 3.0.2 | |
| netbsd | netbsd | 3.1 | |
| netbsd | netbsd | 3.99.15 | |
| netbsd | netbsd | 4.0 | |
| netbsd | netbsd | 4.0 | |
| netbsd | netbsd | 4.0.1 | |
| netbsd | netbsd | 5.0 | |
| netbsd | netbsd | 5.0.1 | |
| apple | mac_os_x | * | |
| freebsd | freebsd | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "832F21B5-C003-405D-8FE9-B5D69DD1CA39",
"versionEndIncluding": "5.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "555181C9-75B1-427B-BF36-47C7D969DCC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC89BD6-8376-4C8D-A120-1430D8CA113F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECF9E5F-AF38-42B9-8B49-6C254394CDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.99.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C5D200-B40F-458D-8216-A3C22B21B46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "FCB9E9F8-7C6B-4BC7-A593-A11B9D6F0B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F4B6E29-B74F-45FF-AEB1-A118753F8E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49AF042F-5047-4FA2-B20C-65B2C6EBEA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8E6EE58-9C2B-457A-BD0D-EED71A1E4186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call."
},
{
"lang": "es",
"value": "M\u00faltiples errores de signo entero en smb_subr.c en el m\u00f3dulo netsmb en el kernel de NetBSD v5.0.2 y versiones anteriores, FreeBSD y Mac OS X permite a usuarios locales causar una denegaci\u00f3n de servicio (p\u00e1nico) a trav\u00e9s de un valor negativo en una operaci\u00f3n ioctl /dev/nsmb, como se demuestra por una llamada ioctl a (1) SMBIOC_LOOKUP o (2) SMBIOC_OPENSESSION."
}
],
"id": "CVE-2010-2530",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-09-29T17:00:04.150",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netsmb/smb_subr.c.diff?r1=1.34\u0026r2=1.35\u0026only_with_tag=MAIN\u0026f=h"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/07/12/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/07/16/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/41557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netsmb/smb_subr.c.diff?r1=1.34\u0026r2=1.35\u0026only_with_tag=MAIN\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/07/12/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/07/16/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/41557"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-27 17:44
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:release:*:*:*:*:*:*",
"matchCriteriaId": "CCE4F2E6-2286-4D87-ADD7-7E999B4E5620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*",
"matchCriteriaId": "C07C3BEF-8D6A-4F23-96DE-AFE4369D08EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0_p5_release:*:*:*:*:*:*:*",
"matchCriteriaId": "67FDB43C-84D1-4B45-BFB9-340F3687A22F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "42231BCC-2B90-4196-A1C2-408A353C1BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "F06B831E-D8F2-4380-B279-559CE103210F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACC9072-4A33-4F1F-B790-2F9D5A52F71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en libc de NetBSD 4.x, FreeBSD 6.x y 7.x, y posiblemente otras plataformas BSD y Apple Mac OS permiten a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de valores de ciertos campos de enteros en el argumento de formato de (1) la funci\u00f3n strfmon en lib/libc/stdlib/strfmon.c, en relaci\u00f3n a la macro GET_NUMBER; y (2) la funci\u00f3n printf, en relaci\u00f3n a left_prec y right_prec."
}
],
"id": "CVE-2008-1391",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-27T17:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/strfmon.c"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29574"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33179"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/53"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/3770"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/490158/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28479"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019722"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3444"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41504"
},
{
"source": "cve@mitre.org",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/strfmon.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/3770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490158/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider this to be a security issue. Properly written application should not use arbitrary untrusted data as part of the format string passed to functions as strfmon or printf family functions.",
"lastModified": "2009-09-24T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2025-04-09 00:30
Severity ?
Summary
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.99.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C5D200-B40F-458D-8216-A3C22B21B46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user\u0027s Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en la secuencia de comandos Xsession, usada por el Administrador de pantalla X (X Display Manager, xdm) en NetBSD anerior al 12/02/2006, X.Org anterior al 25/02/2006, y Solaris 8 hasta 10 anterior a 06/10/2006, provoca que el archivo de errores de Xsession tenga permisos d\u00e9biles antes de que se ejecute chmod, lo que permite a atacantes remotos leer archivos de errores de Xsession de otros usuarios."
}
],
"id": "CVE-2006-5214",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-10T04:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22323"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22439"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22469"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22992"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017015"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20400"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-364-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3962"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5897"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-364-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1760"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-11 21:06
Modified
2025-04-09 00:30
Severity ?
Summary
NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet."
},
{
"lang": "es",
"value": "NetBSD 3.0, 3.1, y 4.0, cuando una instancia pppoe existe, no chequea correctamente la etiqueta de la longitud del paquete PPPoE, el cual permite a los atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de un paquete PPPoE manipulado."
}
],
"id": "CVE-2008-3584",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-11T21:06:44.697",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-010.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31597"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3467"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30838"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020749"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0633"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-010.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44679"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-19 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/99257 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/42272/ | ||
| cve@mitre.org | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99257 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42272/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F25F328-22FC-4189-B04E-965F2864B051",
"versionEndIncluding": "7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions."
},
{
"lang": "es",
"value": "NetBSD asigna el editor de enlace del tiempo de ejecuci\u00f3n del archivo ld.so directamente debajo de la regi\u00f3n stack, incluso si ASLR est\u00e1 habilitada, esto permite a los atacantes manipular m\u00e1s f\u00e1cilmente la memoria, lo que conlleva a la ejecuci\u00f3n de c\u00f3digo arbitraria. Esto afecta a NetBSD versi\u00f3n 7.1 y anteriores."
}
],
"id": "CVE-2017-1000375",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-19T16:29:00.560",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99257"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/42272/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/42272/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-19 20:59
Modified
2025-04-20 01:37
Severity ?
Summary
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc | Vendor Advisory | |
| cve@mitre.org | http://www.securitytracker.com/id/1035673 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035673 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23BD3A0-E5AD-4893-AAAF-E2858B4128CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1510AD8C-14AC-4649-AE37-5310575B3E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44D36CD7-FE10-4A72-8364-DE3EFD49AB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24469F6E-FC82-416A-9639-8FC37BE9745F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E28965-1C24-43CC-AFAA-5716D8F6CC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "368CB806-F671-481F-A9BE-DC320F82E5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E45F6-2EE9-4E97-B502-F48F2DDC5F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69CAE756-335E-4E02-83F9-B274D416775C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3784838-1A43-4C46-A730-4CB88594A449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F555CE26-6E23-4E7A-A138-6F675EA9BEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69071B74-471C-42C0-AF2D-2D278D355250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C501514-768D-4AC0-8797-152763F24F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2486C-5C39-40C7-B87B-969800F730C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0363300-1ACF-4F3E-97F2-F0AFA3F9EBDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program."
},
{
"lang": "es",
"value": "Fallo de manejo de CGI en bozohttpd en NetBSD 6.0 hasta la versi\u00f3n 6.0.6, 6.1 hasta la versi\u00f3n 6.1.5 y 7.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de argumentos manipulados, que son manejados por un programa no-CGI consciente."
}
],
"id": "CVE-2015-8212",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-19T20:59:00.330",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035673"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-07-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The rwho/rwhod service is running, which exposes machine status and user information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rwho/rwhod service is running, which exposes machine status and user information."
}
],
"id": "CVE-1999-0628",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-07-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name."
}
],
"id": "CVE-2000-0750",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"source": "cve@mitre.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata.html#mopd"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata.html#mopd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1558"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://online.securityfocus.com/archive/1/283033 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.iss.net/security_center/static/9633.php | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/5265 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://online.securityfocus.com/archive/1/283033 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/9633.php | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5265 | Broken Link, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 3.5 | |
| freebsd | freebsd | 3.5.1 | |
| freebsd | freebsd | 4.0 | |
| freebsd | freebsd | 4.1 | |
| freebsd | freebsd | 4.1.1 | |
| freebsd | freebsd | 4.2 | |
| freebsd | freebsd | 4.3 | |
| freebsd | freebsd | 4.4 | |
| freebsd | freebsd | 4.5 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 5.0 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.3 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| openbsd | openbsd | 2.0 | |
| openbsd | openbsd | 2.1 | |
| openbsd | openbsd | 2.2 | |
| openbsd | openbsd | 2.3 | |
| openbsd | openbsd | 2.4 | |
| openbsd | openbsd | 2.5 | |
| openbsd | openbsd | 2.6 | |
| openbsd | openbsd | 2.7 | |
| openbsd | openbsd | 2.8 | |
| openbsd | openbsd | 2.9 | |
| openbsd | openbsd | 3.0 | |
| openbsd | openbsd | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file."
}
],
"id": "CVE-2002-1915",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/283033"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/9633.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/5265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/283033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/9633.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/5265"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-04-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device."
}
],
"id": "CVE-1999-0466",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-04-21T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/905"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-20 15:15
Modified
2024-11-21 01:44
Severity ?
Summary
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2012/10/10/12 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.securityfocus.com/bid/56170/info | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/10/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/56170/info | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26A36B-994E-4C44-8A65-52E3F19263F6",
"versionEndExcluding": "9.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2ACC2F-7A36-42A2-A771-E52A1FAFFF51",
"versionEndExcluding": "6.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de IPv6 en FreeBSD y NetBSD (versiones desconocidas, a\u00f1o 2012 y anteriores) permite a atacantes remotos causar una denegaci\u00f3n de servicio por medio de una avalancha de paquetes ICMPv6 Router Advertisement, que contienen m\u00faltiples entradas de Enrutamiento."
}
],
"id": "CVE-2012-5365",
"lastModified": "2024-11-21T01:44:36.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-20T15:15:11.400",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/56170/info"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/56170/info"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-09 02:44
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16C117F3-3684-4683-9F9E-CEDD5B88F9CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing \"~\" characters."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n command_Expand_Interpret de command.c en ppp (aka user-ppp), como se distribuy\u00f3 en FreeBSD 6.3 y 7.0, OpenBSD 4.1 y 4.2, y el paquete net/userppp para NetBSD, permite a usuarios locales obtener privilegios a trav\u00e9s de comandos largos que contienen los caracteres \"~\"."
}
],
"id": "CVE-2008-1215",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-09T02:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29234"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29238"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29240"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata41.html#014_ppp"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata42.html#009_ppp"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/82/488980/30/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/82/489031/30/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28090"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata41.html#014_ppp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata42.html#009_ppp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/82/488980/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/82/489031/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41034"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-20 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka "a dangling socket").
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:current:*:*:*:*:*:*:*",
"matchCriteriaId": "F30E9234-481B-41BC-BFC2-9E9773DEE65C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka \"a dangling socket\")."
},
{
"lang": "es",
"value": "La funci\u00f3n accept en NetBSD-current versiones anteriores a 20061023, NetBSD 3.0 y 3.0.1 versiones anteriores a 20061024, y NetBSD 2.x versiones anteriores a 20061029, permite a atacantes locales provocar una denegaci\u00f3n de servicio (agotamiento de socket) a trav\u00e9s del par\u00e1metro inv\u00e1lido (1) name \u00f3 (2) namelen, que podr\u00eda resultar en un socket nunca cerrado (tambi\u00e9n conocido como \"un socket colagado (dangling)\")"
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product updates:\r\nNetBSD, NetBSD, current (10/23/2006)\r\nNetBSD, NetBSD, 3.0 (10/24/2006)\r\nNetBSD, NetBSD, 3.0.1 (10/24/2006) \r\nNetBSD, NetBSD, 2.0 (10/29/2006)",
"id": "CVE-2006-6653",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-20T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017293"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9D1BD9-4300-43B5-A87B-E2BF74E55C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "837EBF15-6C7D-46B8-8A90-9DFBF2C09FF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks."
}
],
"id": "CVE-2003-0730",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000821"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106229335312429\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24168"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24247"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-380"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8514"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106229335312429\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0589"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EDB1993-75C9-4738-BDB3-E4433AC202FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB15FBD9-B4F8-42EF-92C2-8D70A2385E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA109D17-268F-4E8A-BBA9-0EAA6B46A705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "59EFCFC1-A15C-4B8D-BCCE-DB401A50D23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:4.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8257C916-6F4D-4B7E-8EED-B2789B3B35AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB79EDA4-9B2C-4C4C-A5DE-CB8C6EB00BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF8869C-2446-48F3-A1CD-70AE44D74EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "199F4D8C-2FB9-4AF7-B7A3-339513665616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41D0212C-EA41-4DF3-9A93-4559545BCD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3567046C-FE3F-424D-A1B0-D7A43D00B79F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40511481-CD42-4EB7-BE2A-7A78964B7D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D926CDA1-AF2B-4DED-93AE-8F12091E0B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "536CB843-5FF6-4BC1-A6DA-92A8CB69D6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B4722F-1FBA-4A73-BF85-5920B94F833D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FD1CEC-9064-483C-A3C2-04E3C50EFBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05B1518A-9BBC-4CDB-8338-4DCC9A1A91D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C26983FB-6FD7-4938-8025-E535A6505ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52D01CD7-CE53-44D6-82C6-C72579BA089C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "73F04863-29CB-4E0C-838B-1C23E25C129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.4t:*:*:*:*:*:*:*",
"matchCriteriaId": "79AA794C-C18F-48A4-ADCB-DC219DF259CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4B36C0-D3FF-4B33-B810-DB920062480B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5_iop:*:*:*:*:*:*:*",
"matchCriteriaId": "C03CED73-9451-4DE4-A00A-7EAB24424CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5_ipr:*:*:*:*:*:*:*",
"matchCriteriaId": "29446761-8ACE-4E05-82C3-3FF77C1E2CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "20B3C51E-DE28-4B50-B841-31CCFEA88A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5d:*:*:*:*:*:*:*",
"matchCriteriaId": "A67E6C0C-F5A4-4591-94B9-3D72221C0933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC66EB2-FFC7-4EF1-9591-A5C5E1E7C919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "85D02672-84E9-4036-8ED8-FE6EF4D7E275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5g:*:*:*:*:*:*:*",
"matchCriteriaId": "646483C9-6FFC-46FE-B9CD-40D733FABFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5h:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B71C71-FA29-4B4C-831C-63AE2797BA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D792E16B-A1AB-4BCE-9E6E-88C17D4F57CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "30F950B1-7D5F-4CA9-BBEF-E6DB1A28C156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "333103D5-71B8-4DC1-90F7-15F2841955D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A889C10-0637-4133-AFBD-533C8397BE89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E292DA15-91BF-4957-9C0F-A69518538BED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26144F94-63FD-4907-B548-09B68C2FC9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26309EFA-0991-46B6-9818-F0FBB902D5F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "966C1A13-8007-408D-96BE-0DA3BB6CA401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD254562-D74A-4D7C-B846-E242D785B830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFBCFEE-C24C-4D38-83F9-810E05D27901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:nec:asl_ux_4800:64:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1C22CE-FF69-44CF-82C3-EBFDA9E7EC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1530468C-EDEF-431D-9164-B0D670AF07D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "54AF87E4-52A4-44CA-B48E-A5BB139E6410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases."
}
],
"id": "CVE-1999-0009",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-04-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/134"
},
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sendmail Consortium\u0027s Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) \"||\" sequences or (2) \"/\" characters, which are not properly filtered or verified."
},
{
"lang": "es",
"value": "Sendmail Consortium\u0027s Restricted Shell (SMRSH) en Sendmail 8.12.6, 8.11.6-15 y anteriores, permite a atacantes puentear las restricciones pretendidas de smrsh insertando caract\u00e9res adicionales despu\u00e9s de secuencias \"||\" (dos barras verticales) o \"/\" (barra), que no son adecuadamente filtradas o verificadas."
}
],
"id": "CVE-2002-1165",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000532"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103350914307274\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/7826"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10232.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:083"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5845"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/smrsh.adv.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103350914307274\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/7826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10232.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/smrsh.adv.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-08 01:28
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability"
},
{
"lang": "es",
"value": "** IMPUGNADO ** Desbordamiento de entero en banner/banner.c de FreeBSD, NetBSD, y OpenBSD podr\u00eda permitir a usuarios locales modificar la memoria mediante un banner largo.\r\nNOTA: CVE y m\u00faltiples terceras partes impugnan esta vulnerabilidad. Dado que banner no es un stuid, un exploit no podr\u00eda cruzar l\u00edmites de privilegios en operaciones normales. Esta cuesti\u00f3n no es una vulnerabilidad."
}
],
"id": "CVE-2006-6397",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-08T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452322/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452330/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452374/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452470/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452322/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452330/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452374/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452470/100/200/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length."
}
],
"id": "CVE-2001-0993",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1910"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3088"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6908"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-20 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors."
},
{
"lang": "es",
"value": "La funci\u00f3n if_clone_list en NetBSD-current anterior al 27/10/2006, NetBSD 3.0 y 3.0.1 anterior al 27/10/2006, y NetBSD 2.x anterior al 19/11/2006 permite a usuarios locales leer informaci\u00f3n potencialmente sensible de la memoria de la pila que no ha sido inicializada mediante vectores no especificados."
}
],
"id": "CVE-2006-6657",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-20T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017292"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-19 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | 2.1.9 | |
| x | libxfont | * | |
| x | libxfont | 1.2.0 | |
| x | libxfont | 1.2.1 | |
| x | libxfont | 1.2.2 | |
| x | libxfont | 1.2.3 | |
| x | libxfont | 1.2.4 | |
| x | libxfont | 1.2.5 | |
| x | libxfont | 1.2.6 | |
| x | libxfont | 1.2.7 | |
| x | libxfont | 1.2.8 | |
| x | libxfont | 1.2.9 | |
| x | libxfont | 1.3.0 | |
| x | libxfont | 1.3.1 | |
| x | libxfont | 1.3.2 | |
| x | libxfont | 1.3.3 | |
| x | libxfont | 1.3.4 | |
| x | libxfont | 1.4.0 | |
| x | libxfont | 1.4.1 | |
| x | libxfont | 1.4.2 | |
| freebsd | freebsd | * | |
| netbsd | netbsd | * | |
| openbsd | openbsd | * | |
| openbsd | openbsd | 2.0 | |
| openbsd | openbsd | 2.1 | |
| openbsd | openbsd | 2.2 | |
| openbsd | openbsd | 2.3 | |
| openbsd | openbsd | 2.4 | |
| openbsd | openbsd | 2.5 | |
| openbsd | openbsd | 2.6 | |
| openbsd | openbsd | 2.7 | |
| openbsd | openbsd | 2.8 | |
| openbsd | openbsd | 2.9 | |
| openbsd | openbsd | 3.0 | |
| openbsd | openbsd | 3.1 | |
| openbsd | openbsd | 3.2 | |
| openbsd | openbsd | 3.3 | |
| openbsd | openbsd | 3.4 | |
| openbsd | openbsd | 3.5 | |
| openbsd | openbsd | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*",
"matchCriteriaId": "366E84EE-4BAC-4816-B04A-7B60F70B0084",
"versionEndIncluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7B86F-A74E-42D8-BBE6-D86C4EB672B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9806D538-0672-4D27-9A32-F41BB53DF738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29297813-F2F4-48BF-8DEA-DC83E44D154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1437F3D-127E-45E7-B678-85BF208BAD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26743145-32B4-45A6-8912-2B97EF59B677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C18E74E-DB01-4D5F-BD18-DE370BA56A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "06DBC61A-10CD-41ED-AC1B-16C867823059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "061E16E4-0DD2-45B0-927D-5E6D97D54D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "58F3B17A-D8A9-4581-8EAC-4D6498A23F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D064C118-DC51-46CF-961E-3D70C1EEFC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F45C46-F416-46FC-8C98-79D57BB397D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B21FE78A-41E1-46A7-8129-94CBA34A3FA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5ADFF46D-9680-410C-B8B8-79F629534465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D36FBB2E-7BCD-4212-AE04-8C7C6B57CD49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A603E28-7D58-44FB-819E-5F22FA9860EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9EE6A0-89DC-464D-890F-2C0E5CDCFAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B056FDAB-4B10-4B32-A942-84864D39CBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "642C350E-C81B-46F7-84B4-D3DE45E70DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC69AE-D8BB-410B-B911-BFEA95774C3D",
"versionEndIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896."
},
{
"lang": "es",
"value": "El descompresor en LZW en (1) la funci\u00f3n BufCompressedFill en fontfile/decompress.c en X.Org libXfont antes de la versi\u00f3n v1.4.4 y (2) compress/compress.c en 4.3BSD, tal y como se utiliza en zopen.c en OpenBSD antes de la versi\u00f3n v3.8, FreeBSD, NetBSD, FreeType v2.1.9, y otros productos, no controla correctamente las palabras de c\u00f3digo ausentes de la tabla de descompresi\u00f3n, lo que permite provocar un bucle infinito o un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) a atacantes (dependiendo del contexto) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un flujo comprimido debidamente modificado. Se trata de un problema relacionado con los CVE-2006-1168 y CVE-2011 2896."
}
],
"id": "CVE-2011-2895",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-08-19T17:55:03.037",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"source": "secalert@redhat.com",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45544"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45568"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45599"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/45986"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46127"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025920"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5281"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49124"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205635"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205637"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205640"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/45986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205641"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-27 19:15
Modified
2024-11-21 01:28
Severity ?
Summary
Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA21B68-4060-4AE3-BB27-7304561AD912",
"versionEndExcluding": "8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "E42A3980-EB24-473E-9890-E83F94182751",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en el protocolo 802.11 stack, como es usado en FreeBSD versiones anteriores a la versi\u00f3n 8.2 y NetBSD cuando es usado en ciertas arquitecturas que no son x86. Un error de firma en la ioctl IEEE80211_IOC_CHANINFO permite a un usuario local sin privilegios causar que el kernel copie grandes cantidades de memoria de kernel hacia el usuario, revelando informaci\u00f3n potencialmente confidencial."
}
],
"id": "CVE-2011-2480",
"lastModified": "2024-11-21T01:28:22.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-27T19:15:11.603",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2011-2480"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2480"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2011/06/20/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2011-2480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2011/06/20/15"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-05-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD allows ARP packets to overwrite static ARP entries.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD allows ARP packets to overwrite static ARP entries."
}
],
"id": "CVE-1999-0764",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-05-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6539"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en talkd en NetBSD 1.6 y anteriores, y posiblemente otros sistemas operativos, pueden permitir a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un mensaje largo entrante."
}
],
"id": "CVE-2002-1194",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10303.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10303.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5910"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs."
}
],
"id": "CVE-2005-4779",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4\u0026r2=1.4.2.1\u0026f=h"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"source": "cve@mitre.org",
"url": "http://releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4\u0026r2=1.4.2.1\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20725"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "783973F9-2A6E-4DDF-A64C-7794FFD0B7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n systrace_preprepl (STRIOCREPLACE) en systrace de OpenBSD 3.9 y NetBSD 3 permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda), escalar privilegios, o leer memoria del n\u00facleo de su elecci\u00f3n mediante argumentos num\u00e9ricos muy grandes en la llamada ioctl systrace."
}
],
"evaluatorSolution": "A patch has been released for each affected product which addresses this vulnerability.",
"id": "CVE-2006-5218",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-10T04:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://openbsd.org/errata.html#systrace"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2006-003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22324"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017009"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/29570"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20392"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openbsd.org/errata.html#systrace"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2006-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/29570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29392"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input."
}
],
"id": "CVE-2002-1543",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10458.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7570"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10458.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6036"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-09-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "056B3397-81A9-4128-9F49-ECEBE1743EE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsd:bsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B44D379F-F380-42EC-9C9A-A4C8314A4BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsd:bsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C37EB61-50BE-451A-916B-B05BAC79962B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID."
}
],
"id": "CVE-1999-1214",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-09-15T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/11062"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/11062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/556"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "E2EE8A19-8AB1-4283-95EA-9EE3C7E5DED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BSD make program allows local users to modify files via a symlink attack when the -j option is being used."
}
],
"id": "CVE-2000-0092",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:01.make.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:01.make.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/939"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-02 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del protocolo de descubrimiento de vecinos (Neighbor Discovery - ND) en la pila IPv6 en FreeBSD, NetBSD, y posiblemente, otros sistemas operativos basados ??en BSD permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU y bloqueo del dispositivo) mediante el env\u00edo de muchos mensajes de anuncio de enrutador (Router Advertisemente - RA) con direcciones de origen diferente. Se trata de una vulnerabilidad similar a CVE-2010-4670."
}
],
"id": "CVE-2011-2393",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-02T17:55:00.910",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2011/Apr/86"
},
{
"source": "cve@mitre.org",
"url": "http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2011/Apr/86"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-04-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS."
}
],
"id": "CVE-1999-0446",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-04-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7051"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-07-03 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "071B436C-4D6F-4C7D-943E-C682B29A9701",
"versionEndIncluding": "1.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail."
}
],
"id": "CVE-1999-1409",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-07-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=90233906612929\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/7577.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/331"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=90233906612929\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/7577.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option."
}
],
"id": "CVE-2000-0440",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-002.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0088.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-002.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0088.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1173"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-25 16:19
Modified
2025-04-09 00:30
Severity ?
Summary
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ietf:ipv6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73399CF9-225E-4FB5-8F34-2898E914018A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3D95D05C-4FE1-4408-B8B8-5C5932800385",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ietf:ipv6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73399CF9-225E-4FB5-8F34-2898E914018A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9118B602-3FB6-4701-AC09-763DD48334BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ietf:ipv6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73399CF9-225E-4FB5-8F34-2898E914018A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers."
},
{
"lang": "es",
"value": "El protocolo IPv6 permite a atacantes remotos provocar una denegaci\u00f3n de servicio mediante cabeceras IPv6 de enrutamiento de tipo 0 (IPV6_RTHDR_TYPE_0) lo cual provoca amplificaci\u00f3n de la red entre dos enrutadores."
}
],
"id": "CVE-2007-2242",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-25T16:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=305712"
},
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=306375"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://openbsd.org/errata39.html#022_route6"
},
{
"source": "cve@mitre.org",
"url": "http://openbsd.org/errata40.html#012_route6"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24978"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25033"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25068"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25083"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25288"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25691"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25770"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26133"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26620"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26651"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26664"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26703"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28806"
},
{
"source": "cve@mitre.org",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/267289"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467939/30/6690/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23615"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017949"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-508-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1563"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2270"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3050"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33851"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1310"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=305712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=306375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openbsd.org/errata39.html#022_route6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openbsd.org/errata40.html#012_route6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/267289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467939/30/6690/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-508-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-16 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions."
}
],
"id": "CVE-2004-1323",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-16T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13501/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13501/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18564"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-03 10:04
Modified
2025-04-03 01:03
Severity ?
Summary
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory."
}
],
"id": "CVE-2006-1588",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-03T10:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19464"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015846"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24262"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/17312"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/17312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25582"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-03 15:07
Modified
2025-04-09 00:30
Severity ?
Summary
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:force10:ftos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4941A848-A02E-4234-82A3-076AABC94476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:jnos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD3413A-DD12-4C60-88F4-E2D6C1264319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCBBA4F-BD05-4044-98A0-2825A413D299",
"versionEndIncluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*",
"matchCriteriaId": "F69B80D9-E6A6-4761-9EE3-3EF5E55EFA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3680A0-7B0C-4E91-97D7-B3F33EE1569A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB)."
},
{
"lang": "es",
"value": "La implementaci\u00f3n IPv6 Neighbor Discovery Protocol (NDP) en (1) FreeBSD v6.3 hasta v7.1, (2) OpenBSD v4.2 y v4.3, (3) NetBSD, (4) Force10 FTOS versiones anteriores a vE7.7.1.1, (5) Juniper JUNOS, y (6) Wind River VxWorks 5.x hasta v6.4 no valida los mensaje originales de Neighbor Discovery, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de conectividad) o leer tr\u00e1fico de red privado a trav\u00e9s de mensajes falsos que modifica la Forward Information Base (FIB)."
}
],
"id": "CVE-2008-2476",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-03T15:07:10.727",
"references": [
{
"source": "cret@cert.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32112"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/32116"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32117"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/32133"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/32406"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1020968"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT3467"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/472363"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
},
{
"source": "cret@cert.org",
"url": "http://www.openbsd.org/errata42.html#015_ndp"
},
{
"source": "cret@cert.org",
"url": "http://www.openbsd.org/errata43.html#006_ndp"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/31529"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1021109"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1021132"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2750"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2751"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2752"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2009/0633"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
},
{
"source": "cret@cert.org",
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/472363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata42.html#015_ndp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata43.html#006_ndp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
}
],
"sourceIdentifier": "cret@cert.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG.",
"lastModified": "2017-09-28T21:31:11.053",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.3 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:alpha:*:*:*:*:*",
"matchCriteriaId": "87FD0350-38E2-46D3-B17F-6C3F9C3488A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:arm32:*:*:*:*:*",
"matchCriteriaId": "3DC541BB-95DF-4A31-998F-983255F8B485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5AB998EB-E5F3-414D-AA99-34DC7B32E870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "4319B741-4376-4EA2-9FEB-236C148D1514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "247ABD95-74CA-45B8-8729-3C35C9E11186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*",
"matchCriteriaId": "1D4C44E8-075A-4B48-88DA-2CAC25CDF159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sh3:*:*:*:*:*",
"matchCriteriaId": "393738E7-93E1-4A37-817B-C023A9BD1DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "19D1E7AC-79B6-4136-ADB2-06BEE9773795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "E2EE8A19-8AB1-4283-95EA-9EE3C7E5DED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
"matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET()."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en mrinfo, mtrace, y pppd en NetBSD 1.4.x a 1.6 permite a usuarios locales ganar privilegios ejecutando los programas despues de rellenar las tablas de descritptores de ficherros, lo que produce descriptores de ficheros mayores que FD_SETSIZE, que no son comprobados por FD_SET()"
}
],
"id": "CVE-2002-1500",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10114.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10114.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5727"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-20 15:15
Modified
2024-11-21 01:44
Severity ?
Summary
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2012/10/10/12 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://www.securityfocus.com/bid/56170/info | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/10/10/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/56170/info | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26A36B-994E-4C44-8A65-52E3F19263F6",
"versionEndExcluding": "9.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2ACC2F-7A36-42A2-A771-E52A1FAFFF51",
"versionEndExcluding": "6.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de IPv6 en FreeBSD y NetBSD (versiones desconocidas, a\u00f1o 2012 y anteriores), permite a atacantes remotos causar una denegaci\u00f3n de servicio por medio de una avalancha de mensajes ICMPv6 Neighbor Solicitation, una vulnerabilidad diferente de CVE-2011-2393."
}
],
"id": "CVE-2012-5363",
"lastModified": "2024-11-21T01:44:35.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-20T15:15:11.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/56170/info"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/56170/info"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-20 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read."
},
{
"lang": "es",
"value": "El m\u00f3dulo del Kernel Coda filesystem, tambi\u00e9n utilizado en NetBSD y FreeBSD, cuando Coda se carga y Venus se ejecuta con /coda montada, permite a usuarios locales leer informaci\u00f3n sensible de la memoria din\u00e1mica a trav\u00e9s de un valor out_size grande en una estructura ViceIoctl a un Coda ioctl, lo que provoca una sobrelectura del b\u00fafer."
}
],
"id": "CVE-2010-3014",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-20T20:00:02.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15\u0026r2=1.16\u0026only_with_tag=MAIN"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svn.freebsd.org/viewvc/base?view=revision\u0026revision=210997"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/513151/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vsecurity.com/resources/advisory/20100816-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15\u0026r2=1.16\u0026only_with_tag=MAIN"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.freebsd.org/viewvc/base?view=revision\u0026revision=210997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/513151/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vsecurity.com/resources/advisory/20100816-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 2.0.34 | |
| digital | unix | 4.0 | |
| netbsd | netbsd | * | |
| redhat | linux | 2.0.34 | |
| slackware | slackware_linux | 2.0.34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6AB54-5D9F-4EE2-8AA4-7E61F09C7F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5ACB4A-7B75-4B29-813D-EDE7E566A754",
"versionEndIncluding": "1.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CA3C2F-739A-4E61-803A-877978D70468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CE11D-53A9-4C69-8AC4-2ECE48468125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero."
}
],
"id": "CVE-2000-0314",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7574"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-20 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de procfs en NetBSD-current anterior al 23/10/2006, NetBSD 3.0 y 3.0.1 anterior al 29/10/2006 permite a usuarios locales provocar una denegaci\u00f3n de servicio (error irrecuperable del sistema, \"kernel panic\") al intentar acceder a /emul/linux/proc/0/stat en un sistema de ficheros procfs que ha sido montado con mount_procfs -o linux, lo cual resulta en una referencia a un puntero NULL."
}
],
"id": "CVE-2006-6655",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-20T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017293"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-29 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 1.1.5.1 | |
| freebsd | freebsd | 2.0 | |
| freebsd | freebsd | 2.0.5 | |
| freebsd | freebsd | 2.1.0 | |
| freebsd | freebsd | 2.1.5 | |
| freebsd | freebsd | 2.1.6 | |
| freebsd | freebsd | 2.1.6.1 | |
| freebsd | freebsd | 2.1.7.1 | |
| freebsd | freebsd | 2.2 | |
| freebsd | freebsd | 2.2.2 | |
| freebsd | freebsd | 2.2.3 | |
| freebsd | freebsd | 2.2.4 | |
| freebsd | freebsd | 2.2.5 | |
| freebsd | freebsd | 2.2.6 | |
| freebsd | freebsd | 2.2.8 | |
| freebsd | freebsd | 3.0 | |
| freebsd | freebsd | 3.1 | |
| freebsd | freebsd | 3.2 | |
| freebsd | freebsd | 3.3 | |
| freebsd | freebsd | 3.4 | |
| freebsd | freebsd | 4.0 | |
| freebsd | freebsd | 4.0 | |
| freebsd | freebsd | 5.0 | |
| freebsd | freebsd | 5.0 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7891202C-62AF-4590-9E5F-3514FDA2B38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "E3F7EB61-55A5-4776-B0E7-3508920A6CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "247ABD95-74CA-45B8-8729-3C35C9E11186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*",
"matchCriteriaId": "1D4C44E8-075A-4B48-88DA-2CAC25CDF159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "19D1E7AC-79B6-4136-ADB2-06BEE9773795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
"matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call."
}
],
"id": "CVE-2000-0461",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:19.semconfig.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata26.html#semconfig"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:19.semconfig.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata26.html#semconfig"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1270"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-25 19:25
Modified
2025-04-09 00:30
Severity ?
Summary
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser."
},
{
"lang": "es",
"value": "ftpd en OpenBSD 4.3, FreeBSD 7.0, y NetBSD 4.0 interpreta como m\u00faltiples comandos los comandos largos desde un cliente FTP, lo que permite a atacantes remotos llevar a cabo ataques de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSFR) y ejecutar comandos FTP de su elecci\u00f3n a trav\u00e9s de una URI ftp:// larga que aprovecha una sesi\u00f3n FTP existente en la implementaci\u00f3n de un cliente FTP en un navegador web."
}
],
"id": "CVE-2008-4247",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-25T19:25:18.817",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-014.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3115"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32068"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32070"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33341"
},
{
"source": "cve@mitre.org",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:12.ftpd.asc"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/achievement_securityalert/56"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4313"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51\u0026r2=1.52\u0026f=h"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c.diff?r1=1.183\u0026r2=1.184\u0026f=h"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020946"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-014.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:12.ftpd.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/achievement_securityalert/56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51\u0026r2=1.52\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c.diff?r1=1.183\u0026r2=1.184\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021112"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-05-03 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB651DC9-E4F0-440F-A339-CFA576CED78C",
"versionEndIncluding": "1.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB5D3D-E070-4C56-9677-E55B1CDBBCDC",
"versionEndIncluding": "2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address."
}
],
"id": "CVE-2001-0268",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-05-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/358960"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata.html#userldt"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6141"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/2739"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/358960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata.html#userldt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/2739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6222"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-18 10:02
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory."
}
],
"id": "CVE-2006-1814",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-18T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-013.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19616"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015909"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24579"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17498"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-013.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25764"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-10 20:19
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:navision:financials_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B70D3E5-924C-4AB7-ABF7-6273DE325007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n ktruser en NetBSD-current versiones anteriores a 20061022, NetBSD 3 y 3-0 versiones anteriores a 20061024, y NetBSD 2 versiones anteriores a 20070209, cuando el kernel se construye con la opci\u00f3n COMAPT_FREEBSD o COMPAT_DARWIN, permite a usuarios locales provocar una denegaci\u00f3n de servicio y posiblemente obtener privilegios."
}
],
"id": "CVE-2007-1273",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-10T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-001.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35453"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22878"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-21 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA79CE41-D873-4A4A-A20C-83EB8772E5FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types."
},
{
"lang": "es",
"value": "El m\u00f3dulo VIQR en la implementaci\u00f3n iconv en FreeBSD 10.0 anterior a p6 y NetBSD permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (acceso a array fuera de rango) a trav\u00e9s de un argumento manipulado en la funci\u00f3n iconv_open. NOTA: este problema ha sido dividido (SPLIT) del CVE-2014-3951 por ADT2 debido a diferentes tipos de vulnerabilidad."
}
],
"id": "CVE-2014-5384",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-21T22:55:03.690",
"references": [
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030458"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xfree86_project | x11r6 | 3.3.3 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| redhat | linux | 5.1 | |
| redhat | linux | 5.2 | |
| slackware | slackware_linux | 3.3 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 | |
| slackware | slackware_linux | 3.6 | |
| slackware | slackware_linux | 4.0 | |
| suse | suse_linux | 5.1 | |
| suse | suse_linux | 5.2 | |
| suse | suse_linux | 6.0 | |
| suse | suse_linux | 6.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"id": "CVE-1999-0433",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-02-16 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kth | kth_kerberos | 4 | |
| netbsd | netbsd | 1.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kth:kth_kerberos:4:*:*:*:*:*:*:*",
"matchCriteriaId": "A04BDD12-4421-49FA-9322-25F00B0402F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges."
}
],
"id": "CVE-2001-0033",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-02-16T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5738"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-16 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "FCB9E9F8-7C6B-4BC7-A593-A11B9D6F0B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F4B6E29-B74F-45FF-AEB1-A118753F8E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49AF042F-5047-4FA2-B20C-65B2C6EBEA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE00F7F-0A3A-4ECA-9FB6-1DE37C2ED5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "38C0F962-B1C5-4F4B-A7C2-AB8C3EDC996D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group."
},
{
"lang": "es",
"value": "El m\u00f3dulo pam_unix en OpenPAM en NetBSD v4.0 anteriores a v4.0.2 y v5.0 anteriores a v5.0.1 permite a los usuarios locales cambiar la contrase\u00f1a de administrador actual si ya se conoce, a\u00fan cuando no est\u00e1n en el grupo \"wheel \"."
}
],
"id": "CVE-2009-2482",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-16T16:30:00.453",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/55284"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35553"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35465"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022432"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/55284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51312"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-26 23:28
Modified
2025-04-09 00:30
Severity ?
Summary
OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2."
},
{
"lang": "es",
"value": "OpenBSD y NetBSD permiten al c\u00f3digo en modo de usuario matar el servidor de pantalla y escribir en dispositivo X.Org /dev/xf86, lo cual permite a usuarios locales con privilegios de root reducir el nivel de seguridad reemplazando el manejador del Modo de Administraci\u00f3n de Sistema (System Management Mode o SMM) mediante una escritura a una direcci\u00f3n SMRAM dentro de /dev/xf86 (esto es el rango de E/S mapeado en memoria para la tarjeta de v\u00eddeo), y entonces lanzando el nuevo manejador mediante una Interrupci\u00f3n de Administraci\u00f3n de Sistema (System Management Interrupt o SMI), tal y como se ha demostrado con una escritura al puerto de E/S Programada 0xB2."
}
],
"id": "CVE-2006-6730",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-26T23:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.freedesktop.org/archives/xorg/2004-June/000927.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.cansecwest.com/slides06/csw06-duflot.ppt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/454379/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/454510/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/454706/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.freedesktop.org/archives/xorg/2004-June/000927.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cansecwest.com/slides06/csw06-duflot.ppt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454379/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454510/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454706/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-05-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| digital | osf_1 | 1.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| openbsd | openbsd | 2.1 | |
| openbsd | openbsd | 2.2 | |
| sun | solaris | * | |
| sun | solaris | 1.1.3 | |
| sun | solaris | 1.1.4 | |
| sun | solaris | 2.4 | |
| sun | solaris | 2.5 | |
| sun | sunos | - | |
| sun | sunos | 4.1.3 | |
| sun | sunos | 4.1.4 | |
| sun | sunos | 5.0 | |
| sun | sunos | 5.1 | |
| sun | sunos | 5.2 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:digital:osf_1:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE849FB-8F06-4430-B646-6C7024EADD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:x86:*:*:*:*:*",
"matchCriteriaId": "FEEC0C5A-4A6E-403C-B929-D1EC8B0FE2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:1.1.3:u1:*:*:*:*:*:*",
"matchCriteriaId": "D3373737-C6FC-4D19-845C-B0382AE1DC48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:1.1.4:*:jl:*:*:*:*:*",
"matchCriteriaId": "10EC0267-500D-496F-9D88-7F93F7D4A88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "615FA6E4-4DE0-422A-9220-F747D95192C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames."
}
],
"id": "CVE-1999-0303",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-05-21T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-07 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sendmail | sendmail | * | |
| sendmail | sendmail | * | |
| sendmail | sendmail | * | |
| hp | alphaserver_sc | * | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| hp | hp-ux | 10.10 | |
| hp | hp-ux | 10.20 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.0.4 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.22 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| oracle | solaris | 2.6 | |
| oracle | solaris | 7.0 | |
| oracle | solaris | 8 | |
| oracle | solaris | 9 | |
| sun | sunos | - | |
| sun | sunos | 5.7 | |
| sun | sunos | 5.8 | |
| windriver | bsdos | 4.2 | |
| windriver | bsdos | 4.3.1 | |
| windriver | bsdos | 5.0 | |
| windriver | platform_sa | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3A2C0-B076-4351-8085-DA3A37117453",
"versionEndExcluding": "8.9.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE239ED-94EE-40C7-9133-D1F4779A2E0C",
"versionEndExcluding": "8.11.6",
"versionStartIncluding": "8.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64788C22-64F9-41DB-A4C2-BFCD6DBD8EE6",
"versionEndExcluding": "8.12.8",
"versionStartIncluding": "8.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:alphaserver_sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5556D665-3792-4832-9EEE-D1122C9BF98E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69C7B4A8-E8D0-425C-B979-17E85458B0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F538D2B-1AE1-4766-830E-CF7999181128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:*",
"matchCriteriaId": "722A52CF-4C6E-44D3-90C4-D2F72A40EF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4F864AD7-53A2-4225-870F-062876CE45DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:bsdos:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18B197B3-AA07-440F-A733-80B7CE07B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:bsdos:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42761237-75A9-4E8C-8202-3CA3EB3D1ACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:bsdos:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7FAFD2BC-330C-4357-B8C7-F451C6282869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:platform_sa:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2151D858-F6D4-472E-9CC7-A8EA26E27CC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Sendmail 5.79 a la 8.12.7 que permite a atacantes remotos la ejecuci\u00f3n arbitraria de c\u00f3digo mediante ciertos campos de direcci\u00f3n formateados, relativos a comentarios de cabecera de emisor y receptor, procesados por la funci\u00f3n crackaddr del fichero headers.c."
}
],
"id": "CVE-2002-1337",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-07T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-06-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mit | kerberos_5 | 1.1.1 | |
| mit | kerberos_5 | 1.2 | |
| mit | kerberos_5 | 1.2.1 | |
| mit | kerberos_5 | 1.2.2 | |
| sgi | irix | 6.1 | |
| sgi | irix | 6.5.1 | |
| sgi | irix | 6.5.2m | |
| sgi | irix | 6.5.3 | |
| sgi | irix | 6.5.3f | |
| sgi | irix | 6.5.3m | |
| sgi | irix | 6.5.4 | |
| sgi | irix | 6.5.5 | |
| sgi | irix | 6.5.6 | |
| sgi | irix | 6.5.7 | |
| sgi | irix | 6.5.8 | |
| sgi | irix | 6.5.10 | |
| sgi | irix | 6.5.11 | |
| freebsd | freebsd | 2.2 | |
| freebsd | freebsd | 2.2.2 | |
| freebsd | freebsd | 2.2.3 | |
| freebsd | freebsd | 2.2.4 | |
| freebsd | freebsd | 2.2.5 | |
| freebsd | freebsd | 2.2.6 | |
| freebsd | freebsd | 2.2.8 | |
| freebsd | freebsd | 3.0 | |
| freebsd | freebsd | 3.1 | |
| freebsd | freebsd | 3.2 | |
| freebsd | freebsd | 3.3 | |
| freebsd | freebsd | 3.4 | |
| freebsd | freebsd | 3.5 | |
| freebsd | freebsd | 3.5.1 | |
| freebsd | freebsd | 4.0 | |
| freebsd | freebsd | 4.1 | |
| freebsd | freebsd | 4.1.1 | |
| freebsd | freebsd | 4.2 | |
| netbsd | netbsd | 1.2.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.3 | |
| netbsd | netbsd | 1.5 | |
| openbsd | openbsd | 2.3 | |
| openbsd | openbsd | 2.4 | |
| openbsd | openbsd | 2.5 | |
| openbsd | openbsd | 2.6 | |
| openbsd | openbsd | 2.7 | |
| openbsd | openbsd | 2.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8C0C82-749E-4837-88F8-FB56A753B094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD672FA-918D-48CB-BC03-4E412AF0DCCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "966C1A13-8007-408D-96BE-0DA3BB6CA401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
"matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3."
}
],
"id": "CVE-2001-0247",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-06-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-07.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.nai.com/research/covert/advisories/048.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2548"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-07.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nai.com/research/covert/advisories/048.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-13 21:17
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sysjail:sysjail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEAF47B-07F3-41C1-8AB1-E6F730B52235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systrace:systrace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "946E0FEF-F738-4EDE-9FD6-7F80428F3C29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6060C8CB-1592-479E-86AD-AC180F855BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DAA88C-BADD-405A-9E66-5B0839595A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "04D5E3B7-5377-4CA8-BA0D-056870CB717E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "22C11931-B594-43EC-9698-7152B1DF8CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "976B5923-1BCC-4DE6-A904-930DD833B937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5452DF1-0270-452D-90EB-45E9A084B94C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD12E6-F92E-4371-ADA7-BCD41E4C9014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "67FDF4FB-06FA-4A10-A3CF-F52169BC8072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B29018-B495-482A-8FF7-66821A178F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*",
"matchCriteriaId": "38718561-70C7-4E0D-9313-87A5E82ED338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*",
"matchCriteriaId": "D057064A-9B34-4224-97BA-4D5840A92BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*",
"matchCriteriaId": "E3C297DC-69B1-4BE6-A5EF-D320BD0CA968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*",
"matchCriteriaId": "2F4C1FFB-F6AA-4DED-9C54-DCB274F59A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*",
"matchCriteriaId": "338A92AC-92D2-40BF-9FAC-884AF6F74D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
"matchCriteriaId": "26DB5610-03CE-425E-8855-70D5787029FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6848519-57E8-4636-BE10-A0AF06787B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3p2:*:*:*:*:*:*:*",
"matchCriteriaId": "A458EA77-772C-4641-A08A-5733FA386974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3p3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B7415D-FE7F-4F67-8384-016BD6044015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3p4:*:*:*:*:*:*:*",
"matchCriteriaId": "09429504-327B-44B3-A651-E933EADA0300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3p5:*:*:*:*:*:*:*",
"matchCriteriaId": "7889BA46-0FAA-4D62-B2BB-B895060F5585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3p6:*:*:*:*:*:*:*",
"matchCriteriaId": "84FD9DD4-A6D0-40F4-9A8E-8E0017BE349C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3p7:*:*:*:*:*:*:*",
"matchCriteriaId": "B02CEAA5-8409-42AF-A4AE-58D9D16F007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DFC86C-7743-4F27-BC10-170F04C23D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5170421-BA0C-4365-9CD6-BD232EA08680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:*",
"matchCriteriaId": "5909AAA4-4AF9-4D23-87C5-5D7787909B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3E4716-6D11-46DD-9378-3C733BBDCD8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*",
"matchCriteriaId": "55799ECB-CEB1-4839-8053-4C1F071D1526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2170CFD0-2594-45FB-B68F-0A75114F00A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "03C07744-CAE8-44C6-965E-2A09BAE1F36C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:*",
"matchCriteriaId": "B17E0E59-C928-49AB-BAA7-4AE638B376D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5p1:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F99CB6-E185-4CE0-9E43-C5AE9017717B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5p2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F6F9C6-85B6-450F-9165-B23C2BF83EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "294FC65B-4225-475A-B49A-758823CEDECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6156B085-AA17-458C-AED1-D658275E43B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7_p5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C898BE7-506D-49DA-8619-F86C7A9FE902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B6419309-385F-4525-AD4B-C73B1A3ED935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "51F7E821-2908-47F1-9665-E9D68ECC242F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p2:*:*:*:*:*:*:*",
"matchCriteriaId": "C90D0AB4-F8A8-4301-99B5-757254FA999A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p5:*:*:*:*:*:*:*",
"matchCriteriaId": "A79C7098-37D0-4E6E-A22C-3C771D81956F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7D2832-B654-406E-AA34-B3BD1D6F0A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:*",
"matchCriteriaId": "D5688D95-89EF-4D2E-9728-2316CAC3CBE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p9:*:*:*:*:*:*:*",
"matchCriteriaId": "B69E49B2-1B3C-4434-ACF1-CF4F519E3C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p12:*:*:*:*:*:*:*",
"matchCriteriaId": "31B2C299-5D0B-44DA-91FD-4B1146BE9A7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing."
},
{
"lang": "es",
"value": "M\u00faltiples condiciones de carrera en (1) el modo monitor de Sudo Y (2) pol\u00edticas Sysjail en Systrace de NetBSD y OpenBSD permiten a usuarios locales vencer la interposici\u00f3n en llamadas al sistema, y por tanto evitar la pol\u00edtica de control de acceso y monitorizaci\u00f3n."
}
],
"id": "CVE-2007-4305",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-13T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26479"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25258"
},
{
"source": "cve@mitre.org",
"url": "http://www.watson.org/~robert/2007woot/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.watson.org/~robert/2007woot/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-03 10:04
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.6 up to 3.0, when a user has \"set record\" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file."
}
],
"id": "CVE-2006-1587",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-03T10:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-007.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19465"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015847"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24258"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-007.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25581"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-08-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/j-067.shtml | ||
| cve@mitre.org | http://www.securityfocus.com/bid/570 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/j-067.shtml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/570 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.4 | |
| openbsd | openbsd | 2.0 | |
| openbsd | openbsd | 2.1 | |
| openbsd | openbsd | 2.2 | |
| openbsd | openbsd | 2.3 | |
| openbsd | openbsd | 2.4 | |
| openbsd | openbsd | 2.5 | |
| sun | solaris | 2.4 | |
| sun | solaris | 2.5 | |
| sun | solaris | 2.6 | |
| sun | solaris | 7.0 | |
| sun | sunos | - | |
| sun | sunos | 5.1 | |
| sun | sunos | 5.2 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve."
}
],
"id": "CVE-1999-0674",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-08-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/j-067.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/j-067.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/570"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-20 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function."
},
{
"lang": "es",
"value": "La funci\u00f3n sendmsg en NetBSD-current versiones anteriores a 20061023, NetBSD 3.0 y 3.0.1 versiones anteriores a 20061024, y NetBSD 2.x versiones anteriores a 20061029, cuando se ejecutan en arquitecturas de 64-bit, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e1nico de kernel) a trav\u00e9s del par\u00e1metro invalid msg_controllen en la funci\u00f3n sendit."
}
],
"id": "CVE-2006-6654",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-20T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017293"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-21 23:07
Modified
2025-04-09 00:30
Severity ?
Summary
The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:current:*:*:*:*:*:*:*",
"matchCriteriaId": "F30E9234-481B-41BC-BFC2-9E9773DEE65C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact."
},
{
"lang": "es",
"value": "El n\u00facleo NetBSD-current antes del 28/10/2006 no realiza la comprobaci\u00f3n de l\u00edmites adecuadamente de un par\u00e1metro userspace no especificado en la llamada al sistema ptrace durante una petici\u00f3n PT_DUMPCORE, lo cual permite a usuarios locales tener un impacto desconocido."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product update:\r\nNetBSD, NetBSD, current 10/28/2006",
"id": "CVE-2006-6014",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-21T23:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/current-users/2006/11/10/0000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/current-users/2006/11/10/0000.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-25 02:15
Modified
2024-11-21 06:32
Severity ?
Summary
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Vendor Advisory | |
| cve@mitre.org | https://arxiv.org/pdf/2112.09604.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://arxiv.org/pdf/2112.09604.pdf | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0992771-F022-4195-A4DF-4323FF07B04F",
"versionEndIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures."
},
{
"lang": "es",
"value": "En NetBSD versiones hasta 9.2, el algoritmo de generaci\u00f3n de IPv4 ID no usa medidas criptogr\u00e1ficas apropiadas"
}
],
"id": "CVE-2021-45487",
"lastModified": "2024-11-21T06:32:19.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-25T02:15:06.757",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-02 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7FD807-BC4A-4F8F-B9F0-49BCF2E687C7",
"versionEndIncluding": "5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "316C8534-9CE3-456C-A04E-5D2B789FBE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEB67BB-A442-46C2-8BC1-BBEB009AC532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E307F1-C765-409C-835C-133026A5179C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA997F5E-29FE-454A-9006-001D732CD4B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "114134F3-BDFD-465D-8317-82F9D6EFA5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAB55300-F90D-45D3-88BC-5ADCEC366264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EC5611-31B5-4253-B99A-E81C202768A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "43060323-1B51-45B4-BEB9-0E472896D8EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5441C616-D127-42D9-88AA-0FC9AA16EB03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED5E506-9D2B-4CAF-8455-B9BE7696E49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7CB94E-0479-4939-86F6-0B4BEDE2E739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78135400-BA1A-42AA-BE17-5588442BCF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78F2EDC0-3189-4523-882B-9188C852F793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEF5203-9D6B-4431-BF0D-C81B1E250AEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2991C07-5486-4590-A74E-46A379DD3339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB9BE06-0A36-4853-ADF4-9C1A1854278A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8FC57F38-6545-497B-B6DA-FCAF51755988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC30FD61-10DA-4C9B-BCE8-AD75DCEB40BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1DF4CE-E71C-4C10-9F82-B9ECDC94933F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*",
"matchCriteriaId": "80C55B73-497D-4A22-9230-A4160BF97344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*",
"matchCriteriaId": "0238F009-4BBA-4E6B-9E2A-6045BA9BBE9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B235167-9554-4431-88C5-9472DD36FCDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580008AC-2667-4708-8F7E-D70416A460EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E05D8E86-EC01-4589-B372-4DEB7845C81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "764AD252-CA2F-4A87-BCAA-7747E8C410E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFAA075-4277-4FD8-8A5A-867EEE1BA2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*",
"matchCriteriaId": "269BB9F7-55E5-4CB3-8429-C37C7132799F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E6F639-31A0-4026-B6D4-51BA79FB1D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0211BCE3-0DED-40BA-8A21-1A97B91F71C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4EE9E4B-CABC-4EA2-9075-CC23CEB1B0A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD7BB30-AC79-4153-852C-1053DCF4DE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F48519C6-0C28-49A5-94C7-EF3AA88E2667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E188C66-C8F1-4C13-AAFF-7C83B2A884B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*",
"matchCriteriaId": "9039BE91-AF0A-41E7-8F9F-15375890E120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08BCB2EA-DF9D-4853-805B-29FA6274E2B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F93417F-2498-4576-9F5D-B59F77D39669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3AB42C-B614-4746-99AD-E94140D91BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*",
"matchCriteriaId": "458167E5-9BC2-40BE-AC8A-9761A4F19494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB9B4C7-4235-4388-8E5D-E72ECCC37A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*",
"matchCriteriaId": "86ACA0ED-A3D0-48A7-B06F-13709AD23B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB9262-D05E-4610-9C79-3EDE44AC7C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8176879B-1875-4AC9-B15A-2ABCFCD04F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA26A12-F96A-4025-BBCA-72B7A3B1E60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*",
"matchCriteriaId": "A02751E9-2D38-4495-9572-8D84D71D4773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A36BEA2-DAE4-423C-8D85-0F6036351F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80DC64F6-FE28-44BA-91D1-EC2DB11B2CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF23EBA1-D3A9-413F-9E83-43A91492C031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*",
"matchCriteriaId": "44CCF5CD-B434-4392-A79A-C1945D2AE30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB456B8-9D8B-4985-858D-6A43FA5EE2E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD4E0F6-4EEA-4EC7-83E7-FC6F7D2E7A3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "C35F4ABE-1B0C-4195-8F99-BF993A17882B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "ADC7352D-2916-47F7-A256-F897D763DC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC3FC36-B246-4DCB-8984-228525D9A356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC861000-37D8-4B0F-BFA0-57E9BE125B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E003AB3C-8DF3-4AE8-82A3-984F30E5599B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBE75FE-DDE2-43BA-80EF-15A6698EABC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF67D77-02AC-4807-984D-C5AE9799F051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "683B26F0-5EA2-455A-8948-27C100BBA3AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A75B23-2DD7-4EB2-BEAA-049FF4E51A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*",
"matchCriteriaId": "7279E1EC-DEBC-4ACC-925D-06A7697C162F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7910598E-BEC1-4644-9DE4-D8BE505A4F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB416D0C-6C86-450F-8917-D4B1BD82AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*",
"matchCriteriaId": "3640CCC9-EC4A-44A4-B747-7BAAAD3460C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DD362E-9EA9-4E88-9A94-D7B471EB1FD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3094069-AC2E-43BD-8094-D48E2526DECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9B72CFB3-39C7-469C-AA59-69F5B8993BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7154C4-8325-4495-92B1-B7897CD7303E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "99BF4471-763B-485A-ABD5-C68AD0A14058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B042083-6D26-4A91-B3F6-E6D46266FF60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "40B1B209-53B8-48DC-AFFC-BD69D5978A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7212E982-76F2-496C-9F08-EC4137F20804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52D13E08-7B08-44AA-9017-3EE3F6301E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBC7FF1-01EE-40A1-8735-14360A371803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "987527F8-8A42-4729-A329-4D2AC8AFD6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "93910448-8D6F-4F7E-9C7F-959754ABA50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3356FDFD-BEA5-45A5-A36B-D1153AFE6C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9394B8AD-AB22-4955-8774-C6BA2B56A260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5D4A9B-1194-4D63-AAC2-8701C890BB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F75DB5AE-E99D-4827-B290-823E015AEE34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F25FB59-1E4F-4420-8482-8007FF5E2411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9899C87E-2C09-46AE-BC24-1ACF012784CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84241D91-1490-485B-AA07-8335CE458275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB022BE-98C4-4636-868E-FBE4B00554A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632."
},
{
"lang": "es",
"value": "La (1) funci\u00f3n remote_glob en sftp-glob.c y (2) la funci\u00f3n process_put en sftp.c en OpenSSH v5.8 y versiones anteriores, como se usa en FreeBSD v7.3 y v8.1, NetBSD v5.0.2, OpenBSD v4.7 y otros productos, permiten a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (por excesivo uso de CPU y consumo de memoria) a trav\u00e9s de expresiones glob debidamente modificadas que no coinciden con ning\u00fan nombre de ruta, como lo demuestran las expresiones glob en las solicitudes SSH_FXP_STAT a un demonio de sftp. Se trata de una vulnerabilidad diferente a CVE-2010-2632."
}
],
"id": "CVE-2010-4755",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-02T20:00:00.990",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8116"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-05-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network."
}
],
"id": "CVE-1999-0763",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-05-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6540"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-02-16 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*",
"matchCriteriaId": "801B1795-3DC4-4BE3-A693-37B6BD116B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "978C483C-A6F7-456F-9488-833D520D4A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB94CE6-03D3-43C3-B765-AC36961CD83C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37FADA30-FD98-42F3-80F1-E8794C77AC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8541E3F7-6DCF-4070-ACB0-C6B9C7BE32D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90E01A6A-D948-4701-9C4E-F8C3FCC52F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FCDCD888-3F3D-4ABC-B6D8-4A9E2C40265C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable."
},
{
"lang": "es",
"value": "Una vulnerabilidad de formato de cadena en Wireshark 0.99.8 a 1.0.5 sobre plataformas No-Windows permite a usuarios locales provocar una denegaci\u00f3n de servicio (con cuelgue de la aplicacion) a trav\u00e9s de especificadores de formato de cadena en la variable de entorno HOME."
}
],
"evaluatorImpact": "Per http://www.vupen.com/english/advisories/2009/0370:\n\n\"Multiple vulnerabilities have been identified in Wireshark, which could be exploited by local or remote attackers to cause a denial of service or compromise a vulnerable system.\"",
"id": "CVE-2009-0601",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-02-16T20:30:03.127",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/34264"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0040"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/501763/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/33690"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021697"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0370"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2009-01.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3150"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://issues.rpath.com/browse/RPL-2984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/34264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/501763/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/33690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2009-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://issues.rpath.com/browse/RPL-2984"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider this to be a security issue. For further details, see: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0601#c3",
"lastModified": "2009-02-17T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-06-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCDB223-15E8-4E63-BB82-446AFBDE52F9",
"versionEndIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address."
}
],
"id": "CVE-2002-0381",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-06-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I"
},
{
"source": "cve@mitre.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136\u0026r2=1.137"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/262733"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/8485.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109\u0026r2=1.110"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5308"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136\u0026r2=1.137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/262733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/8485.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109\u0026r2=1.110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4309"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-07-05 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to \"unpaused\" in the same ioctl, which causes a divide-by-zero error."
}
],
"id": "CVE-2005-2134",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-07-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| frees_wan | frees_wan | 1.9 | |
| frees_wan | frees_wan | 1.9.1 | |
| frees_wan | frees_wan | 1.9.2 | |
| frees_wan | frees_wan | 1.9.3 | |
| frees_wan | frees_wan | 1.9.4 | |
| frees_wan | frees_wan | 1.9.5 | |
| frees_wan | frees_wan | 1.9.6 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x_server | 10.2 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| global_technology_associates | gnat_box_firmware | 3.1 | |
| global_technology_associates | gnat_box_firmware | 3.2 | |
| global_technology_associates | gnat_box_firmware | 3.3 | |
| nec | bluefire_ix1035_router | * | |
| nec | ix1010 | * | |
| nec | ix1011 | * | |
| nec | ix1020 | * | |
| nec | ix1050 | * | |
| nec | ix2010 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66D34B-9044-4F34-B367-55967EE92FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "907622BF-3B1E-4A89-A414-60DD0559463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "308CBFAA-D513-4593-81E8-4CC025E5853C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7711EC06-B983-4E8C-AC4A-24C3A5AD64AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29E5A0BA-BC40-4D53-8A34-D9E1D88C0453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA91E2-C599-4192-8BBC-A151A1D283A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F10EA9F4-5878-4AFB-BAB6-B2C9728AF3DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD478B7E-83ED-47CD-AE00-705F2255E64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AC90C735-4002-40A3-B0C8-A684A5DF99A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "236F09EF-A0B5-465D-9041-D389AB3EAA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:bluefire_ix1035_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB64A3D-0C14-441D-8A4E-E4EF94FA7A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7FB074-B218-408B-AA86-941824B1758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1011:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4FB687-87F6-47CC-95F8-EB4D4396184D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98BA9566-EE28-4025-A6DC-B7F81FC41BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4331351A-D97B-4874-8370-83A20E598E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix2010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8AA729-DF24-4AA2-800C-1DFEF9E1EF18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
},
{
"lang": "es",
"value": "Implementaciones de IPSEC, incluyendo FreeS/WAN y KAME no calculan adecuadamente la longitud de los datos de autenticaci\u00f3n, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (kernel panic) mediante paquetes Encapsulating Security Payload (EPS) cortos falsificados, lo que resulta en errores de enteros sin signos."
}
],
"id": "CVE-2002-0666",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-02-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mmap function in BSD allows local attackers in the kmem group to modify memory through devices."
}
],
"id": "CVE-1999-0304",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-02-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| data_general | dg_ux | y2k_patchr4.11mu05 | |
| data_general | dg_ux | y2k_patchr4.12mu03 | |
| data_general | dg_ux | y2k_patchr4.20mu01 | |
| data_general | dg_ux | y2k_patchr4.20mu02 | |
| data_general | dg_ux | y2k_patchr4.20mu03 | |
| isc | bind | 4.9 | |
| isc | bind | 8 | |
| ibm | aix | 4.1 | |
| ibm | aix | 4.2 | |
| ibm | aix | 4.3 | |
| nec | asl_ux_4800 | 11 | |
| nec | asl_ux_4800 | 13 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| redhat | linux | 4.2 | |
| redhat | linux | 5.0 | |
| sco | open_desktop | 3.0 | |
| sco | openserver | 5.0 | |
| sco | unix | 3.2v4 | |
| sco | unixware | 2.1 | |
| sco | unixware | 7.0 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.11mu05:*:*:*:*:*:*:*",
"matchCriteriaId": "D85C6D97-CF88-4F47-8580-1E1271C3BEB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.12mu03:*:*:*:*:*:*:*",
"matchCriteriaId": "803355A3-10BA-45DA-AFF7-867A06AEE420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu01:*:*:*:*:*:*:*",
"matchCriteriaId": "59665BA5-0818-44E7-9102-62060C88431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu02:*:*:*:*:*:*:*",
"matchCriteriaId": "930A6977-EF72-4693-96E0-603FE096EB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu03:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE41F0D-8CCB-4A79-B05E-E08E37B1E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "49A7C6F2-F769-447A-8C8B-9002BD6FBF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*",
"matchCriteriaId": "7904F3D9-A6B0-4ED6-8BAD-2D26C118C0F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:nec:asl_ux_4800:11:*:*:*:*:*:*:*",
"matchCriteriaId": "707579B5-701A-4A36-8567-AB2E11759322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:nec:asl_ux_4800:13:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C620CF-5046-4A6A-A479-AC315D1E36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unix:3.2v4:*:*:*:*:*:*:*",
"matchCriteriaId": "51756048-EB32-4A72-9ED4-937AF2B9DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A13A9E-E24A-4AEE-AD42-2BCA5990E4B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages."
}
],
"id": "CVE-1999-0010",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-04-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-30 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/359 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/359 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux | 1.2 | |
| debian | debian_linux | 2.0 | |
| debian | debian_linux | 2.0 | |
| debian | debian_linux | 2.1 | |
| netbsd | netbsd | 1.3.3 | |
| redhat | linux | 5.1 | |
| suse | suse_linux | 5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:r5:*:*:*:*:*:*",
"matchCriteriaId": "D3067DBB-FBA1-48E9-9EC8-5A8D74B9F2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"id": "CVE-1999-0434",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-30T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/359"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with \"options DIAGNOSTIC,\" allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option."
}
],
"id": "CVE-2005-4782",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111\u0026r2=1.112"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111\u0026r2=1.112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15289"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-20 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23BD3A0-E5AD-4893-AAAF-E2858B4128CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1510AD8C-14AC-4649-AE37-5310575B3E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44D36CD7-FE10-4A72-8364-DE3EFD49AB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24469F6E-FC82-416A-9639-8FC37BE9745F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E28965-1C24-43CC-AFAA-5716D8F6CC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "368CB806-F671-481F-A9BE-DC320F82E5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E45F6-2EE9-4E97-B502-F48F2DDC5F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69CAE756-335E-4E02-83F9-B274D416775C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3784838-1A43-4C46-A730-4CB88594A449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F555CE26-6E23-4E7A-A138-6F675EA9BEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69071B74-471C-42C0-AF2D-2D278D355250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C501514-768D-4AC0-8797-152763F24F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2486C-5C39-40C7-B87B-969800F730C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0363300-1ACF-4F3E-97F2-F0AFA3F9EBDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox."
},
{
"lang": "es",
"value": "mail.local en NetBSD en versiones desde 6.0 hasta la versi\u00f3n 6.0.6, 6.1 hasta la versi\u00f3n 6.1.5 y 7.0 permite a usuarios locales cambiar la propiedad o anexar datos a archivos arbitrarios en el sistema objetivo a trav\u00e9s de un ataque de enlace simb\u00f3lico en el buz\u00f3n de usuario."
}
],
"id": "CVE-2016-6253",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-20T15:59:00.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://akat1.pl/?id=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-006.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92101"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036429"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40141/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40385/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://akat1.pl/?id=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-006.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40141/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40385/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets."
}
],
"id": "CVE-2002-0414",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html"
},
{
"source": "cve@mitre.org",
"url": "http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8416.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5304"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/259598"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8416.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/259598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4224"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory."
}
],
"id": "CVE-2005-4783",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110\u0026r2=1.111\u0026f=h"
},
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20729"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110\u0026r2=1.111\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-07-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 1.1.5.1 | |
| freebsd | freebsd | 2.0 | |
| freebsd | freebsd | 2.0.5 | |
| freebsd | freebsd | 2.1.0 | |
| freebsd | freebsd | 2.1.5 | |
| freebsd | freebsd | 2.1.6 | |
| freebsd | freebsd | 2.1.7.1 | |
| freebsd | freebsd | 2.2.2 | |
| freebsd | freebsd | 2.2.3 | |
| freebsd | freebsd | 2.2.4 | |
| freebsd | freebsd | 2.2.5 | |
| freebsd | freebsd | 2.2.6 | |
| freebsd | freebsd | 2.2.8 | |
| freebsd | freebsd | 3.0 | |
| freebsd | freebsd | 3.1 | |
| freebsd | freebsd | 3.2 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "4319B741-4376-4EA2-9FEB-236C148D1514",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults."
}
],
"id": "CVE-1999-1518",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-07-15T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=93207728118694\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/526"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=93207728118694\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2351"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | portable_runtime | * | |
| apache | http_server | * | |
| apache | http_server | * | |
| apple | mac_os_x | 10.6.0 | |
| freebsd | freebsd | * | |
| android | * | ||
| netbsd | netbsd | 5.1 | |
| openbsd | openbsd | 4.8 | |
| oracle | solaris | 10 | |
| debian | debian_linux | 5.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| suse | linux_enterprise_server | 10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33D19D1B-EF21-4EA7-B4CD-E5276AE1B308",
"versionEndExcluding": "1.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94C36967-AD8A-4F0B-A577-C06A458124F4",
"versionEndIncluding": "2.0.65",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "025D61F4-08DA-440D-9A0E-3A8DCF2A9C45",
"versionEndIncluding": "2.2.18",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "730917F8-E1F4-4836-B05A-16B2BA5774DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B180EA08-5CBA-4743-8E47-259219E76277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*",
"matchCriteriaId": "79A35457-EAA3-4BF9-A4DA-B2E414A75A02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd."
},
{
"lang": "es",
"value": "Vulnerabilidad de agotamiento de pila en la funci\u00f3n fnmatch implementada en apr_fnmatch.c en la librer\u00eda de Apache Portable Runtime (APR) anterior a v1.4.3 y en Apache HTTP Server anterior a v2.2.18, y en fnmatch.c en libc en NetBSD v5.1, OpenBSD v4.8, FreeBSD, Apple Mac OS X v10.6, Oracle Solaris 10, y Android permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (consumo de CPU y memoria) a trav\u00e9s de secuencias \"*?\" en el primer argumento, como se demostr\u00f3 con los ataques contra mod_autoindex en httpd."
}
],
"id": "CVE-2011-0419",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-16T17:55:02.387",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://cxib.net/stuff/apache.fnmatch.phps"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://cxib.net/stuff/apr_fnmatch.txts"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"source": "cret@cert.org",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"source": "cret@cert.org",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44490"
},
{
"source": "cret@cert.org",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44564"
},
{
"source": "cret@cert.org",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44574"
},
{
"source": "cret@cert.org",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/48308"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://securityreason.com/achievement_securityalert/98"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/8246"
},
{
"source": "cret@cert.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1025527"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029\u0026r2=1098902"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098188"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098799"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
},
{
"source": "cret@cert.org",
"tags": [
"Broken Link"
],
"url": "http://www.apache.org/dist/apr/CHANGES-APR-1.4"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2237"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html"
},
{
"source": "cret@cert.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:084"
},
{
"source": "cret@cert.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "cret@cert.org",
"tags": [
"Broken Link"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0507.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://cxib.net/stuff/apache.fnmatch.phps"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://cxib.net/stuff/apr_fnmatch.txts"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/48308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://securityreason.com/achievement_securityalert/98"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/8246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1025527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029\u0026r2=1098902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.apache.org/dist/apr/CHANGES-APR-1.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-13 18:44
Modified
2025-04-09 00:30
Severity ?
Summary
The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECF9E5F-AF38-42B9-8B49-6C254394CDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E59D3682-22E1-40C4-AC65-079005FB6194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3D95D05C-4FE1-4408-B8B8-5C5932800385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd_current:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94777BA7-6528-4BE4-AE50-EA3C4A19C4E7",
"versionEndIncluding": "20071027",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905."
},
{
"lang": "es",
"value": "La funci\u00f3n ipsec4_get_ulp del kernel en las versiones 2.0 a 3.1 de NetBSD y NetBSD-current anterior a 20071028, cuando est\u00e1 habilitado el subsistema fast_ipsec, permite a atacantes remotos saltarse las restricciones de IPsec al enviar paquetes desde una m\u00e1quina origen con diferente longitud de car\u00e1cter que la m\u00e1quina destino, siendo un vulnerabilidad diferente a CVE-2006-0905."
}
],
"id": "CVE-2008-1335",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-13T18:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29180"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019533"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28045"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-02 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77CBD2C8-3D79-4B5E-AE8A-421FF871F80B",
"versionEndIncluding": "10.6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F25FB59-1E4F-4420-8482-8007FF5E2411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9899C87E-2C09-46AE-BC24-1ACF012784CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84241D91-1490-485B-AA07-8335CE458275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB022BE-98C4-4636-868E-FBE4B00554A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632."
},
{
"lang": "es",
"value": "La implementaci\u00f3n glob en libc en FreeBSD versiones 7.3 y 8.1, NetBSD versi\u00f3n 5.0.2 y OpenBSD versi\u00f3n 4.7, y Libsystem en Mac OS X de Apple anterior a versi\u00f3n 10.6.8, permite los usuarios remotos identificados causar una denegaci\u00f3n de servicio (consumo de CPU y memoria) por medio de expresiones glob especialmente dise\u00f1adas que no coinciden con ning\u00fan nombre de ruta (path), como es demostrado por las expresiones glob en comandos STAT a un demonio FTP, una vulnerabilidad diferente de CVE-2010-2632."
}
],
"id": "CVE-2010-4754",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-02T20:00:00.927",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8116"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4723"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-20 20:19
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el kernel de NetBSD 3.0, ciertas versiones de FreeBSD y OpenBSD, y posiblemente otras derivada de BSD de sistemas operativos permite a usuarios locales tener un impacto desconocido. NOTA: \t\r\nesta informaci\u00f3n se basa en una pre-consulta vaga sin la informaci\u00f3n procesable. Los detalles ser\u00e1n actualizados despu\u00e9s de 20070329."
}
],
"id": "CVE-2007-1523",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-20T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34593"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22945"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-11 20:15
Modified
2024-11-21 05:19
Severity ?
Summary
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A99D021-C66D-4FA2-B33C-4DAADBB6B431",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11CE6C04-4994-463F-A456-1D47F2BD793A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "132AD177-3F7F-4CD7-9BD5-EE5A24CE671C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-110_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E7D8A-CC58-47F6-9F3F-BE74F1CF27E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E82587-A7A1-4057-896A-F30B9DF7C831",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89F2DFE1-6E7B-42CC-9814-90F426D14490",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3EC767-2ECA-44E4-AA03-9E2673A2B2F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-130_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8197BD27-2AD7-434C-8F64-24B3D6D6E188",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81C15C55-207E-4030-AC2A-B2E3791D92B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB011F08-5526-4D49-8100-A874CD265FB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F81C550-CE6F-4E68-A088-5EC0CEF40600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-230_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C3DCD8-9AD7-411B-95DC-B989EEC3E035",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B18F4E-4968-493A-BC90-5D8D7F619F39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-235_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AAA44BE-54CE-498B-83EF-D21DF2A57A5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54878C0D-8842-490F-B556-76AF47A65891",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A71084-E505-4648-9B5C-C0305DCE91AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE97F0AD-8658-476A-8E22-DA67A5FD9F73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A09137-CF46-420E-9792-BB6E46C5C415",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A006A8BD-D56E-40C2-ADD2-C11759153808",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C890ABE-5D64-4D7F-A67B-BC026649E0B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B617EA3-E69E-43CA-99D4-86A408C55C90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2A3CCF-E8B5-4E7F-BCE7-DB70E8E72B4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE26D5A-486B-48F3-9C1C-4EE3FD8F0234",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:o-105_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF499EE6-0047-42C0-8360-6A2B3DF51B1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:o-105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A31FF47-55EE-451B-ABDD-CE82E8EFBC98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9860B5-6CC7-4F29-9514-A469AF6B28F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41F9E4B2-63FC-4F53-9C12-7478B7B6AD48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:w-118_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9D810C-AA04-4748-80EB-3FB5DE507F89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:w-118:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEE861E-2604-42BD-ABAA-DA729F4EBDBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1EF830-C210-48DB-A3F8-FC706AC5F3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F03BB48-C89A-41F6-99DE-12FF95DCD9F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7999A6-03FE-4C38-9C46-B3221E7B3815",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC042678-29AA-44F7-BBF0-1D752D25687D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1100-4p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81634E2A-FAD5-4B1C-A93E-545870615343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8D5057-138A-42C4-BA35-8077A0A60068",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAB3869-E15B-4ED4-A98C-75DE0DBA8F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED555B12-41F4-4D62-B519-22601FB7AF8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1101-4p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57F5F016-52B5-4A4C-9EE0-B478A98CEC9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B10158-5235-483E-BACD-C407609EA6BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1109-2p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B17C8544-CB4E-407B-BE52-4D42D81BF1BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8964F9BA-6E6C-44BF-9A8C-93D081B6678C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:1109-4p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA214FF2-358E-4291-B803-58A9AC14ABEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51251FE1-67D2-4903-B7D3-E0C727B9A93C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1532_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31FB34B4-235B-4C92-8E9C-DD04136C745F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CCECB59-4EA8-4FD4-81CB-329EBF7C080C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2051CA5B-967D-4830-87EB-1756559C1FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EC048-B84B-4744-BC04-BA8612C79D04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1552_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5DD78C-B89C-44AF-B153-033FEDE22CF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1552:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B54636F7-8061-49A1-923B-F976491593CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1552h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D795375C-E17C-4E05-8C88-F080C22652B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1552h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA6C6D9-9980-4EE7-9A7D-02D5D34DE878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1572_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53106CD6-749D-4781-B28E-E075E61D1196",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1572:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FA8DA7-0D47-4C37-B96A-EBE004B0B23B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C25445A6-4B1E-4F77-804D-FFD9507B022A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "729FDD5F-C378-4DF1-B6CB-A1F62FD4550D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54BDAFC3-940F-40C4-896E-99B6DABA9E3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FC7CCB-52D2-4B4D-82AA-759C80E17018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1810_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB94F02B-C71A-4EAE-B931-30CFA52A890C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1810w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF011423-521A-41C4-A403-FF82C2C14874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E076DDF4-6817-4CFD-B4A3-243D8D755DE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "205E19BF-078D-475D-A9F0-4A1604A2D554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72A15C8E-73D8-480D-B5C9-E72E8D4695D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "751469E2-91A8-48F1-81A8-AEBF1420EECE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1842_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAEDA4F-C728-4D60-8661-90429A264E40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1842:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18035D1A-C8D9-4055-A5CA-541711DBA71A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_1852_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883C24F0-99B3-42E0-AC27-6B4B3D4F5FA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_1852:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80871D9C-43D5-4507-AC36-CDD7CC4A7C86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC13255-92FB-4585-B6EF-E4D94EB6158D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1917B7F4-17DD-4734-A856-ED7CE9AF8DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD27F3F-961F-4F44-AD2D-CF9EAD04E2B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A796152-A567-4B7A-8202-94858CD95119",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_2800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED80079E-2744-4325-86DA-EA3647B45179",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B836136-CCD2-49AC-9871-1C3B6255EDA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F72DB8D-9A3F-436A-AE5D-AC8941ED527E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFE3575-DDAF-433E-8D77-4CCADADC99B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD51123-ECF1-4042-AE1C-724FF4C51F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800i_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34C47517-5F78-4D3C-818E-6DBFD1B56592",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_3800p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F103B67B-89C9-465D-AF2E-3D24A8F5465D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_4800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5618CE7C-DF82-4849-AC79-A00B747883BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_ap803_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F38C35-EFC2-4CF9-AD88-FADC42F0649D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_ap803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5062B18F-F28C-4975-A5A3-45C0EC03F448",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:aironet_iw3702_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "338A22C8-5617-45C8-AB3E-5E45341DFE60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:aironet_iw3702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6214A82C-54A6-48FC-9714-742704BEF1D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68410865-70F5-4578-99E4-827DBE0207B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF827E8-02BE-42C0-A0CE-B649601847E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9309C6-EC43-4EB9-BD7A-CBCC581AA58C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EEB7E5B-AE32-455A-A351-368FB78E5276",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE86352-EEDB-4890-87B8-025EA970219B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3DCF4E-081A-4375-A4A0-AAAD8F024114",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B69CC2B-CD3A-4BEF-8FF1-9925E460B049",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C11A3E-E431-4923-AEBA-25E3247F19C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9117_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E48E571-AE00-47E2-BABC-849A63DBDCF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9117axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A46503-A8BD-4F95-BAB0-2DE5D689DD4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA2B34D-533C-4316-AD59-EA2FCF10B9F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8A6B51-5192-4B98-9D94-682290890074",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AB0E3-151D-4D80-A482-41E7A27AE068",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A99728C-9E6B-4249-BAAA-C080109EFC4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C73A651-932E-43CA-B40F-2F75510AEE36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A71D9CA-91DF-48DD-AE3D-DED883666A75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF43EC0A-AC28-408A-8375-11CE249217A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA19FD7-047B-43AA-9237-807AAA2E9F7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19D85A86-1D8B-4006-8BF7-4593B1D7EB70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130_ap_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "166D74EA-8820-4C78-B43B-FCBC9779FCB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67C380AE-C888-4AED-80D2-B9AF5EB9EC85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA48001-7F56-4155-B70D-5DC41D73DB38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB09D94E-A6B2-496D-87A3-53CB9872FA69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4AFA1C-5A9E-4DF4-B9C7-66EF918548C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_dc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3E846C-359B-4EF1-AD68-DE612C5697F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_iw6300_dcw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFE9F2D-407B-49CE-BB6C-80DC941A9371",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:esw6300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3EBAC6D-93DB-4380-8B6E-61555A9C8A3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6861_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD79F5E4-AA2D-40EB-9E59-2FEB4FD49ECD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C05A7CA6-AD58-45D7-AF32-129E22855D8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A138C033-0F4D-41F8-B0FF-CDE9261DA7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2CDAD5D-3702-42EE-AE5A-A08842870EEA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EA5C6B-243B-419A-9C60-1CDBD039C1D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC9DD95-DC0E-4A47-A0EB-32D551B323CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAAB671-8EBF-4D9C-9AA5-E3C306CDB931",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829-2lte-ea-ak9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB907B21-237D-4629-964C-408B5AD590E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB62C534-29F8-48CA-9D45-42C49CE68577",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829-2lte-ea-bk9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F956BF-E845-43FF-87A8-EA62DDFB1228",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B670C5A3-4E19-428F-87D0-C2B12EE2CB92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829-2lte-ea-ek9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4541452E-32E8-451B-B8F3-1118ECCBAE50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF5C3D3-833D-405B-8E1E-ED3BC29CD5E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-ck9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C512E9-F7A6-492E-BE4B-93858E34CCD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D39174-298E-4C06-A289-B0C4585B2E99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-ek9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6041298-45A9-41CB-A644-55D5DC40B5D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB259DDC-AB98-405E-A369-49A3B89F48F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-sk9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A1385AA-FACE-4150-93E8-610A73F90CCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99B57D05-6702-4026-9E36-0CBEC6BE8001",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-ga-zk9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "715401BE-1E29-4260-9D10-245C6246BE94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC62F7A8-9D57-4703-A7DF-451C2CA75919",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-na-ak9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC762476-57D4-40E8-BE70-2F6861F31EF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78F497A3-8153-4524-9E8D-2CFDCF2ADCDE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir829gw-lte-vz-ak9_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "795A3C41-753D-4590-B71F-37E9DD7DD5D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61BD4298-A8D5-4D7C-A9D9-694606042C12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_gr10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E9F6455-59CC-4A3B-AFDD-60B5DD1E9ECF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_gr10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF406E2-A24B-4D94-B4F7-2186B1D82462",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_gr60_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC624300-4EBB-44B9-9D90-F411368FE60A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_gr60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B44092-CC37-4683-920D-8F84C60CCCEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr12_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9005D484-CEF5-4B8D-86B0-6CB5860A157E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F4DBFC-42FC-44FD-9EDF-4C0C92053E4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr20_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE66B0F4-1211-40A4-BDB3-D8F6C74678AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07B1207B-C065-483D-8AB3-6B9CEC4D3C7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr26_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06205774-F85A-42F8-B599-1A529BBFA68B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60D19311-A114-455C-9011-004446C80E27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr30h_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C922D55-E2DC-4970-A381-30F95CEB038B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr30h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "602DA0AF-86EB-4A01-BDE3-43596DEC746A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr32_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2718D7-1D20-40D5-9E43-7AE1AA7AFCCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E011F146-3AB9-446D-ACFD-FE5B021735D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr33_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB4CE7A-6FC1-4171-A743-CD8BB14C9864",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr33:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12E670DC-C4D2-4277-A4DD-222D60A7CDB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr34_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7449719-1071-41B8-BDE9-81ACFBEE5D0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr34:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814ADA42-72A9-48D6-B524-5F5BD76F3059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr36_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25616833-BCF6-4611-A9AB-248F761C5603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A66108F-5CED-4D41-8EE9-9479090B31DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr42_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92DD4610-420C-459B-9B05-85600EF466D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr42:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E7D194-AA15-43CD-9019-7B286F528773",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr42e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78B15252-5725-4B7B-8DBE-10251EB9C212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr42e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB4754D-3B94-42AA-A150-6BDFF42B3270",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr44_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63217CCA-1926-46AD-956E-702A94420D91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr44:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07E495B6-CA7A-4F58-99A2-550F83E1E020",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr45_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9BC8A2-451A-4BDE-B073-FF39DD9E5D90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr45:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F47740-D0F3-478B-AFC3-51EB3AED34A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr46_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC56150-D025-40A9-B350-8E95B62D236C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr46:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27E9718F-E50B-412F-86D7-DA6F39056006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr46e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "914C5C0C-EACD-4A4C-83B2-26AA4EF283D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr46e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B83072-84F6-43A4-9CC1-32924AFCC737",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr52_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F09491-2234-4C86-A80C-445B48A9FE78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5634D1AB-B64D-44D0-A431-FE52E879B4BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr53_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8998B44-D926-46F9-AF3F-02EEF99680A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "920CF4B6-9424-48DA-9622-FB0C0510E52F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr53e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746D2300-CA9A-4C09-9A2B-FCC9DAEC74EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr53e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC322AE-6731-41F3-9C59-8CF9622D997A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr55_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79419F89-0F01-4FD7-9102-ABFAFF3F2424",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0036877-C975-4AC7-B933-E5BC5E300B44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr56_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64210E-A2F8-42DC-AB94-2547A51F63C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr56:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E37474E5-76DE-4326-A5A8-D8900A8A2F62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr62_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "089164E3-B852-43BA-8C2C-FEE1C267C58C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr62:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F8F3095-F280-44B0-8BC6-50221247ACE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr66_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27DA3F64-514B-4DB7-A6B0-6A303F296DC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr66:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99337-4422-46AB-9B79-A96CE207AC28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD532656-21FE-4F82-846E-C8CB752B87F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37D7E013-920A-4C32-98C1-FBD7C450DD88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr72_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E80D395-C853-41A3-8438-BF880C799A01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68086DA9-AD50-41DC-B8B5-D9BB0512C6B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr74_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8181BA-846A-4D83-9DB9-B915B9EFFD7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr74:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366ABABA-D9C5-4D46-9516-7262AA32D4CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr76_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B02C40A8-0294-4C3D-8AC9-8D56AF1D2B4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr76:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D071FC26-097A-432B-8900-DA02D3116D29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr84_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4901FE-B1AE-4CAB-9D91-139737B6E832",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr84:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9543B910-A999-4CEF-B06A-3F1A46784BF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr86_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC06358C-6F27-4A27-8553-CF138D4214CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr86:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A57AA24E-09E0-4EB6-9580-A68267767119",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15CD8683-DFB3-45E3-B6E2-92AFD846B0BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01AD96C5-1620-4339-94E7-343E1ADAAC4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F910935-E534-462D-8045-71C58BDD7285",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E85585DA-C918-445B-9B44-B2B1A982A1F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2F5CB3-1AE0-4905-A28B-090FDA56622E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39884334-73AF-4E98-B05A-20FFF82B5DF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85EF67F0-973F-4FD1-8077-CE68D2AB1149",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04CF5026-CC39-48FF-A8F0-8E31A425343E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F97974E-3C2B-49DB-A0FA-B5FEE7C98B18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61A0EF95-7CC5-4EE2-A5D8-803195F63F49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6554B9F-CD89-49B4-B55A-510B1C881C4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68546316-D08D-4E0B-BDDE-BF6320B730EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0EC6FF-44F6-4033-BDAF-A396C2635D3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85FDA9FB-BB79-4A60-B825-D68B3719BFE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A85B502B-2F55-4CA5-9AAA-0CD5BBA45EB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5565DF04-82F3-40C7-8E82-44A0DA72398B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15073B83-81ED-4E98-8521-1320F8120C3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA125CA-2BF9-4F22-8F8B-DC2E09A19E51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31842684-B05D-4E17-9229-EC6993E78612",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69224767-0E2B-4A85-A7F1-77C6B41668DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEB693F-64A4-46CC-B7AB-8BC0AA84F9E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53BE3D06-730E-44E2-B3B0-ED29AB5D1BF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B385C-68D5-4FF5-AE40-6EDA46E3ACB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90095155-ABC0-43C9-896A-55A797EC2055",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A983D4D-9E04-45CE-BE3C-9FCD0018837F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_55_dual_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5ABF29-B908-4A43-B3CC-9145721727A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_55_dual:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A36CB8A-C74F-46B4-BFCE-523488D33B93",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA1BD59F-078D-45D2-AC39-C479A4C6E7CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD45F341-FAD8-4B10-B28C-8697E51C6B61",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_dual_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5631A8-0201-432E-9912-B99D44D757DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_dual:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB2955F-2C82-4668-8C0B-412BEFE0E09E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_dual_g2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A16E007C-A310-474D-8174-EC98FEDDCE76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_dual_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40E028E3-2DEB-4015-9BB0-97413DE60A47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_single_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE92390-9835-4556-A439-5A6FE108A9AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_single:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B47AE71-CF1B-402B-BB60-645A856A632D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_70_single_g2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEB8DBF7-428A-42D4-8D52-8FF1329D3A56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_70_single_g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C05259D-1F6C-440C-BCF4-A87BCC2EEA81",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_kit_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3610C3BC-6994-443F-BD27-0D11293C4079",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_kit:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD5AD81-0976-483E-AA31-6D53A63A8D90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_kit_mini_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31D7CC29-6916-4A75-86DE-0BC4FBA3A639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_kit_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D320D1AC-EAA7-45FD-B932-FC9554934BC1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_8260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28B0DBF3-63BB-40EF-9D46-E32D074D73DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A8F30C-6BB7-4CC6-ADBE-1859DAF66C58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_8265_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5ADC21-F308-4CAA-8E98-4E7FDC7EDAAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2F3E-C4B5-4227-A88D-C50E209A12CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2915178-6BB6-45EE-A19D-EDB5B78F2BE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2795E42-D044-4D48-BCB2-61CC1A3471B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:ac_9560_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7154EAF0-2E61-4813-B443-C4556137EB4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D382D4A1-C8FD-4B47-B2C4-145232EC8AC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:killer_ac_1550_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7262E71-08D0-4F5E-8445-1FA0E2243340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:killer_ac_1550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA05D5D2-F6C1-4FBB-B334-73F30F108562",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:killer_wi-fi_6_ax1650_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2249BC-F119-471D-9D71-4690A65A1020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E239C04-1D6B-4305-9340-BFEC3E54E19A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:killer_wi-fi_6e_ax1675_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA43945-7F16-4A50-9E25-D91EE4A270F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35F09C95-25BD-440A-AD79-8510E54F8DD9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_3165_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "662CE728-C754-465B-A4AC-E63D5115EFC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_3165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C527CEB1-3D59-4ACD-B67F-B3919AFCE54C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_3168_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "160C541B-2617-4199-914D-ECE3A0791397",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_3168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1FA4A0-728B-4DB1-BA3C-CA80ECBA8624",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_8260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C7F70F-207C-4D8C-8C3E-08C7772810F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7638C7-6F12-4C10-8B6D-5F866950CA05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_8265_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4C0E13-8027-4375-AA26-764DAD7E3C9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_8265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CDDDE40-5D30-49AF-91C0-9A4FA7741201",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9260_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30A4744B-DA96-4614-AA99-9198A6D4C442",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09145915-AFD1-4D5D-8178-8571C43A0BA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9461_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63756272-F713-4249-91C2-F29A382C63A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9461:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1950BF4-323D-4A25-A645-3ED60ED6F3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9462_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFDF863-4FB2-4D21-8744-A82A7C0EAA76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9462:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28157739-A073-4B01-B308-470841344A2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_ac_9560_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42D55365-A759-4F72-B85D-5C13710F2AF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_ac_9560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52B5EF48-BA3E-470C-9C68-12CEF8EFF045",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8531052-3602-4309-93A9-CA7020EF95F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB9FC918-AC9F-4C15-8404-1C2E8DC506A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB831D03-30CD-4218-9E69-13FC12115805",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A7944D-2BB4-47A9-A2F5-AB68A9FC8C70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wi-fi_6e_ax210_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049297F7-84C0-4AD0-8806-AA41AC02CEAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wi-fi_6e_ax210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77EADB2D-F10B-40A9-A938-A89EE0FEFF60",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:proset_wireless_7265_\\(rev_d\\)_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C67C7D-DA10-47A7-8407-5624981DFBE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:proset_wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BFF8901-DEFF-4D08-8692-571682DE8582",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55FD8273-3968-4A85-A4FF-00CCE3B89C25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D653F9C-5B2E-400F-8F50-BFE466F08F0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2DF0C27-886C-48F8-83DA-85BE0F239DD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0433774-9479-4A01-B697-1379AEA223C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en el kernel en NetBSD versi\u00f3n 7.1. Un punto de acceso (AP) reenv\u00eda tramas EAPOL a otros clientes aunque el remitente a\u00fan no se haya autenticado con \u00e9xito en el AP. Esto podr\u00eda ser abusado en redes Wi-Fi proyectadas para lanzar ataques de denegaci\u00f3n de servicio contra clientes conectados y facilitar la explotaci\u00f3n de otras vulnerabilidades en clientes conectados"
}
],
"id": "CVE-2020-26139",
"lastModified": "2024-11-21T05:19:20.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-11T20:15:08.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0."
}
],
"id": "CVE-2005-4733",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-003.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/source-changes/2005/01/12/0059.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-003.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/source-changes/2005/01/12/0059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20755"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-21 23:07
Modified
2025-04-09 00:30
Severity ?
Summary
Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf->len in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dragonflybsd | dragonflybsd | * | |
| freebsd | freebsd | 5.5 | |
| midnightbsd | midnightbsd | 0.1-current | |
| netbsd | netbsd | 2.0.4 | |
| trustedbsd | trustedbsd | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EAD9A3-E77D-42FD-8CDA-051854969E8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7752D43D-64AF-474F-BFBB-2625A29C1B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:midnightbsd:midnightbsd:0.1-current:*:*:*:*:*:*:*",
"matchCriteriaId": "A407A2BE-7C76-4E21-B3E1-BC915120B44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustedbsd:trustedbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "171F5639-E77B-4890-9E77-44DBB5952E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf-\u003elen in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error."
},
{
"lang": "es",
"value": "Error de presencia de signo en entero en la funci\u00f3n fw_ioctl (FW_IOCTL) en los controladores (dev/firewire/fwdev.c) FireWire (IEEE-1394) en varios n\u00facleos de BSD, incluyendo DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT anterior al 15/11/2006, NetBSD-current anterior al 16/11/2006, NetBSD-4 anterior al 03/12/2006, y TrustedBSD, permite a usuarios locales leer contenidos de la memoria de su elecci\u00f3n mediante ciertos valores negativos de crom_buf-\u003elen en un comando FW_GCROM. Nota: este asunto ha sido etiquetado como un desbordamiento de entero, pero se parece m\u00e1s a un error de presencia de signo en entero."
}
],
"id": "CVE-2006-6013",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-21T23:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0261.html"
},
{
"source": "cve@mitre.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/ieee1394/fwdev.c"
},
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/tech-security/2006/11/16/0001.html"
},
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/tech-security/2006/12/14/0002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22917"
},
{
"source": "cve@mitre.org",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:25.kmem.asc"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017344"
},
{
"source": "cve@mitre.org",
"url": "http://www.dragonflybsd.org/cvsweb/src/sys/bus/firewire/fwdev.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kernelhacking.com/bsdadv1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/451629/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/451637/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/451677/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/451698/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/451861/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452124/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452264/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452331/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21089"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/ieee1394/fwdev.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/tech-security/2006/11/16/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/tech-security/2006/12/14/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:25.kmem.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.dragonflybsd.org/cvsweb/src/sys/bus/firewire/fwdev.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kernelhacking.com/bsdadv1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451629/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451637/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451677/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451698/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451861/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452124/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452264/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452331/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30347"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:wu_ftpd:2.6.1-16:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD51CE3-B104-4BB8-AD8E-3C2F60D2D9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wuftpd:wu-ftpd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3191BF-240C-423E-91F5-6DECC66CC708",
"versionEndIncluding": "2.6.2",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE1CD4D-5EE1-4B2B-B049-052CBC09A943",
"versionEndIncluding": "5.0",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55D58961-14E5-485B-AABE-4355537111C0",
"versionEndIncluding": "1.6.1",
"versionStartIncluding": "1.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50F2F4A9-5EA3-47DF-B583-AE8C8AFA636D",
"versionEndIncluding": "3.3",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:*:*:*:sparc:*:*",
"matchCriteriaId": "BCA7836E-A936-4832-81A2-2D31F0642ABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO."
},
{
"lang": "es",
"value": "Error de fuera-por-uno (off-by-one) en la funci\u00f3n fb_realpath(), derivada de la funci\u00f3n realpath de BSD, pude permitir a atacantes ejecutar c\u00f3digo arbitrario, como se ha demostrado en wu-ftpd 2.5.0 a 2.6.2 mediante comandos que causan que nombres de rutas de tama\u00f1o MAXPATHLEN+1 disparen un desbordamiento de b\u00fafer, incluyendo: (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, y (8) RNTO."
}
],
"id": "CVE-2003-0466",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2003-08-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105967301604815\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001410028809\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001702232325\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106002488209129\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9423"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9446"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9447"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9535"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1007380"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.debian.org/security/2003/dsa-357"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/743092"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:080"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/6602"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-245.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-246.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/424852/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/425061/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8315"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-46.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12785"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105967301604815\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001410028809\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001702232325\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106002488209129\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/9535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1007380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.debian.org/security/2003/dsa-357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/743092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/6602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-245.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-246.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/424852/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/425061/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-46.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-12 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | * | |
| illumos | illumos | * | |
| joyent | smartos | * | |
| xen | xen | * | |
| xen | xen | 4.0.0 | |
| xen | xen | 4.0.1 | |
| xen | xen | 4.0.2 | |
| xen | xen | 4.0.3 | |
| xen | xen | 4.0.4 | |
| xen | xen | 4.1.0 | |
| xen | xen | 4.1.1 | |
| microsoft | windows_7 | * | |
| microsoft | windows_7 | * | |
| microsoft | windows_server_2003 | * | |
| microsoft | windows_server_2008 | r2 | |
| microsoft | windows_xp | * | |
| citrix | xenserver | * | |
| citrix | xenserver | 6.0 | |
| netbsd | netbsd | * | |
| sun | sunos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7B2CC9-2907-49AF-8497-CE60554123F4",
"versionEndIncluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F4D46A-B031-4639-AA94-5E44091F4B92",
"versionEndIncluding": "r13723",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F2DF32E-26A0-4463-85DD-6E63C125E606",
"versionEndIncluding": "20120614",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5037783-1819-4FC5-B7A7-EB80F6A98E1F",
"versionEndIncluding": "4.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*",
"matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*",
"matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*",
"matchCriteriaId": "D2AF9820-F982-4804-9580-78CDD4273C6B",
"versionEndIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "696972CD-A690-4DDC-A852-1253062AE874",
"versionEndIncluding": "5.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
},
{
"lang": "es",
"value": "El modo de usuario Scheduler en el n\u00facleo en Microsoft Windows Server v2008 R2 y R2 SP1 y Windows v7 Gold y SP1 sobre la plataforma x64 no maneja adecuadamente solicitudes del sistema, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n modificada, tambi\u00e9n conocida como \"vulnerabilidad de corrupci\u00f3n de memoria de modo de usuario Scheduler\"."
}
],
"evaluatorImpact": "Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-042\n\n\u0027This vulnerability only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2. Systems with AMD or ARM-based CPUs are not affected by this vulnerability.\u0027",
"id": "CVE-2012-0217",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-12T22:55:01.343",
"references": [
{
"source": "security@debian.org",
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"source": "security@debian.org",
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"source": "security@debian.org",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"source": "security@debian.org",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"source": "security@debian.org",
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "security@debian.org",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
},
{
"source": "security@debian.org",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "security@debian.org",
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"source": "security@debian.org",
"url": "http://support.citrix.com/article/CTX133161"
},
{
"source": "security@debian.org",
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"source": "security@debian.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "security@debian.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"source": "security@debian.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"source": "security@debian.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"source": "security@debian.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"source": "security@debian.org",
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"source": "security@debian.org",
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"source": "security@debian.org",
"url": "https://www.illumos.org/issues/2873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX133161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.illumos.org/issues/2873"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-17 17:17
Modified
2025-04-09 00:30
Severity ?
Summary
The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F4B6E29-B74F-45FF-AEB1-A118753F8E3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function."
},
{
"lang": "es",
"value": "El controlador de display de las funciones allocattr en NetBSD 3.0 hasta la 4.0_BETA2, y NetBSD-actual anterior a 20070728, permite a usuarios locales provocar denegaci\u00f3n de servicio (panic) a trav\u00e9s de un valor negativo o largo en una llamada ioctl, como se demostr\u00f3 con la funci\u00f3n vga_allocattr."
}
],
"id": "CVE-2007-3654",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-17T17:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-006.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/40810"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25682"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018693"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-006.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/40810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36598"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-02-17 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service."
}
],
"id": "CVE-1999-0396",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-02-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
"matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory."
}
],
"id": "CVE-2000-0462",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1366"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1273"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2025-05-02 16:40
Severity ?
Summary
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B07F91B-3981-423E-9ECF-752CC64D4E03",
"versionEndExcluding": "11.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:-:*:*:*:*:*:*",
"matchCriteriaId": "5C947EA2-329F-4AC7-A1F4-64164C20CC4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "926EDB84-E8C5-4030-8B69-CDA9BF1A9D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r10:*:*:*:*:*:*",
"matchCriteriaId": "8CAECB8C-6B4D-440C-B031-2CF3061393DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "BAD7336D-EAAC-4817-9D3A-5664B0AAE6AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "BC336F14-5D8D-4B28-8F47-2A5EFFC7800C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r4:*:*:*:*:*:*",
"matchCriteriaId": "C47F92DD-59C4-4C86-9360-86E840243123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r5:*:*:*:*:*:*",
"matchCriteriaId": "DE6B95FB-F936-430A-B715-7430327E1872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r6:*:*:*:*:*:*",
"matchCriteriaId": "D4A8F07B-110F-4FE4-BA09-F23A4D1DCA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r7:*:*:*:*:*:*",
"matchCriteriaId": "78A3616E-9666-4D09-9ED7-EFD796E6E08E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r8:*:*:*:*:*:*",
"matchCriteriaId": "2ACF87F1-B5DD-469A-87D6-94AD8D0758F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4:r9:*:*:*:*:*:*",
"matchCriteriaId": "9D4F8B25-B632-4C4B-9E90-3DF9FC98207B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4r13:s2:*:*:*:*:*:*",
"matchCriteriaId": "0A6BC136-FFA2-40AB-8E27-0B6CC153471F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:11.4x27:*:*:*:*:*:*:*",
"matchCriteriaId": "80EFC6D6-43F9-4277-ACAC-D5929AF6FF7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BCE524EE-245F-4750-9963-9D0FB7A6A965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE31A7E-657C-49FC-B3F8-5654B0C6087E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x44:-:*:*:*:*:*:*",
"matchCriteriaId": "86141A33-344E-4152-8B76-2DB383954F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*",
"matchCriteriaId": "AC405A12-112D-4C9D-90DA-6ED484109793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*",
"matchCriteriaId": "3FC42F2D-7593-4DBE-AE89-A6B78E7F9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*",
"matchCriteriaId": "731A6469-3DE0-491A-BCC5-7642FB347ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*",
"matchCriteriaId": "D12A8119-3E59-4062-9A04-1F6EA48B78E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*",
"matchCriteriaId": "E8B33B80-3189-4412-BFE0-359E755AB07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:*",
"matchCriteriaId": "C0E8F87E-DEB2-4849-ABB5-75A67CFD2D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x45:-:*:*:*:*:*:*",
"matchCriteriaId": "A4D7E551-A150-415E-80D5-374DAB29B6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x45:d10:*:*:*:*:*:*",
"matchCriteriaId": "A5306185-574A-43B4-8B3B-1B047CA36D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x45:d15:*:*:*:*:*:*",
"matchCriteriaId": "79F1F205-A4A9-4161-B6CF-55CEEFD7D8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x45:d20:*:*:*:*:*:*",
"matchCriteriaId": "33FD6DB0-F995-4A22-A97F-6276AFE9EFB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*",
"matchCriteriaId": "92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*",
"matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*",
"matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x47:-:*:*:*:*:*:*",
"matchCriteriaId": "ABBEDB3F-5FD1-4290-A80A-7EAD9B9C38C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:-:*:*:*:*:*:*",
"matchCriteriaId": "AF8575EF-C83B-4241-B033-A2C020E29286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "43B661F8-1F43-4073-9275-AE1FFCB17BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "EF88921E-18E4-49B2-AAF4-ED8C393D4750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "144DA08B-A129-4DC6-81D2-782BD7C3074B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:r4:*:*:*:*:*:*",
"matchCriteriaId": "F1936A41-302E-4546-9F7A-CAE3A3C68718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:r5:*:*:*:*:*:*",
"matchCriteriaId": "6EB55673-5857-452F-9D22-B422CC9CC3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:r6:*:*:*:*:*:*",
"matchCriteriaId": "03D4519D-1289-47E9-BFB7-E3831BFD50F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.2:r7:*:*:*:*:*:*",
"matchCriteriaId": "77CDB10F-3BCE-41AF-B633-DFAC9B8A5D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*",
"matchCriteriaId": "223C12D0-61A0-4C12-8AFC-A0CB64759A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
"matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
"matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.1:-:*:*:*:*:*:*",
"matchCriteriaId": "67B3BF03-9919-4C12-97A3-B20161725F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "FCD4D8EB-8625-47CD-8F0E-D2FC8CAA5462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "A0150A4C-2C5A-49FC-8FB3-B93CB45B8284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "BFEB7A59-7536-4A92-A9C8-79FDE657B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:-:*:*:*:*:*:*",
"matchCriteriaId": "931D77A8-FA39-479E-91DB-CDDC9113252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D3A0A607-7D3C-4F2A-B5F5-576A70649CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "32E9620A-7C0A-474C-919E-13609FFE580D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "672D3A38-92B4-4F33-82A6-B2D3F3403AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:-:*:*:*:*:*:*",
"matchCriteriaId": "FE2FBBA2-6185-463F-96D3-9AB2C778B4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "3FF9FF91-9184-4D18-8288-9110E35F4AE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "530FC172-94E1-481A-9810-26061D22B6AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*",
"matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40FC681A-7B85-4495-8DCC-C459FE7E2F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2354216-8103-49F9-A95C-7DE4F738BBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:itanium:*",
"matchCriteriaId": "5AA32D8C-430E-4CA2-B2DF-FFF63714F480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:-:*",
"matchCriteriaId": "7BC4A4A0-4EEE-4C51-BFF4-4B65C815AB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*",
"matchCriteriaId": "72CC2D03-538A-4603-B4FF-C6930F9D7E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:x64:*:*:*:*:*",
"matchCriteriaId": "5894A4E3-D063-4BE2-8579-B9BBF581EE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2572F7E5-75A3-4C11-866B-A4E9ADBD8D08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:itanium:*",
"matchCriteriaId": "54879DE7-47AE-4E94-986C-4D956B64411C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openpgp:openpgp:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7DB4DC-5369-4087-B055-F1B1BFB50812",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F205B07D-D1C9-4761-9C63-D7BE5E2C73CF",
"versionEndIncluding": "8.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "40679A45-CE96-4F49-B552-8FB5B6AD493F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99FB50CA-9C49-4358-8C1F-803CC976408D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D153658-7BAF-42D3-AA20-3B6193EB184B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xinuos:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2AD5B8-44C1-4981-A795-E76EFFD8C96E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xinuos:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29E97E1A-268A-4F18-86A4-39A960E2082C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xinuos:unixware:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25A2CA45-7476-4D11-9236-15072E4C9CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xinuos:unixware:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F96B92D7-ED2E-439C-B1D7-949628CF4456",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP."
},
{
"lang": "es",
"value": "TCP, cuando se usa un tama\u00f1o de ventana de transmisi\u00f3n grande, hace m\u00e1s f\u00e1cil a atacantes remotos adivinar n\u00fameros de secuencia y causar una denegaci\u00f3n de servicio (p\u00e9rdida de la conexi\u00f3n) en conexiones TCP persistentes inyectando repetidamente un paquete TCP RST, especialmente en protocolos que usan conexiones de vida larga, como BGP."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/331.html\"\u003eCWE-331: Insufficient Entropy\u003c/a\u003e",
"id": "CVE-2004-0230",
"lastModified": "2025-05-02T16:40:41.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/JSA10638"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry",
"Broken Link"
],
"url": "http://secunia.com/advisories/11440"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry",
"Broken Link"
],
"url": "http://secunia.com/advisories/11458"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry",
"Broken Link"
],
"url": "http://secunia.com/advisories/22341"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/4030"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/10183"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-111A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/JSA10638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry",
"Broken Link"
],
"url": "http://secunia.com/advisories/11440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry",
"Broken Link"
],
"url": "http://secunia.com/advisories/11458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry",
"Broken Link"
],
"url": "http://secunia.com/advisories/22341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/4030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/10183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-111A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "The DHS advisory is a good source of background information about the\nissue: http://www.us-cert.gov/cas/techalerts/TA04-111A.html\n\nIt is important to note that the issue described is a known function of TCP. In order to perform a connection reset an attacker would need to know the source and destination ip address and ports as well as being able to guess the sequence number within the window. These requirements seriously reduce the ability to trigger a connection reset on normal TCP connections. The DHS advisory explains that BGP routing is a specific case where being able to trigger a reset is easier than expected as the end points can be easily determined and\nlarge window sizes are used. BGP routing is also signficantly affected by having it\u2019s connections terminated. The major BGP peers have recently switched to requiring md5 signatures which mitigates against this attack.\n\nThe following article from Linux Weekly News also puts the flaw into context and shows why it does not pose a significant threat:\nhttp://lwn.net/Articles/81560/\n\nRed Hat does not have any plans for action regarding this issue.\n",
"lastModified": "2006-08-16T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 2.0.34 | |
| digital | unix | 4.0 | |
| netbsd | netbsd | * | |
| redhat | linux | 2.0.34 | |
| slackware | slackware_linux | 2.0.34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6AB54-5D9F-4EE2-8AA4-7E61F09C7F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5ACB4A-7B75-4B29-813D-EDE7E566A754",
"versionEndIncluding": "1.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CA3C2F-739A-4E61-803A-877978D70468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CE11D-53A9-4C69-8AC4-2ECE48468125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks."
}
],
"id": "CVE-2000-0315",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7575"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands."
}
],
"id": "CVE-2000-0751",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"source": "cve@mitre.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata.html#mopd"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata.html#mopd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1559"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-02-06 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow of rlogin program using TERM environmental variable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bsdi | bsd_os | 1.1 | |
| bsdi | bsd_os | 2.0 | |
| bsdi | bsd_os | 2.0.1 | |
| bsdi | bsd_os | 2.1 | |
| debian | debian_linux | 0.93 | |
| digital | ultrix | - | |
| freebsd | freebsd | 1.1.5.1 | |
| freebsd | freebsd | 2.0 | |
| freebsd | freebsd | 2.0.5 | |
| freebsd | freebsd | 2.1.0 | |
| freebsd | freebsd | 2.1.5 | |
| hp | hp-ux | 10.00 | |
| hp | hp-ux | 10.01 | |
| hp | hp-ux | 10.08 | |
| hp | hp-ux | 10.09 | |
| hp | hp-ux | 10.10 | |
| hp | hp-ux | 10.16 | |
| hp | hp-ux | 10.20 | |
| hp | hp-ux | 10.24 | |
| hp | hp-ux | 10.30 | |
| hp | hp-ux | 10.34 | |
| ibm | aix | 3.2 | |
| ibm | aix | 4.1 | |
| ibm | aix | 4.1.1 | |
| ibm | aix | 4.1.2 | |
| ibm | aix | 4.1.3 | |
| ibm | aix | 4.1.4 | |
| ibm | aix | 4.1.5 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| next | nextstep | - | |
| oracle | solaris | - | |
| oracle | solaris | 2.5.1 | |
| oracle | solaris | 2.6 | |
| oracle | solaris | 7.0 | |
| oracle | solaris | 8 | |
| sun | sunos | 4.1.3u1 | |
| sun | sunos | 4.1.4 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E922C-239D-4F98-87ED-BB7998BE99C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD254562-D74A-4D7C-B846-E242D785B830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFBCFEE-C24C-4D38-83F9-810E05D27901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E1BD95-EF97-4CA0-9EF1-5081DD5F782B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:ultrix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2066A9-7DAE-403C-8C12-5414C6770F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2170549C-80D2-4FF8-AC07-BD4124125B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*",
"matchCriteriaId": "066D4E93-366F-42D4-B27D-8AF981F5F2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "38E41C26-A086-4C9C-83D8-CB910F4B67F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "09070FE3-EF6B-41F6-89D8-3C9E31F3A6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD50216-90AC-480E-A11C-E88E64C6D84A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:next:nextstep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8772D1A6-9458-499F-B9E7-758A6DA735B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A57664FD-9E75-4F9B-92C4-7D85A263D04B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69C7B4A8-E8D0-425C-B979-17E85458B0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F538D2B-1AE1-4766-830E-CF7999181128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:*",
"matchCriteriaId": "722A52CF-4C6E-44D3-90C4-D2F72A40EF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1BA107-F2D3-4F13-82EC-4576C429E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow of rlogin program using TERM environmental variable."
}
],
"id": "CVE-1999-0046",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-02-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://gleg.net/advisory_netbsd2.shtml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://gleg.net/advisory_netbsd2.shtml | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges."
}
],
"id": "CVE-2004-1374",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35EE137B-0ED3-47EC-8195-58690F5B252E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "580ADA83-C07B-40DD-B219-CA1908F1087F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9371CBC-192E-44C0-9E0C-A6D61D6C0D83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71E01FA3-4CEA-4AF0-973C-C6DA147C6252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8C163058-A35D-4F30-B103-8A786FAA75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79528C86-614D-4B14-9D26-89E0BE6B2AED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF54438-F56B-4FC1-BCDB-A1A9D75374D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2AE8906-AFCF-4ED9-B3E2-D6184F67C485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1450E5BF-66A0-4096-9775-E31E98C69AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EE6003AB-39CB-4FE5-830E-022CA71B4784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "954CBDF2-3EA3-431E-80B6-6CBD599B16D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C60A73-F224-41E4-815B-1AC9F140F1FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "608C5D32-740D-4A8A-8A82-5CF73A5FAA44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F8A106-6256-442E-9F77-D17A26FF8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nixu:namesurfer:standard_3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74F997A5-EDE5-4F89-A670-987049ABCF8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nixu:namesurfer:suite_3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFFE8E-3E6D-436A-BEE0-44AB626EBC8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2B5B59-B0CD-4F49-870B-F8F8BE902965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A4900F-7A0B-441E-967D-45B1A051A5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"matchCriteriaId": "F41B68A9-C4EF-47F5-BE84-BD20C073C2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*",
"matchCriteriaId": "1679FFED-8C4B-4B16-8B03-3992CC0F4704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"matchCriteriaId": "75546AD4-15DD-45FD-AFFB-8A59CB8D401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "38B11F9E-64EE-47D1-A341-62F54382227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*",
"matchCriteriaId": "690B68FC-4548-4D34-8BC7-7EAFD73C9F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E296E409-EF32-48FC-88CB-C38C7CF4A239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0BEA96-837B-4699-BE2E-CCD8F8F3CF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4DFD7B-4A10-4991-AC26-C8A957E87009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA62CD1-19EA-46D8-9423-BFFF9FC8CA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"matchCriteriaId": "881FCB3C-DAD8-4883-B185-19A61B76102B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B9413090-D930-49DB-B7ED-7035C717B821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"matchCriteriaId": "168C607C-6170-4936-9A53-AE3AAEBD79F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7793736-B551-428D-8A2F-291968E212FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB7AD47-5AF1-4CE0-A295-48567F991EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADBC08D-88E1-41BE-A139-F76D3CEA3BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*",
"matchCriteriaId": "972010F3-B97C-4A8F-9EFC-42F572AE7D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "55E0D6B2-C319-4DD4-AB4C-F2F35F7806F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"matchCriteriaId": "CCEFCB5E-D7DF-48BF-B62A-081C4799F5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*",
"matchCriteriaId": "6A8C556B-8896-4D37-A9DD-2DF1C648F7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1l:*:*:*:*:*:*:*",
"matchCriteriaId": "43E38D56-80BA-460C-A296-ED7F506E4364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:current:*:*:*:*:*:*:*",
"matchCriteriaId": "F30E9234-481B-41BC-BFC2-9E9773DEE65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71DDB9D9-AD7B-479D-B128-7150286EE563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value."
},
{
"lang": "es",
"value": "ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo."
}
],
"id": "CVE-2003-0914",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2003-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10542"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-409"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/734644"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/734644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-12-16 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Teardrop IP denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | hp-ux | 9.00 | |
| hp | hp-ux | 9.01 | |
| hp | hp-ux | 9.03 | |
| hp | hp-ux | 9.04 | |
| hp | hp-ux | 9.05 | |
| hp | hp-ux | 9.07 | |
| hp | hp-ux | 10 | |
| hp | hp-ux | 10.01 | |
| hp | hp-ux | 10.16 | |
| hp | hp-ux | 10.20 | |
| hp | hp-ux | 10.24 | |
| hp | hp-ux | 10.30 | |
| hp | hp-ux | 11.00 | |
| microsoft | windows_95 | 0.0a | |
| microsoft | windows_nt | 3.5.1 | |
| microsoft | windows_nt | 3.5.1 | |
| microsoft | windows_nt | 3.5.1 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| sun | sunos | 4.1.3u1 | |
| sun | sunos | 4.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6E436D06-FA3A-43F6-AF84-2E9C2F42E3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB1B6DC-4FF9-40DC-BAD5-91A04E79981E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FA635E-C0FE-495C-A2BB-D9C30A95FD00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "E178238D-E17A-48C9-8922-AC92474BDF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.05:*:*:*:*:*:*:*",
"matchCriteriaId": "560C17E1-6154-4291-A838-5E76139B9FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.07:*:*:*:*:*:*:*",
"matchCriteriaId": "035890F7-BF48-4669-812A-1DCBD91A8F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CC96D014-7CE2-4F61-BBAF-507829C542EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "38E41C26-A086-4C9C-83D8-CB910F4B67F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "09070FE3-EF6B-41F6-89D8-3C9E31F3A6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_95:0.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "5190BE3F-DA55-4463-A19C-904BF848D5DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D4EAC2-A948-461F-B5DD-0AE73CF05D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EF8BECF6-3C33-4D8C-B54E-A0D2F3295E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "828B4519-24D8-45A7-8448-D5FF6C83A2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1BA107-F2D3-4F13-82EC-4576C429E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Teardrop IP denial of service."
}
],
"id": "CVE-1999-0015",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-12-16T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5579"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call."
},
{
"lang": "es",
"value": "Vulnerabilidad de cadena de formato en la funci\u00f3n startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote()."
}
],
"id": "CVE-2000-1208",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/137555"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/5286.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-066.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/137555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/5286.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1711"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-09-05 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 3.0 | |
| freebsd | freebsd | 3.1 | |
| freebsd | freebsd | 3.2 | |
| freebsd | freebsd | 3.3 | |
| freebsd | freebsd | 3.4 | |
| freebsd | freebsd | 3.5 | |
| freebsd | freebsd | 4.0 | |
| freebsd | freebsd | 5.0 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| openbsd | openbsd | 2.5 | |
| openbsd | openbsd | 2.6 | |
| openbsd | openbsd | 2.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "4319B741-4376-4EA2-9FEB-236C148D1514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "247ABD95-74CA-45B8-8729-3C35C9E11186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*",
"matchCriteriaId": "1D4C44E8-075A-4B48-88DA-2CAC25CDF159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "19D1E7AC-79B6-4136-ADB2-06BEE9773795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "E2EE8A19-8AB1-4283-95EA-9EE3C7E5DED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
"matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers."
}
],
"id": "CVE-2000-0489",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-09-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/622"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=NCBBKFKDOLAGKIAPMILPCEJLCEAA.labs%40ussrback.com"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.9908270039010.16315-100000%40thetis.deor.org"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=NCBBKFKDOLAGKIAPMILPCEJLCEAA.labs%40ussrback.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.9908270039010.16315-100000%40thetis.deor.org"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3298"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-11 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:midnightbsd:midnightbsd:0.3-current:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB266CE-0E06-4094-AE00-0ADBD2364F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mirbsd:miros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A4B5B9-C443-4A85-852D-F3B71732BCDA",
"versionEndIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "89CA041B-4153-43C7-BA69-D6052F4EBEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B32BB973-60E5-402B-83FE-547786BC7A57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload."
},
{
"lang": "es",
"value": "La funci\u00f3n pf_test_rule de OpenBSD Packet Filter (PF), tal como es usada en OpenBSD v4.2 hasta v4.5, NetBSD v5.0 anterior a RC3, MirOS v10 y anteriores y MidnightBSD v0.3 hasta la versi\u00f3n actual permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de paquetes IP modificados que provocan una \"desreferencia\" de un puntero nulo relacionada con un paquete IPv4 con datos (\"payload\") ICMPv6."
}
],
"id": "CVE-2009-0687",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-11T10:30:00.217",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-001.txt.asc"
},
{
"source": "cret@cert.org",
"url": "http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/errata43.html#013_pf"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/errata44.html#013_pf"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/errata45.html#002_pf"
},
{
"source": "cret@cert.org",
"url": "http://www.osvdb.org/53608"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/502634"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1015"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49837"
},
{
"source": "cret@cert.org",
"url": "https://www.exploit-db.com/exploits/8406"
},
{
"source": "cret@cert.org",
"url": "https://www.exploit-db.com/exploits/8581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/errata43.html#013_pf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/errata44.html#013_pf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/errata45.html#002_pf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/53608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/8406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/8581"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-10-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:advanced_message_server:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABD33DF-FEC4-4519-B2ED-4E498A7329FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:advanced_message_server:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2455BE6E-7540-4545-B40A-0366BDA6AE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA16C02-3B8D-4188-898E-048A93F11ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF12CC4-C9CD-479A-8F85-8F947B5B60A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "623A2E07-2122-4ADE-9932-011DCA4396A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C563EF-FDED-4193-A66A-06527878BB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A267D3-2F49-4E61-B2C9-D8ED2265665E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7199205A-B914-40A1-9C82-A9698511E3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC468AB-8B18-4169-8040-614A32444732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D30A1136-074A-460D-9794-DDD530626800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1D6A40-5DD1-481C-AF85-85705FCE3680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_pro:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9371E42-3A43-4E60-9C03-841B5901AF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_pro:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E172E270-E0EE-49C6-AEF7-B533CD88F67D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5492A89B-8140-4CF7-BE81-09C25A64373A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A6D5AF-2134-4EC5-B53A-CE95B5505325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5FE819-E570-4AEE-BF0C-B9B1960A1AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "913AF73A-F6DE-4FAF-8A09-02CD33784B27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "661A9B85-09EE-4D38-9160-8EEA6BE07BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F28941D4-7D1E-4BF9-8E2F-C951978424E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD930C49-512B-4114-8A97-80B1816CFCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8553E3-578B-4BE3-BBAD-5589338586E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7EE5C8E-8E2E-4C98-B8C5-B590E44B1EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3930ED-DE49-4F01-A904-5D66E34832F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A51855-94DD-4F2E-BFF8-4ABE4613F962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56B76FFE-90CB-4C11-9E9D-FFA896482628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74C77927-A67A-4C1B-BB80-18148E1F0FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D22E3-18F8-42F9-993E-81E832B0B125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7BABB5CA-26F4-4DB6-9D43-1C82751DCCA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F323395B-4549-4B54-8BBF-66B1B1B3F563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B13C07CC-F615-4F30-B532-4BF6F02F84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
"matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.19f:*:*:*:*:*:*:*",
"matchCriteriaId": "61370032-AB21-4E93-B143-A92A342AFB1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.19m:*:*:*:*:*:*:*",
"matchCriteriaId": "C833FC19-D913-4C62-B14A-E1B3845D0275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.20f:*:*:*:*:*:*:*",
"matchCriteriaId": "B90188D6-6C57-45C2-B266-50D65B4D33E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.20m:*:*:*:*:*:*:*",
"matchCriteriaId": "39DD839E-159B-43FD-A1E6-A22EE658BEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.21f:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9CF799-3B52-4694-A706-37FA08EC9ABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.21m:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5A5AD7-F8AD-448F-8125-ACB0E7BA0A4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2B5B59-B0CD-4F49-870B-F8F8BE902965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A4900F-7A0B-441E-967D-45B1A051A5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"matchCriteriaId": "F41B68A9-C4EF-47F5-BE84-BD20C073C2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*",
"matchCriteriaId": "1679FFED-8C4B-4B16-8B03-3992CC0F4704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"matchCriteriaId": "75546AD4-15DD-45FD-AFFB-8A59CB8D401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "38B11F9E-64EE-47D1-A341-62F54382227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*",
"matchCriteriaId": "690B68FC-4548-4D34-8BC7-7EAFD73C9F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E296E409-EF32-48FC-88CB-C38C7CF4A239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0BEA96-837B-4699-BE2E-CCD8F8F3CF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4DFD7B-4A10-4991-AC26-C8A957E87009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA62CD1-19EA-46D8-9423-BFFF9FC8CA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"matchCriteriaId": "881FCB3C-DAD8-4883-B185-19A61B76102B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B9413090-D930-49DB-B7ED-7035C717B821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"matchCriteriaId": "168C607C-6170-4936-9A53-AE3AAEBD79F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7793736-B551-428D-8A2F-291968E212FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB7AD47-5AF1-4CE0-A295-48567F991EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADBC08D-88E1-41BE-A139-F76D3CEA3BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*",
"matchCriteriaId": "972010F3-B97C-4A8F-9EFC-42F572AE7D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "55E0D6B2-C319-4DD4-AB4C-F2F35F7806F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"matchCriteriaId": "CCEFCB5E-D7DF-48BF-B62A-081C4799F5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*",
"matchCriteriaId": "6A8C556B-8896-4D37-A9DD-2DF1C648F7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "A0A3F7B6-2878-40C0-B59C-EBA8D171D2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "A442DE97-4485-4D95-B95D-58947585E455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*",
"matchCriteriaId": "3BA1504C-14FE-4C21-A801-944041F2946F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "21B69535-4FB6-4FAD-AAA6-C790FF82EFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"matchCriteriaId": "6F4AC452-6042-409D-8673-ACAD108EE3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"matchCriteriaId": "9BCD9C12-EDAB-473F-9CC5-04F06B413720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"matchCriteriaId": "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"matchCriteriaId": "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"matchCriteriaId": "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"matchCriteriaId": "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"matchCriteriaId": "AFDA151E-E614-4A24-A34D-B6D5309110CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*",
"matchCriteriaId": "5F3B4BA2-8A61-4F9A-8E46-7FA80E7F5514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "4AE93D3D-34B4-47B7-A784-61F4479FF5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69E4BDC1-7750-4B35-88E1-F8449D255114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63D8C8D6-8EC1-4B64-996C-636ECD78E7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC0256B-3962-433A-9FAC-37FFAE43E888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4844D5C-3859-47B1-9A71-CEA2053E2213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c."
},
{
"lang": "es",
"value": "La funci\u00f3n de prescan en Sendmail 8.12.9 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ataques de desbordamiento de b\u00fafer, como se demostr\u00f3 usando la funci\u00f3n parseaddr en parseaddr.c."
}
],
"id": "CVE-2003-0694",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-10-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-25.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-284.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-25.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-284.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-02-20 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
FreeBSD mmap function allows users to modify append-only or immutable files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeBSD mmap function allows users to modify append-only or immutable files."
}
],
"id": "CVE-1999-0323",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-02-20T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-02-16 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr."
}
],
"id": "CVE-2000-0094",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-02-16T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-001.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20760"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/940"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3995"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-25 02:15
Modified
2024-11-21 06:32
Severity ?
Summary
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Patch, Vendor Advisory | |
| cve@mitre.org | https://arxiv.org/pdf/2112.09604.pdf | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://arxiv.org/pdf/2112.09604.pdf | Technical Description, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0992771-F022-4195-A4DF-4323FF07B04F",
"versionEndIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm."
},
{
"lang": "es",
"value": "En NetBSD versiones hasta 9.2, se presenta un filtrado de informaci\u00f3n en el algoritmo de generaci\u00f3n de TCP ISN (ISS)"
}
],
"id": "CVE-2021-45488",
"lastModified": "2024-11-21T06:32:19.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-25T02:15:06.803",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required \"PKTHDR\" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets."
},
{
"lang": "es",
"value": "El kernel de red OSI (sys/netiso) en NetBSD 1.6.1 y anteriores no usa un mbuf \"PKTHDR\" requerido por BSD cuando envia ciertas respuestas de error al enviador de un paquete OSI, lo que permite a atacantes remotos causar un denegaci\u00f3n de servicio (ca\u00edda o p\u00e1nico del kernel) mediante ciertos paquetes OSI."
}
],
"id": "CVE-2003-0653",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-08-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-010.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-010.txt.asc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-20 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | 10.0 | |
| apple | mac_os_x | 10.0.1 | |
| apple | mac_os_x | 10.0.2 | |
| apple | mac_os_x | 10.0.3 | |
| apple | mac_os_x | 10.0.4 | |
| apple | mac_os_x | 10.1 | |
| apple | mac_os_x | 10.1.1 | |
| apple | mac_os_x | 10.1.2 | |
| apple | mac_os_x | 10.1.3 | |
| apple | mac_os_x | 10.1.4 | |
| apple | mac_os_x | 10.1.5 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x | 10.2.1 | |
| apple | mac_os_x | 10.2.2 | |
| apple | mac_os_x | 10.2.3 | |
| apple | mac_os_x | 10.2.4 | |
| apple | mac_os_x | 10.2.5 | |
| apple | mac_os_x | 10.2.6 | |
| apple | mac_os_x | 10.2.7 | |
| apple | mac_os_x | 10.2.8 | |
| apple | mac_os_x | 10.3 | |
| apple | mac_os_x | 10.3.1 | |
| apple | mac_os_x | 10.3.2 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x | 10.3.4 | |
| apple | mac_os_x | 10.3.5 | |
| apple | mac_os_x | 10.3.6 | |
| apple | mac_os_x | 10.3.7 | |
| apple | mac_os_x | 10.3.8 | |
| apple | mac_os_x | 10.3.9 | |
| apple | mac_os_x | 10.4 | |
| apple | mac_os_x | 10.4.1 | |
| apple | mac_os_x | 10.4.2 | |
| apple | mac_os_x | 10.4.3 | |
| apple | mac_os_x | 10.4.4 | |
| apple | mac_os_x | 10.4.5 | |
| apple | mac_os_x | 10.4.6 | |
| apple | mac_os_x | 10.4.7 | |
| apple | mac_os_x | 10.4.8 | |
| apple | mac_os_x | 10.4.9 | |
| apple | mac_os_x | 10.4.10 | |
| netbsd | netbsd | 2.0 | |
| netbsd | netbsd | 2.1 | |
| netbsd | netbsd | 3.0 | |
| netbsd | netbsd | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la conjunto de la implementaci\u00f3n de libc in NetBSD-current versiones anteriores a 20050914, NetBSD 2.* y 3.* versiones anteriores a 20061203, y Apple Mac OSX anterior a 2007-004, tal y como se usan en el demonio FTP y tnftpd, permite a atacantes remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante un nombre de ruta largo que resulta de una expansi\u00f3n en la ruta."
}
],
"id": "CVE-2006-6652",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-20T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/23178"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24966"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1017386"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/31781"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/21377"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/23178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1017386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/31781"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/21377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30670"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-09-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80F6028A-5C2C-4AEF-A8CD-1FD638F89E0D",
"versionEndIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB651DC9-E4F0-440F-A339-CFA576CED78C",
"versionEndIncluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool."
}
],
"id": "CVE-2001-0710",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-09-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2799"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6636"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-30 00:19
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:navision_software:navision_financials_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22DBD7A1-3E7B-427C-A158-2E4B45D31042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E59D3682-22E1-40C4-AC65-079005FB6194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3D95D05C-4FE1-4408-B8B8-5C5932800385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "FCB9E9F8-7C6B-4BC7-A593-A11B9D6F0B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F4B6E29-B74F-45FF-AEB1-A118753F8E3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el protocolo de red ISO soportado por el NetBSD kernel 2.0 hasta la 4.0_BETA2 y el NetBSD-current anterior al 20070329, permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante el paso de par\u00e1metros largos a ciertas funciones, como lo demostrado mediante el paso como argumento de la estructura larga sockaddr a la funci\u00f3n clnp_route."
}
],
"id": "CVE-2007-1677",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-30T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/43596"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23193"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017832"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1159"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/43596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33381"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-03 10:04
Modified
2025-04-03 01:03
Severity ?
Summary
The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference."
}
],
"evaluatorSolution": "The NetBSD 2.x versions are only affected if the kernel is compiled with the USE_TOPDOWN_VM option (not default in generic kernels).",
"id": "CVE-2006-1589",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-03T10:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-008.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015848"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24576"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-008.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25690"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-18 10:02
Modified
2025-04-03 01:03
Severity ?
Summary
The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference."
}
],
"id": "CVE-2006-1797",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-18T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19615"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015908"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24578"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17497"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25766"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd."
}
],
"id": "CVE-2000-0993",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97068555106135\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata27.html#pw_error"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1744"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97068555106135\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata27.html#pw_error"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5339"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-24 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF2AF0F-2373-43F6-8148-914EF4D178E5",
"versionEndIncluding": "20140201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:19990519:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BA38EE-559D-4341-8291-788C74EE4346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20000421:*:*:*:*:*:*:*",
"matchCriteriaId": "930F7A3F-A7C8-4603-A4E5-9AB3C27F7355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20000426:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A6287D-F9C0-4934-84CA-22572806AE26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20000427:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9C2032-F26A-4D5B-A631-4EA68ABD4FE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20000815:*:*:*:*:*:*:*",
"matchCriteriaId": "860DBF31-9655-417A-B2C7-5F389B675FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20000825:*:*:*:*:*:*:*",
"matchCriteriaId": "E72B5243-904B-4E12-BD28-DDF03EEF6B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20010610:*:*:*:*:*:*:*",
"matchCriteriaId": "7FC42DDE-41C9-4DAA-8EB5-CC5D5FFDCCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20010812:*:*:*:*:*:*:*",
"matchCriteriaId": "17457601-F61A-444D-8E33-0FE0ED723F61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20010922:*:*:*:*:*:*:*",
"matchCriteriaId": "20EAEC35-E205-4717-826D-F4D1FCA6DC6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20020710:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4A13CA-DCB0-4C1F-A3DA-27A36BC116B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20020730:*:*:*:*:*:*:*",
"matchCriteriaId": "3D86758B-C34A-4689-9B3A-9CF614D2E4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20020803:*:*:*:*:*:*:*",
"matchCriteriaId": "732DBCCD-B38A-47B7-BD4B-4EE4CF370AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20020804:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB916FC-4FB9-48EF-8D46-26C29D35DCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20020823:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB26F26-3B1E-44BB-A8D1-FB823C2759B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20020913:*:*:*:*:*:*:*",
"matchCriteriaId": "5D2148E4-FB12-4613-8F55-1AB364363BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20021106:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EFEEB4-07C3-459F-A807-12A21AFD94F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20030313:*:*:*:*:*:*:*",
"matchCriteriaId": "30FA69A8-657F-44A0-999D-89EA7E24072E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20030409:*:*:*:*:*:*:*",
"matchCriteriaId": "B41528DD-A3C0-40D9-9DCC-4C7962337BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20030626:*:*:*:*:*:*:*",
"matchCriteriaId": "274EC529-8C50-44C3-96AE-9C636C9183B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20031005:*:*:*:*:*:*:*",
"matchCriteriaId": "38A29464-13AF-474E-B0F6-BF65F44B3EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20040218:*:*:*:*:*:*:*",
"matchCriteriaId": "579B9F00-9093-4D4B-9F19-0FBDA141FD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20040808:*:*:*:*:*:*:*",
"matchCriteriaId": "AB017665-6823-407E-AFF3-5A8C1848B3E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20050410:*:*:*:*:*:*:*",
"matchCriteriaId": "13BE5871-6AB5-4A4B-BD7B-59D7D6161867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20060517:*:*:*:*:*:*:*",
"matchCriteriaId": "7E00FD78-FCBF-4D10-AC00-73B6838758B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20060710:*:*:*:*:*:*:*",
"matchCriteriaId": "162B8DC7-76B5-45E3-8DF3-62C32AB0FB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20080303:*:*:*:*:*:*:*",
"matchCriteriaId": "C7BAA49A-41BA-436B-902C-FCDE8C156C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20090417:*:*:*:*:*:*:*",
"matchCriteriaId": "A8280988-55E3-4A94-93E3-1064A8B54C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20090522:*:*:*:*:*:*:*",
"matchCriteriaId": "A1668326-2B90-4D98-859C-CFDFD7811E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20100509:*:*:*:*:*:*:*",
"matchCriteriaId": "620F61ED-B77F-48B7-93EA-7089A9C0BBE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20100512:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F081AF-5022-44B4-BBB7-108374DDFADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20100617:*:*:*:*:*:*:*",
"matchCriteriaId": "68B361C0-AC14-4386-8AA1-94273A1B3FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20100621:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE40B8D-B3EA-427A-8539-E9F502806279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20100920:*:*:*:*:*:*:*",
"matchCriteriaId": "3725C5D4-E464-4E64-BA2E-F6A60F5E4B9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20111118:*:*:*:*:*:*:*",
"matchCriteriaId": "75CFA0D4-530C-4B15-B6D8-8D5E92E1A50F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eterna:bozohttpd:20140102:*:*:*:*:*:*:*",
"matchCriteriaId": "7845A2CA-B83F-479A-B263-9824F13B21BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "730917F8-E1F4-4836-B05A-16B2BA5774DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3407906D-EF23-4812-A597-F0E863DE17B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23BD3A0-E5AD-4893-AAAF-E2858B4128CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69CAE756-335E-4E02-83F9-B274D416775C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path."
},
{
"lang": "es",
"value": "El servidor HTTP bozotic (tambi\u00e9n conocido como bozohttpd) anterior a 20140708, utilizado en NetBSD, trunca las rutas cuando compruebe las restricciones .htpasswd, lo que permite a atacantes remotos evadir la esquema de la autenticaci\u00f3n HTTP y acceder a las restricciones a trav\u00e9s de una ruta larga."
}
],
"id": "CVE-2014-5015",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-24T14:55:09.583",
"references": [
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-007.txt.asc"
},
{
"source": "security@debian.org",
"url": "http://seclists.org/oss-sec/2014/q3/180"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://www.eterna.com.au/bozohttpd/"
},
{
"source": "security@debian.org",
"url": "http://www.eterna.com.au/bozohttpd/CHANGES"
},
{
"source": "security@debian.org",
"url": "http://www.osvdb.org/109283"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/68752"
},
{
"source": "security@debian.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-007.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q3/180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.eterna.com.au/bozohttpd/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eterna.com.au/bozohttpd/CHANGES"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/109283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94751"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-23 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable."
}
],
"id": "CVE-2001-1091",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-23T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-014.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-014.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7037"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-04-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en setlocale en libc de NetBSD 1.4.x a 1.5, y posiblemente otros sistemas operativos, cuando es llamado con la categor\u00eda LC_ALL, permite a atacantes locales ejecutar c\u00f3digo arbitrario mediante una cadena de formato controlada por el usuario que tenga m\u00e1s de 6 elementos, lo que excede los l\u00edmites del array de categor\u00eda new_categories, es explotable a trav\u00e9s de otros programas como xterm y zsh."
}
],
"id": "CVE-2002-1476",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10159.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7565"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10159.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5724"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "247ABD95-74CA-45B8-8729-3C35C9E11186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*",
"matchCriteriaId": "1D4C44E8-075A-4B48-88DA-2CAC25CDF159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "19D1E7AC-79B6-4136-ADB2-06BEE9773795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "E2EE8A19-8AB1-4283-95EA-9EE3C7E5DED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
"matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka \"cpu-hog\"."
}
],
"id": "CVE-2000-0456",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-005.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1365"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1272"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-02-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*",
"matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*",
"matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "E9D468DB-C4AE-4ACB-B3B7-2FAEA90D6A49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
"matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D76664-F4AC-470A-9686-3F708922A340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "65CB09B5-0DE1-49AE-B87E-3C04EEA3E281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
},
{
"lang": "es",
"value": "Corrupci\u00f3n de memoria en el comando \"at\" permite que usuarios locales ejecuten c\u00f3digo arbitrario haciendo uso de un tiempo de ejecuci\u00f3n mal escrito (lo que provoca que at libere la misma memoria dos veces)."
}
],
"id": "CVE-2002-0004",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-02-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-12 03:03
Modified
2025-04-12 10:46
Severity ?
Summary
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsd:bsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "388BB5C2-53B3-4597-913C-7D86E585CCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD85B1ED-1473-4C22-9E1E-53F07CF517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets."
},
{
"lang": "es",
"value": "La pila de TCP en 4.3BSD Net/2, utilizado en FreeBSD 5.4, NetBSD posiblemente 2.0, y OpenBSD posiblemente 3.6, no implementa correctamente el temporizador de la sesi\u00f3n, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s de paquetes manipulados."
}
],
"id": "CVE-2014-7250",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-12T03:03:47.817",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN07930208/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN07930208/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-08 04:00
Modified
2025-04-09 19:15
Severity ?
Summary
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| data_general | dg_ux | y2k_patchr4.11mu05 | |
| data_general | dg_ux | y2k_patchr4.12mu03 | |
| data_general | dg_ux | y2k_patchr4.20mu01 | |
| data_general | dg_ux | y2k_patchr4.20mu02 | |
| data_general | dg_ux | y2k_patchr4.20mu03 | |
| isc | bind | 4.9 | |
| isc | bind | 8 | |
| ibm | aix | 4.1 | |
| ibm | aix | 4.2 | |
| ibm | aix | 4.3 | |
| nec | asl_ux_4800 | 11 | |
| nec | asl_ux_4800 | 13 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| redhat | linux | 4.2 | |
| redhat | linux | 5.0 | |
| sco | open_desktop | 3.0 | |
| sco | openserver | 5.0 | |
| sco | unix | 3.2v4 | |
| sco | unixware | 2.1 | |
| sco | unixware | 7.0 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.11mu05:*:*:*:*:*:*:*",
"matchCriteriaId": "D85C6D97-CF88-4F47-8580-1E1271C3BEB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.12mu03:*:*:*:*:*:*:*",
"matchCriteriaId": "803355A3-10BA-45DA-AFF7-867A06AEE420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu01:*:*:*:*:*:*:*",
"matchCriteriaId": "59665BA5-0818-44E7-9102-62060C88431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu02:*:*:*:*:*:*:*",
"matchCriteriaId": "930A6977-EF72-4693-96E0-603FE096EB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu03:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE41F0D-8CCB-4A79-B05E-E08E37B1E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "49A7C6F2-F769-447A-8C8B-9002BD6FBF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*",
"matchCriteriaId": "7904F3D9-A6B0-4ED6-8BAD-2D26C118C0F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:nec:asl_ux_4800:11:*:*:*:*:*:*:*",
"matchCriteriaId": "707579B5-701A-4A36-8567-AB2E11759322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:nec:asl_ux_4800:13:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C620CF-5046-4A6A-A479-AC315D1E36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unix:3.2v4:*:*:*:*:*:*:*",
"matchCriteriaId": "51756048-EB32-4A72-9ED4-937AF2B9DE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A13A9E-E24A-4AEE-AD42-2BCA5990E4B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer."
}
],
"id": "CVE-1999-0011",
"lastModified": "2025-04-09T19:15:42.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "1998-04-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
},
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1067"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.3 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:alpha:*:*:*:*:*",
"matchCriteriaId": "87FD0350-38E2-46D3-B17F-6C3F9C3488A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:arm32:*:*:*:*:*",
"matchCriteriaId": "3DC541BB-95DF-4A31-998F-983255F8B485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5AB998EB-E5F3-414D-AA99-34DC7B32E870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "4319B741-4376-4EA2-9FEB-236C148D1514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "247ABD95-74CA-45B8-8729-3C35C9E11186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*",
"matchCriteriaId": "1D4C44E8-075A-4B48-88DA-2CAC25CDF159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sh3:*:*:*:*:*",
"matchCriteriaId": "393738E7-93E1-4A37-817B-C023A9BD1DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "19D1E7AC-79B6-4136-ADB2-06BEE9773795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "E2EE8A19-8AB1-4283-95EA-9EE3C7E5DED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
"matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes."
},
{
"lang": "es",
"value": "NetBSD 1.4 a la 1.6 beta permite a usuarios locales causar la Denegaci\u00f3n de Servicios (DoS) mediante una serie de llamadas a TIOCSCTTY ioctl, lo cual provoca un desbordamiento de enteros en un contador, poniendo dicho contador a 0, liberando memoria que a\u00fan esta en uso por otros procesos."
}
],
"id": "CVE-2002-1490",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10115.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7566"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10115.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5722"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-15 00:55
Modified
2025-04-12 10:46
Severity ?
Summary
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2EDDE6-49F2-41D3-BCB2-F49886A2A170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB3FB071-FCCC-4425-AFBF-77287C1B8F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DCADB10-49F8-4E8A-B915-6A770620B212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56998F82-855E-4514-A4AF-A36084E10C5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD518B94-9CD7-4C45-8766-578CF427B4CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0402E20C-8B41-4A2A-BFF9-92EC843985F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24C6A01A-6308-4C69-B4D5-5BC10277E2E5",
"versionEndIncluding": "10.10.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A90FEC-BCBF-4803-AC2E-55002987BE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6E21D6-B64A-44D2-937D-CB7EDCB996C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8973AFDD-DB77-4AA2-A17C-9BBEE4439E25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA04C9F1-6257-4D82-BA0B-37DE66D94736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2A1D7F64-5AE6-4F2D-A282-DFF61399DFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "336EC5B8-6FD8-42BB-9530-58A15238CEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "623DB4CD-8CB3-445A-B9B5-1238CF195235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "83439D9C-2374-473C-8D64-C0DB886FEFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4E446D-B9D3-45F2-9722-B41FA14A6C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "AF4EA988-FC80-4170-8933-7C6663731981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"matchCriteriaId": "64F8F53B-24A1-4877-B16E-F1917C4E4E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
"matchCriteriaId": "75D3ACD5-905F-42BB-BE1A-8382E9D823BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*",
"matchCriteriaId": "766EA6F2-7FA4-4713-9859-9971CCD2FDCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*",
"matchCriteriaId": "EFBC30B7-627D-48DC-8EF0-AE8FA0C6EDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB38AEA-BAF0-4920-9A71-747C24444770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
"matchCriteriaId": "1F33EA2B-DE15-4695-A383-7A337AC38908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
"matchCriteriaId": "261EE631-AB43-44FE-B02A-DFAAB8D35927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1365ED-4651-4AB2-A64B-43782EA2F0E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
"matchCriteriaId": "EC82690C-DCED-47BA-AA93-4D0C9E95B806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
"matchCriteriaId": "43B90ED1-DAB4-4239-8AD8-87E8D568D5D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9BF2DD-85EF-49CF-8D83-0DB46449E333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AEBE689-3952-46F0-BACA-BB03041C6D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
"matchCriteriaId": "86C46AB8-52E5-4385-9C5C-F63FF9DB82AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
"matchCriteriaId": "564AA4E7-223E-48D8-B3E0-A461969CF530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*",
"matchCriteriaId": "A82CFB41-BEA5-4B5F-BCAA-9BAED22EEAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*",
"matchCriteriaId": "35C2AE06-B6E8-41C4-BB60-177AC4819CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*",
"matchCriteriaId": "EB15C1F3-0DE8-4A50-B17C-618ECA58AABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*",
"matchCriteriaId": "45491BD3-7C62-4422-B7DA-CB2741890FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*",
"matchCriteriaId": "499E52F3-4B34-4C47-8ABF-292928EBAA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*",
"matchCriteriaId": "D530BE19-ADCF-4B5C-99E0-2B9A1DE7717F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*",
"matchCriteriaId": "A7540155-3629-4C76-9C67-8A8E0C1067F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*",
"matchCriteriaId": "419BBCCD-6F8A-418A-BA02-56267B11D948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*",
"matchCriteriaId": "8A3A2AF8-C7DD-43D0-B03F-37E7EB735C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*",
"matchCriteriaId": "DC142ACF-3CBD-4F96-B2AA-C7D48E7CF31E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B4D332-3CB7-4C57-A689-ED0894659ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*",
"matchCriteriaId": "EB130295-F27C-45DD-80F6-BE4BB0931C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA6F5C9-9EE6-40FA-AA99-B4C7274BE8EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "3A2075BD-6102-4B0F-839A-836E9585F43B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2A2FA09E-2BF7-4968-B62D-00DA57F81EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "F02E634E-1E3D-4E44-BADA-76F92483A732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "FCC2B07A-49EF-411F-8A4D-89435E22B043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "7E9480D6-3B6A-4C41-B8C1-C3F945040772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "10FF0A06-DA61-4250-B083-67E55E362677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "8A6BA453-C150-4159-B80B-5465EFF83F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
"matchCriteriaId": "638A2E69-8AB6-4FEA-852A-FEF16A500C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "56C47D3A-B99D-401D-B6B8-1194B2DB4809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "08355B10-E004-4BE6-A5AE-4D428810580B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "738BCFDC-1C49-4774-95AE-E099F707DEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B242C0-D27D-4644-AD19-5ACB853C9DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC683F2-4346-4E5E-A8D7-67B4F4D7827B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
"matchCriteriaId": "764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
"matchCriteriaId": "6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
"matchCriteriaId": "132B9217-B0E0-4E3E-9096-162AA28E158E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*",
"matchCriteriaId": "7619F9A0-9054-4217-93D1-3EA64876C5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*",
"matchCriteriaId": "6D82C405-17E2-4DF1-8DF5-315BD5A41595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*",
"matchCriteriaId": "4C96806F-4718-4BD3-9102-55A26AA86498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1C00C0-C77E-4255-9ECA-20F2673C7366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "21F16D65-8A46-4AC7-8970-73AB700035FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"matchCriteriaId": "92F393FF-7E6F-4671-BFBF-060162E12659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"matchCriteriaId": "E1B85A09-CF8D-409D-966E-168F9959F6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "C684FB18-FDDC-4BED-A28C-C23EE6CD0094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "A74A79A7-4FAF-4C81-8622-050008B96AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDACCB9-8D61-49EE-9957-9E58BC7BB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "E884B241-F9C3-44F8-A420-DE65F5F3D660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "3A383620-B4F7-44A7-85DA-A4FF2E115D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0C6812-F455-49CF-B29B-9AC00306DA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D462C-A1B4-4572-A615-BDE9DC5F1E55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C17C77E3-ABCE-4F1F-A55D-DB61A2A5E28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "89B876D5-7095-4BA2-9EE3-3F0632BC2E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "918D00A4-5502-4DD6-A079-807AB3E964B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A38E8EAD-0742-41CB-B69E-DCC483CBC485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E3BE5C-5097-4585-AF0D-79661DC4A231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "953723A1-606F-4976-A843-1A3F020B9B53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F70EC32-7365-4653-8843-84C92EE9EC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AFABBD01-0773-4823-ABBA-95181558C88E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CE68D967-3356-4CF1-A582-F4EEAC52FA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "75F11AA6-E01D-4951-BB2C-31BB181DF895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D6AF76-02D2-42C1-9620-8F73D5547CC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C762024B-5792-43A3-A82F-A1C0F152F7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "20C26A6C-3C2E-4A2B-B201-6EE949368EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB6DD83-F8B5-4286-879C-EDD35F5C7FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F110827-BCB4-468D-B8F7-4B545F965BFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43E177AD-166A-4521-89BE-66E7571EB80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAE0988-3222-4B11-A809-DFEE0FFDD98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "683595A9-7C48-455D-91E7-BF7E1F5B4BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AFDC7F-23C2-4925-9356-944CBEBB1E7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DE446DB7-3B45-461A-A8E7-5DAFAD8AE5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32B39B8F-50BF-460E-BD26-5C38E125362F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA02D40A-7BC3-42C4-8CEF-C992A3EECE4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35AB63E6-D66C-4F69-8C76-5BB56B0D6A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F16ABD-287C-4710-9720-570648A13F97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "730917F8-E1F4-4836-B05A-16B2BA5774DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38D69127-E5B0-4BC6-8E0A-A5F16D19B06B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C76E9006-A1DA-4902-94C9-AE7071E5A6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D861332D-5976-4544-91C6-4016BAC4648E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D29E76-7A2D-4BC5-AF4E-99A9C31A14D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3407906D-EF23-4812-A597-F0E863DE17B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D17EDB-45BF-4922-8D46-8C340D3F8D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "269E87C2-7474-43F0-870E-C5ADCB73ABFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23BD3A0-E5AD-4893-AAAF-E2858B4128CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "164CD64D-C160-4F75-BF04-19BC7F6E11BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1510AD8C-14AC-4649-AE37-5310575B3E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44D36CD7-FE10-4A72-8364-DE3EFD49AB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24469F6E-FC82-416A-9639-8FC37BE9745F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E28965-1C24-43CC-AFAA-5716D8F6CC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "368CB806-F671-481F-A9BE-DC320F82E5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E45F6-2EE9-4E97-B502-F48F2DDC5F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69CAE756-335E-4E02-83F9-B274D416775C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3784838-1A43-4C46-A730-4CB88594A449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F555CE26-6E23-4E7A-A138-6F675EA9BEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69071B74-471C-42C0-AF2D-2D278D355250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C501514-768D-4AC0-8797-152763F24F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2486C-5C39-40C7-B87B-969800F730C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5100F5C8-D5F8-466B-AABE-E42B3770B39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3C58EE-B36B-4081-A307-0FE9B52D8E62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue."
},
{
"lang": "es",
"value": "El protocolo SSL 3.0, utilizado en OpenSSL hasta 1.0.1i y otros productos, utiliza relleno (padding) CBC no determin\u00edstico, lo que facilita a los atacantes man-in-the-middle obtener datos de texto plano a trav\u00e9s de un ataque de relleno (padding) oracle, tambi\u00e9n conocido como el problema \"POODLE\"."
}
],
"id": "CVE-2014-3566",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2014-10-15T00:55:02.137",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0416.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59627"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60056"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60206"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60792"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60859"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61130"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61316"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61345"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61359"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61782"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61810"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61819"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61825"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61827"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61926"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61995"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/HT204244"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX200238"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3489"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/577193"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/70574"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031029"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031039"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031085"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031086"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031087"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031088"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031089"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031090"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031091"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031092"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031093"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031094"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031095"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031096"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031105"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031106"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031107"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031120"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031123"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031124"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031130"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031131"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031132"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-290A"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1232123"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa83"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mpgn/poodle-PoC"
},
{
"source": "secalert@redhat.com",
"url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT205217"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6527"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6529"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6531"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6541"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6542"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX216642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://technet.microsoft.com/library/security/3009008.aspx"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
},
{
"source": "secalert@redhat.com",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.elastic.co/blog/logstash-1-4-3-released"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/kb/doc.php?id=7015773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0416.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/HT204244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX200238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/577193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/70574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-290A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/1232123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa83"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mpgn/poodle-PoC"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT205217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT6542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX216642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://technet.microsoft.com/library/security/3009008.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://templatelab.com/ssl-poodle/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.elastic.co/blog/logstash-1-4-3-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/kb/doc.php?id=7015773"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-08-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:digital:ultrix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE8B41E9-5792-4ADA-A140-2E709321E147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not."
}
],
"id": "CVE-1999-1225",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-08-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/7526"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/7526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/347"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-01-09 23:03
Modified
2025-04-03 01:03
Severity ?
Summary
The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call."
}
],
"id": "CVE-2006-0145",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-09T23:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18388"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18712"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/405"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22293"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423827/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16173"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423827/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24035"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-10-03 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsd:bsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D44A9-2509-4F6F-8BAA-47482FBBD62C",
"versionEndIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80F6028A-5C2C-4AEF-A8CD-1FD638F89E0D",
"versionEndIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68034187-4362-4B1D-A1C5-01E9CA659C42",
"versionEndIncluding": "1.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue."
}
],
"id": "CVE-2001-0670",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-30.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/274043"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.com/errata28.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2001-147.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3252"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/alerts/advise94.php"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-30.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/274043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.com/errata28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2001-147.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/alerts/advise94.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7046"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-25 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to "integer rounding and overflow" errors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F7F02A-C845-40BF-8490-510A070000F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to \"integer rounding and overflow\" errors."
},
{
"lang": "es",
"value": "La funci\u00f3n ipalloc en libc /stdlib/malloc.c en jemalloc en libc para FreeBSD y NetBSD v6.4 no asignan correctamente la memoria, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes dependientes de contexto llevar a cabo ataques relacionados con la memoria, tales como desbordamientos de b\u00fafer a trav\u00e9s de un valor de tama\u00f1o grande, relacionado con errores de \"redondeo entero y desbordamiento\"."
}
],
"id": "CVE-2007-6754",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-25T19:55:01.633",
"references": [
{
"source": "cve@mitre.org",
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=167872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=167872"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-08-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname."
}
],
"id": "CVE-1999-0085",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-08-21T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/118"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-19 16:06
Modified
2025-04-03 01:03
Severity ?
Summary
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface."
}
],
"id": "CVE-2006-1833",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-19T16:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19585"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015907"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24577"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17496"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-12-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paul_vixie | vixie_cron | 3.0 | |
| bsdi | bsd_os | 2.1 | |
| freebsd | freebsd | 2.1.0 | |
| netbsd | netbsd | 2.0.4 | |
| redhat | linux | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paul_vixie:vixie_cron:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41EA671E-F3F2-464A-8FAB-6C9D8DB9E002",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable."
}
],
"id": "CVE-1999-0297",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-12-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-05 12:46
Modified
2025-04-03 01:03
Severity ?
Summary
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device."
}
],
"id": "CVE-2006-2205",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-05T12:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-014.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016004"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/25086"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-014.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17999"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-19 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23&content-type=text/x-cvsweb-markup | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/99255 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23&content-type=text/x-cvsweb-markup | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99255 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F25F328-22FC-4189-B04E-965F2864B051",
"versionEndIncluding": "7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions."
},
{
"lang": "es",
"value": "La funci\u00f3n qsort() de NetBSD es recursiva y no aleatorizada, por lo que un atacante puede construir un array de entrada patol\u00f3gica de elementos N que provoca que qsort() se repita inevitablemente N/4 veces. Esto permite que los atacantes consuman cantidades de memoria de pila arbitrarias y manipulen la memoria de pila para ayudar en los ataques de ejecuci\u00f3n de c\u00f3digo arbitrario. Esto afecta a NetBSD 7.1 y posiblemente a versiones anteriores."
}
],
"id": "CVE-2017-1000378",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-19T16:29:00.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23\u0026content-type=text/x-cvsweb-markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99255"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23\u0026content-type=text/x-cvsweb-markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-24 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24538806-F3EF-4736-A5BB-828A9A176FB7",
"versionEndIncluding": "1.0.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAA8918-A2CB-47A3-BEA5-012202416E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E7AC08B4-58AC-415A-9B66-40A1E3CCD0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "109D76F0-FB16-4DB5-8CD9-5FC4B7A888F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "D21A2797-A1E1-41D1-A4F9-88A6BDB39386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "A6F60D6F-5EED-4F98-B837-8DA704AE655E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FB0AE1-D1C1-49BA-92EB-22610F805C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF345E7-32E3-4AC2-AF59-2909BCD0F0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB8E9891-37F0-4A89-8313-3DF7B30D20C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre3:*:*:*:*:*:*:*",
"matchCriteriaId": "3503BC8E-04EB-4B8B-BCC5-257FBE275435",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre4:*:*:*:*:*:*:*",
"matchCriteriaId": "64733EB4-34AE-4BF6-BC42-5BEB171D02F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75803E7D-E4C4-429A-831D-E9BD35D3822F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF6AB58-64E1-4B6E-BE3A-F1EF3A4D6D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE4E7D4-64C3-401D-88BD-25480BB0353E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0DE75C61-AEB4-49FF-92F0-59BE2DC235A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.96pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "6341410D-6327-40CB-8E77-03715170957A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97-final:*:*:*:*:*:*:*",
"matchCriteriaId": "1664490B-CA34-44A3-8EEC-71A07799E870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C151E6E5-AC14-4C12-B1E4-4FDED6F5CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7E10AE-9B98-4801-91CD-F6EEC75B9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF21C85-76FC-463C-8661-60BE2D3CAC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.4:*:*:*:*:*:*:*",
"matchCriteriaId": "21110017-470F-4C38-B09F-8DF94E48EFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA24CD0-22DA-4689-981D-88FAA7FCC1C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1931478E-A672-4CF6-9BDC-B3C73B7DA5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4863E-76DA-4E38-B2C7-B30037633030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "82F13F0C-B2B7-4DBA-BEB0-4599CE2EE422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "11938621-40EA-4B68-B802-B793F3AAD990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7pre3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DAAE0EB-626A-42BD-A522-CAA026AF5BD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2139A56-05FC-468A-8BA4-D319FD878976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCE9F15-F266-4194-A328-BE7EB2D4CA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3055A8-D3BB-4A42-8A5A-848502C08CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre4:*:*:*:*:*:*:*",
"matchCriteriaId": "535B52FC-4573-42C7-A0F4-29B8B7BEFD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre5:*:*:*:*:*:*:*",
"matchCriteriaId": "0772C8AB-3290-4A18-8417-4EB248398478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98-final:*:*:*:*:*:*:*",
"matchCriteriaId": "BC466025-06CF-48F9-B57A-02FD4D62B472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57A8D91C-EEEB-4F76-8010-2CB174A9B091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1831F7D-7366-4775-9B70-832F3BAB23E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "4ADCEF99-E5A8-4890-B75D-5055F09EDA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.3:*:*:*:*:*:*:*",
"matchCriteriaId": "962C592B-1B02-49EE-9C82-2EA1B0F0F4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA327868-1A00-4BFE-AB29-3DBE57545EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.5:*:*:*:*:*:*:*",
"matchCriteriaId": "09575AA6-7F8C-4A9C-B781-C892B00C3035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3810E39-63C2-486A-9FFC-C7BBC6DCD455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.7:*:*:*:*:*:*:*",
"matchCriteriaId": "07E6BD24-3843-479E-9DD0-56C69F8A0B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF09FF7-82C8-4C1F-A9CB-245A7D11D2D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B687A9-8B0B-4059-B6F6-29D76440F054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99:*:*:*:*:*:*:*",
"matchCriteriaId": "41E823CA-D59A-404F-A064-25F557BEBD5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD057E44-D7B8-414C-A21D-DEC8753F0C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "ED1A7388-0878-492C-B89A-C732CCE3E6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1025C8-B056-4AA7-9976-5FD6AC51A012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D968FE34-54C4-4C06-8EB7-0537EDAAD6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "70D16075-5855-4448-B79D-8B7385EE0E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4CAD1DE8-7D55-4C0B-B691-E8D8AA6E2689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.4:*:*:*:*:*:*:*",
"matchCriteriaId": "70576B73-12AF-463B-96AB-18725ACDECFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.9:*:*:*:*:*:*:*",
"matchCriteriaId": "39F6EBD8-4BFD-49FC-A087-8698DB462880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99a:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED3D13F-D769-4668-AD31-9E9C6B4F1738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99b:*:*:*:*:*:*:*",
"matchCriteriaId": "7B02414C-C7CF-4719-ABCC-FB019C205163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0518387-8900-43BF-B592-EB9F725E9FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2044321-568E-4381-83EC-EBF9F0D46CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3737B53D-E0BC-430F-9B00-5F13C15E3EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF48827A-8F95-4D07-BB35-AD43A048072B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10DB2640-6C1B-4B95-998C-3737809C9E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4B5B69-85CF-40C8-BC79-C340A6445F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8992045B-1EC7-4254-966E-AECDAEFD950E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "14C4E0E1-FC73-4641-A7AC-47E25EAE251B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF00DCF7-A5B8-4B62-9F4F-EB2273589215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "947E46FD-1B9D-4F64-8C10-FF332796CFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E9F25-975E-4609-A741-F472CEB53265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2D76E5AE-B1D2-4362-915A-A6C15225F772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6BC5DF-3A1E-4B1F-87E9-857AE413841C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3928B3DD-CA7E-4204-A49A-7B6E1F973B47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "091BB6EB-7263-4DD2-8B57-B1FF73D61B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.13a:*:*:*:*:*:*:*",
"matchCriteriaId": "8622805C-1E49-45F5-8CB0-2C0ECD9E5F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C705AE7A-8F8B-49C1-BEA4-B1486AAE9E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AB8F16-5A30-4D85-A3E0-E8EECD5EEA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.16a:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB3C26B-945B-4C81-BF15-4E767B544A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.16b:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AD4259-CA7D-45D1-8459-F8D44165AC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.16c:*:*:*:*:*:*:*",
"matchCriteriaId": "866DF3B5-A364-4563-A883-D052DCD86C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "B76D15CD-FECF-435F-A7E4-54FE53638C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.17a:*:*:*:*:*:*:*",
"matchCriteriaId": "59FBF7FD-A6C9-46F0-8C9E-CF2098DCB8CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "8669B8EC-482D-44CD-B30E-7D83423E1BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B67A0244-D65F-4CCE-A084-31AD9A3D9B8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD2D751-2B85-428E-8766-36F92B338C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "579ECF9F-EBED-49BC-A804-86C71554D06C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "66DC1055-CD1D-48B3-9CC4-40F42C3490A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "F753B7E9-BC46-40AD-A6E6-638C91468756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2F7326-B11E-42AE-A0E4-E02CA9E0F9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "307B2193-1737-4FD5-B1E9-19DCB88443B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "42799518-1D12-4500-8E06-ED10D2239FCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "31411BEC-1326-4CC4-84FB-6DFCB0D3AFEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "D9247A4F-2E8A-43B6-8850-3A9A678AC0EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "524E4B4E-8D00-4078-AC99-250066F76B29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "730917F8-E1F4-4836-B05A-16B2BA5774DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del comando glob de Pure-FTPd en versiones anteriores a 1.0.32, y en libc de NetBSD 5.1, no expande apropiadamente las expresiones que contienen llaves, lo que permite a usuarios autenticados remotos provocar una denegaci\u00f3n de servicio (consumo de toda la memoria) a trav\u00e9s de un comando FTP STAT modificado."
}
],
"id": "CVE-2011-0418",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-24T23:55:01.653",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c#rev1.28"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=1.27\u0026r2=1.28\u0026f=h"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/97"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/securityalert/8228"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:094"
},
{
"source": "cret@cert.org",
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/47671"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/1273"
},
{
"source": "cret@cert.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c#rev1.28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=1.27\u0026r2=1.28\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/97"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/47671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/1273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704283"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2025-04-09 00:30
Severity ?
Summary
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:xdm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B856A744-AB2E-471B-B184-7B7D401146CA",
"versionEndIncluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D660F26B-C329-4F2D-8017-B9442FE8248D",
"versionEndIncluding": "current",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:alpha:*:*:*:*:*",
"matchCriteriaId": "87FD0350-38E2-46D3-B17F-6C3F9C3488A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:arm32:*:*:*:*:*",
"matchCriteriaId": "3DC541BB-95DF-4A31-998F-983255F8B485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5AB998EB-E5F3-414D-AA99-34DC7B32E870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "4319B741-4376-4EA2-9FEB-236C148D1514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "247ABD95-74CA-45B8-8729-3C35C9E11186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:arm32:*:*:*:*:*",
"matchCriteriaId": "1D4C44E8-075A-4B48-88DA-2CAC25CDF159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sh3:*:*:*:*:*",
"matchCriteriaId": "393738E7-93E1-4A37-817B-C023A9BD1DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "19D1E7AC-79B6-4136-ADB2-06BEE9773795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "E2EE8A19-8AB1-4283-95EA-9EE3C7E5DED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6FA1C84C-6624-4032-8D0E-5EBB054F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:arm32:*:*:*:*:*",
"matchCriteriaId": "06B9ADAD-ADDC-47AC-9924-B31B17DDF163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DC0D30E-DBF1-4FDB-80C0-80DB50D9E77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:x86:*:*:*:*:*",
"matchCriteriaId": "537FD523-1D44-4D85-AED1-C092E0155CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.99.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C5D200-B40F-458D-8216-A3C22B21B46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "32CF7469-6D2F-4E34-8013-7F0D3433D0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "11847B60-D66B-4386-940A-C53B11853E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"matchCriteriaId": "3F305CBD-4329-44DE-A85C-DE9FF371425E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E585DC-FC74-4BB0-96B7-C00B6DB610DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user\u0027s Xsession errors file, via a symlink attack on a /tmp/xses-$USER file."
},
{
"lang": "es",
"value": "La secuencia de comandos Xsession, tambien usado por X Display Manager (xdm) en NetBSD anterior a 12/02/2006, X.Org anterior a 17/03/2006, y Solaris 8 hasta la 10 anterior a 06/10/2006, permiten a un usuario local sobre escribir archivos de su elecci\u00f3n, o leer otros ficheros de errores de usuarios de Xsession, a trav\u00e9s de un ataque de enlaces simb\u00f3licos sobre un archivo/tmp/xses-$USER."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product updates:\r\nX.org, xdm, 2006-03-17\r\nNetBSD, NetBSD, Current 2006-02-12\r\nSun, Solaris, 10 2006-10-06",
"id": "CVE-2006-5215",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-10T04:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22992"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017015"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5898"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29427"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC18A69-28AC-4DED-AA9D-B050709A9D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A37987D-22F9-47AC-A07A-380F7E509BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8C0C82-749E-4837-88F8-FB56A753B094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD672FA-918D-48CB-BC03-4E412AF0DCCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netkit:linux_netkit:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3630EB-0966-49C2-9B59-368E5374A1C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netkit:linux_netkit:0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "62B7A341-D568-45DD-B4D7-18892DD19819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netkit:linux_netkit:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "65D5FAF4-4AE0-4657-B71A-3F3870E36192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63236405-1F33-43DD-ACF7-B6D9656E0987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "F25E27BA-F884-456B-9600-A4A0B8877A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7891202C-62AF-4590-9E5F-3514FDA2B38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4F7002-A525-4A66-BE8B-E50ABBF144B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:current:*:*:*:*:*:*",
"matchCriteriaId": "FE799983-DF99-428E-B560-321680C85A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1156954-25AD-45BE-AE49-9705ECD5BDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED84E66-CFD9-4DF8-9679-13457D340D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "A0A3F7B6-2878-40C0-B59C-EBA8D171D2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*",
"matchCriteriaId": "0EB09993-B837-4352-B09D-3656F62638A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0361EA35-FBD7-4E8F-8625-C8100ED7BB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "29EAA113-2404-4ABB-826B-3AA2AA858D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "E3F7EB61-55A5-4776-B0E7-3508920A6CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "A442DE97-4485-4D95-B95D-58947585E455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function."
}
],
"id": "CVE-2001-0554",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-14T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000413"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/advisories/3476"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/199496"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/199541"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/203000"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-21.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/l-131.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-070"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-075"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/809"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-099.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-100.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/197804"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3064"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/advisories/3476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/199496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/199541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/203000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/l-131.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-099.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-100.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/197804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-04 23:44
Modified
2025-04-09 00:30
Severity ?
Summary
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB279593-17D1-4A65-BF54-969B38B74B23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80F5B731-D5A7-4694-9B27-CEE1DCC810EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D5DB7BE-FC71-4ADE-8B9F-7EA401C8CA88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E2571E-D9EB-43CD-82DD-8C813FF8D5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "36F4618C-1408-4097-B97D-5F32DE6D01DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F558C40-D0DA-4700-95DA-DF1322C020E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "64F8F30B-E4B8-4745-AFFA-8FD620E61994",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBE8937-E1BD-4601-AF1C-6DD20BB132AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D676C769-17D1-48B2-98F4-AC3BDF2C882B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBD3CB7-D88A-4868-A6AD-0717A8A989EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C79071BA-D3FB-4FDF-96A1-477BA88C3E6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"matchCriteriaId": "6F4AC452-6042-409D-8673-ACAD108EE3B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*",
"matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"matchCriteriaId": "9BCD9C12-EDAB-473F-9CC5-04F06B413720",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"matchCriteriaId": "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*",
"matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"matchCriteriaId": "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"matchCriteriaId": "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*",
"matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"matchCriteriaId": "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"matchCriteriaId": "AFDA151E-E614-4A24-A34D-B6D5309110CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*",
"matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p7:*:*:*:*:*:*",
"matchCriteriaId": "B19BEAB3-8BED-422F-B228-240269CB0704",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "A8ED2959-64AA-487E-AA11-72595A6FAA04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*",
"matchCriteriaId": "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "860BABDE-4266-4476-96F9-397DAD23C841",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*",
"matchCriteriaId": "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*",
"matchCriteriaId": "6E21E50A-A368-4487-A791-87366CC5C86E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*",
"matchCriteriaId": "43E84296-9B5C-4623-A2C4-431D76FC2765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9CA0AC-29ED-4C86-AB6C-DCAE28FC1BB5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*",
"matchCriteriaId": "E18328E2-3CB5-4D36-8EA3-77DD909B46A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*",
"matchCriteriaId": "EF73D76B-FBB8-4D10-8393-9FAF53392A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*",
"matchCriteriaId": "F177AE1C-58C2-4575-807C-ABFFC5119FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11_p20_release:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EFFC9A-016A-496B-A109-919189A9C808",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11_release:*:*:*:*:*:*:*",
"matchCriteriaId": "73E6E5C5-F80A-423D-BD93-BA837E808A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "15C4D826-A419-45F5-B91C-1445DB480916",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "8E4BC012-ADE4-468F-9A25-261CD8055694",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*",
"matchCriteriaId": "0D6428EB-5E1A-41CB-979C-4C9402251D8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "2DCA9879-C9F5-475A-8EC9-04D151001C8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "0A94132F-4C47-49CC-B03C-8756613E9A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*",
"matchCriteriaId": "3F629879-66F0-427B-86D8-D740E0E3F6E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "C89129C5-A1DB-4018-B43A-C60C8E650080",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "60F7B4A9-4036-4061-8F3D-BDC3F1282EC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5_release:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA9754D-773C-432E-8E74-52FDC83FF279",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5_stable:*:*:*:*:*:*:*",
"matchCriteriaId": "E8812D60-F669-4EA3-AF4E-6329EF625E38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:release:*:*:*:*:*:*",
"matchCriteriaId": "CCE4F2E6-2286-4D87-ADD7-7E999B4E5620",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*",
"matchCriteriaId": "C07C3BEF-8D6A-4F23-96DE-AFE4369D08EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0_p5_release:*:*:*:*:*:*:*",
"matchCriteriaId": "67FDB43C-84D1-4B45-BFB9-340F3687A22F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4416CBA-76B9-4051-B015-F1BE89517309",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:release:*:*:*:*:*:*",
"matchCriteriaId": "8C64EE9C-18E1-49C6-96DE-7E6F1607C0D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:release_p10:*:*:*:*:*:*",
"matchCriteriaId": "B36B3805-8A85-4357-ABC1-AB22C61E3381",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "231B70A8-890A-4790-A33A-64228656BF0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9118B602-3FB6-4701-AC09-763DD48334BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "589B62B4-FAA3-4F58-8104-EF84FEAFFB65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "72C2BE9D-91E1-48E9-9326-39CF583A57E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "42231BCC-2B90-4196-A1C2-408A353C1BEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "F06B831E-D8F2-4380-B279-559CE103210F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACC9072-4A33-4F1F-B790-2F9D5A52F71B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECF9E5F-AF38-42B9-8B49-6C254394CDFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E59D3682-22E1-40C4-AC65-079005FB6194",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3D95D05C-4FE1-4408-B8B8-5C5932800385",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "FCB9E9F8-7C6B-4BC7-A593-A11B9D6F0B35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F4B6E29-B74F-45FF-AEB1-A118753F8E3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAE2873-0028-4744-B64E-8E2EA30447F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "783973F9-2A6E-4DDF-A64C-7794FFD0B7B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16C117F3-3684-4683-9F9E-CEDD5B88F9CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cosmicperl:directory_pro:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D185E-D235-4731-A092-B667DC6FCBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:darwin:darwin:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80D58C3E-4F5D-42A0-95AA-25E0EAEBFCF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:darwin:darwin:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4268605-39FE-49E0-ABC9-27DEA359779E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:navision:financials_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B70D3E5-924C-4AB7-ABF7-6273DE325007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka \"Algorithm X3\"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD\u0027s modification of BIND."
},
{
"lang": "es",
"value": "Cierto algoritmo generador de n\u00fameros pseudo-aleatorios(PRNG) que usa XOR y alterna en saltos de 3-bit (tambi\u00e9n conocido com o\"algoritmo X3\"), usado en OpenBSD de la v2.8 a la 4.2, permite a atacantes remotos adivinar datos sensibles como los IDs de una transacci\u00f3n DNS, observando una secuencia de datos generada previamente. NOTA: esta cuesti\u00f3n puede ser aprovechado por ataques como el envenenamiento de la cach\u00e9 DNS contra la modificaci\u00f3n BIND en OpenBDS."
}
],
"id": "CVE-2008-1146",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-03-04T23:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28819"
},
{
"source": "cve@mitre.org",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27647"
},
{
"source": "cve@mitre.org",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-07-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 6.2 | |
| linux | linux_kernel | 2.6.20.1 | |
| microsoft | windows_nt | * | |
| netbsd | netbsd | 2.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Listening TCP ports are sequentially allocated, allowing spoofing attacks."
}
],
"id": "CVE-1999-0074",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-07-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0074"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-16 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49AF042F-5047-4FA2-B20C-65B2C6EBEA5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element."
},
{
"lang": "es",
"value": "libprop/prop_object.c en proplib en NetBSD v4.0 y v4.0.1 permite a los usuarios locales causar una denegaci\u00f3n de servicio (puntero NULO desreferenciado y p\u00e1nico del kernel) a trav\u00e9s de un plist externalizada malformada (formulario XML) conteniendo un elemento no definido."
}
],
"id": "CVE-2009-2483",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-16T16:30:00.467",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/55285"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35556"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35466"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022431"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/55285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51311"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2422569B-02ED-4028-83D8-D778657596B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E66E4653-1A55-4827-888B-E0776E32ED28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6C8994CB-7F94-43FB-8B84-06AEBB34EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F87AA89-F377-4BEB-B69F-809F5DA6176C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C27AF62E-A026-43E9-89E6-CD807CE9DF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "79C2AE0E-DAE8-4443-B33F-6ABA9019AA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D343B121-C007-49F8-9DE8-AA05CE58FF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3A0370A2-0A23-4E34-A2AC-8D87D051B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5738D628-0B2D-4F56-9427-2009BFCB6C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "169446DE-67F8-4738-91FE-ED8058118F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "93F0834D-C5EA-4C96-8D6C-3123ECF78F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5D9F976B-1328-40FE-A1F2-C1DF3F836604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*",
"matchCriteriaId": "10E1B011-8D20-448E-9DD5-023DD30D1FE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*",
"matchCriteriaId": "2A29A4BC-0442-458E-A874-BF0D0F2870FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "04F25DE0-CA8E-4F57-87A5-C30D89CC9E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F87F764B-4097-44FA-B96E-A5DA75E31F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D7025803-C679-44DB-ADEE-864E6CAAD9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*",
"matchCriteriaId": "24B879D6-4631-49A8-9366-75577DFB755D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "390B1E09-7014-4A74-834C-806BBEBAF6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0FB5CF04-B5B6-4DFB-B051-61EDA257019F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:current:*:*:*:*:*:*:*",
"matchCriteriaId": "F30E9234-481B-41BC-BFC2-9E9773DEE65C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka \"settimeofday() time wrap.\""
}
],
"id": "CVE-2005-4352",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25691"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015454"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/421426/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16170"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/421426/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24036"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-12-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | inet | 5.01 | |
| gnu | inet | 6.01 | |
| gnu | inet | 6.02 | |
| washington_university | wu-ftpd | 2.4 | |
| caldera | openlinux | 1.2 | |
| freebsd | freebsd | 1.0 | |
| freebsd | freebsd | 1.1 | |
| freebsd | freebsd | 1.2 | |
| freebsd | freebsd | 2.0 | |
| freebsd | freebsd | 2.1.0 | |
| freebsd | freebsd | 2.1.7 | |
| ibm | aix | 3.2 | |
| ibm | aix | 4.1 | |
| ibm | aix | 4.2 | |
| ibm | aix | 4.3 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| sco | open_desktop | 3.0 | |
| sco | openserver | 5.0.4 | |
| sco | unixware | 2.1 | |
| siemens | reliant_unix | * | |
| sun | sunos | 4.1.3u1 | |
| sun | sunos | 4.1.4 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:inet:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "679EB37A-DC20-4EB0-BF1E-664BF53AC054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:inet:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF8F484-F5AA-4834-B976-764B2488F377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:inet:6.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C692D0C5-BCF4-4C68-B7DF-EDCE4A55F1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A86BB4F6-210F-448A-A3CB-127BEB5BD0D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44EFD22E-02C9-4B80-8934-A9AC8DD858CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B4D4A5-25EB-48FE-BDFD-A274CE802648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A037F1-98AD-47CC-8D83-B42666E1B61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4F7002-A525-4A66-BE8B-E50ABBF144B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "035FBF8B-EB91-4211-9979-8A9E913A54A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:reliant_unix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2C5456-FF11-403E-B67E-5961278D812A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1BA107-F2D3-4F13-82EC-4576C429E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "D1DEB967-BD3E-4CCF-B53F-3927454FA689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "1C89DF53-2038-487A-A08F-8D705B7BFB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "C82E90A7-C5D7-4DFC-8FF5-4EFAF30C790B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
}
],
"id": "CVE-1999-0017",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-12-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-10-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:advanced_message_server:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FABD33DF-FEC4-4519-B2ED-4E498A7329FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:advanced_message_server:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2455BE6E-7540-4545-B40A-0366BDA6AE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA16C02-3B8D-4188-898E-048A93F11ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF12CC4-C9CD-479A-8F85-8F947B5B60A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "623A2E07-2122-4ADE-9932-011DCA4396A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C563EF-FDED-4193-A66A-06527878BB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A267D3-2F49-4E61-B2C9-D8ED2265665E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7199205A-B914-40A1-9C82-A9698511E3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC468AB-8B18-4169-8040-614A32444732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D30A1136-074A-460D-9794-DDD530626800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1D6A40-5DD1-481C-AF85-85705FCE3680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_pro:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9371E42-3A43-4E60-9C03-841B5901AF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_pro:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E172E270-E0EE-49C6-AEF7-B533CD88F67D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5492A89B-8140-4CF7-BE81-09C25A64373A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A6D5AF-2134-4EC5-B53A-CE95B5505325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5FE819-E570-4AEE-BF0C-B9B1960A1AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "913AF73A-F6DE-4FAF-8A09-02CD33784B27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "661A9B85-09EE-4D38-9160-8EEA6BE07BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F28941D4-7D1E-4BF9-8E2F-C951978424E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD930C49-512B-4114-8A97-80B1816CFCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8553E3-578B-4BE3-BBAD-5589338586E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7EE5C8E-8E2E-4C98-B8C5-B590E44B1EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3930ED-DE49-4F01-A904-5D66E34832F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A51855-94DD-4F2E-BFF8-4ABE4613F962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56B76FFE-90CB-4C11-9E9D-FFA896482628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74C77927-A67A-4C1B-BB80-18148E1F0FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D22E3-18F8-42F9-993E-81E832B0B125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7BABB5CA-26F4-4DB6-9D43-1C82751DCCA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F323395B-4549-4B54-8BBF-66B1B1B3F563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69E4BDC1-7750-4B35-88E1-F8449D255114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63D8C8D6-8EC1-4B64-996C-636ECD78E7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC0256B-3962-433A-9FAC-37FFAE43E888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4844D5C-3859-47B1-9A71-CEA2053E2213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A \"potential buffer overflow in ruleset parsing\" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences."
},
{
"lang": "es",
"value": "Un \"desbordamiento de b\u00fafer potencial en el an\u00e1lisis de reglas\" (ruleset parsing) en Sendmail 8.12.9 cuando se usan los conjuntos de reglas no est\u00e1ndar: (1) receptor, (2) final, o (3) receptores de envoltorio espec\u00edficos del enviador de correo, tienen consecuencias desconocidas."
}
],
"id": "CVE-2003-0681",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-10-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/108964"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8649"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13216"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3606"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/108964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A595"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:sh3:*:*:*:*:*",
"matchCriteriaId": "393738E7-93E1-4A37-817B-C023A9BD1DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine."
}
],
"id": "CVE-2001-0734",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-008.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2810"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-008.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6637"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-01-05 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| digital | unix | 3.2g | |
| digital | unix | 4.0 | |
| digital | unix | 4.0a | |
| digital | unix | 4.0b | |
| digital | unix | 4.0c | |
| digital | unix | 4.0d | |
| freebsd | freebsd | 1.1.5.1 | |
| freebsd | freebsd | 2.0.5 | |
| freebsd | freebsd | 2.1.0 | |
| freebsd | freebsd | 2.1.5 | |
| freebsd | freebsd | 2.1.6 | |
| freebsd | freebsd | 2.1.7.1 | |
| freebsd | freebsd | 2.2.2 | |
| freebsd | freebsd | 2.2.3 | |
| freebsd | freebsd | 2.2.4 | |
| hp | hp-ux | 10.20 | |
| hp | hp-ux | 11.00 | |
| ibm | aix | 3.1 | |
| ibm | aix | 3.2 | |
| ibm | aix | 3.2.4 | |
| ibm | aix | 3.2.5 | |
| linux | linux_kernel | 2.0 | |
| linux | linux_kernel | 2.1 | |
| netbsd | netbsd | 1.2 | |
| sun | solaris | 2.4 | |
| sun | solaris | 2.5 | |
| sun | solaris | 2.5.1 | |
| sun | solaris | 2.5.1 | |
| sun | solaris | 2.6 | |
| sun | sunos | - | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:digital:unix:3.2g:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4B2280-5114-4CBD-9B06-221BD9CE4229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "781D13E2-35BB-4D58-A68F-86401D08D438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "07476CFD-859F-4AD7-8514-130E7A86BAE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0c:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F097D7-CD52-44FC-851C-7DB42E57DCB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "8C250283-4343-4569-A6EA-988FB7319AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE321D29-3312-4F22-B930-1B119DA4BD27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96A6EE7E-C79C-4B25-AFF0-C6638CB3C99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A2912-12AC-4DF1-8023-A0B7DBE9A866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "54AF87E4-52A4-44CA-B48E-A5BB139E6410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service."
}
],
"id": "CVE-1999-0513",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-01-05T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-18 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netbsd | netbsd | * | |
| netbsd | netbsd | 0.8 | |
| netbsd | netbsd | 0.9 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| netbsd | netbsd | 1.6.1 | |
| netbsd | netbsd | 1.6.2 | |
| netbsd | netbsd | 2.0 | |
| netbsd | netbsd | 2.0.1 | |
| netbsd | netbsd | 2.0.2 | |
| netbsd | netbsd | 2.0.3 | |
| netbsd | netbsd | 2.1 | |
| netbsd | netbsd | 3.0 | |
| netbsd | netbsd | 3.0.1 | |
| netbsd | netbsd | 3.0.2 | |
| netbsd | netbsd | 3.1 | |
| netbsd | netbsd | 4.0 | |
| netbsd | netbsd | 4.0.1 | |
| netbsd | netbsd | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB5BE84-628A-4845-92C7-E20ADEE7E904",
"versionEndIncluding": "5.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "555181C9-75B1-427B-BF36-47C7D969DCC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC89BD6-8376-4C8D-A120-1430D8CA113F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49AF042F-5047-4FA2-B20C-65B2C6EBEA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits."
},
{
"lang": "es",
"value": "El kernel en NetBSD, posiblemente 5.0.1 y anteriores, en plataformas x86 no gestiona adecuadamente el fallo de preasignaci\u00f3n de la instrucci\u00f3n \"iret\", lo que permitir\u00eda a usuarios locales conseguir privilegios a trav\u00e9s de vectores relacionados con la variable de pseudoc\u00f3digo tempEIP que esta fuera de los limites de segmento de c\u00f3digo."
}
],
"id": "CVE-2009-2793",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-18T22:30:00.530",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/506531/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/506531/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-20 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en ptrace en \r\nNetBSD-current versiones anteriores a 20061027, NetBSD 3.0 y 3.0.1 versiones anteriores a 20061027, y NetBSD 2.x versiones anteriores a 20061019, permite a usuarios locales leer la memoria del kernel y obtener informaci\u00f3n confidencial mediante manipulaciones concretas de peticiones PT_LWPINFO, lo que conduce a fugas de memoria y de informaci\u00f3n."
}
],
"id": "CVE-2006-6656",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-20T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017292"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-20 17:59
Modified
2025-04-09 00:30
Severity ?
Summary
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bsd | bsd | - | |
| bsd | bsd | 4.1 | |
| bsd | bsd | 4.2 | |
| bsd | bsd | 4.3 | |
| bsd | bsd | 4.4 | |
| bsdi | bsd_os | - | |
| bsdi | bsd_os | 1.1 | |
| bsdi | bsd_os | 2.0 | |
| bsdi | bsd_os | 2.0.1 | |
| bsdi | bsd_os | 2.1 | |
| bsdi | bsd_os | 3.0 | |
| bsdi | bsd_os | 3.1 | |
| bsdi | bsd_os | 3.2 | |
| bsdi | bsd_os | 4.0 | |
| bsdi | bsd_os | 4.0.1 | |
| bsdi | bsd_os | 4.1 | |
| bsdi | bsd_os | 4.2 | |
| cisco | ios | - | |
| cisco | ios | 4.1 | |
| cisco | ios | 4.1.1 | |
| cisco | ios | 4.1.2 | |
| cisco | ios | 8.2 | |
| cisco | ios | 8.3 | |
| cisco | ios | 9.0 | |
| cisco | ios | 9.1 | |
| cisco | ios | 9.14 | |
| cisco | ios | 10.0 | |
| cisco | ios | 10.3 | |
| cisco | ios | 10.3\(3.3\) | |
| cisco | ios | 10.3\(3.4\) | |
| cisco | ios | 10.3\(4.2\) | |
| cisco | ios | 10.3\(4.3\) | |
| cisco | ios | 10.3\(16\) | |
| cisco | ios | 10.3\(19a\) | |
| cisco | ios | 11 | |
| cisco | ios | 11.0 | |
| cisco | ios | 11.0\(12\) | |
| cisco | ios | 11.0\(17\) | |
| cisco | ios | 11.0\(17\)bt | |
| cisco | ios | 11.0\(18\) | |
| cisco | ios | 11.0\(20.3\) | |
| cisco | ios | 11.0\(22a\) | |
| cisco | ios | 11.0\(22b\) | |
| cisco | ios | 11.0\(x\) | |
| cisco | ios | 11.0.12\(a\)bt | |
| cisco | ios | 11.1 | |
| cisco | ios | 11.1\(5\) | |
| cisco | ios | 11.1\(7\) | |
| cisco | ios | 11.1\(7\)aa | |
| cisco | ios | 11.1\(7\)ca | |
| cisco | ios | 11.1\(9\)ia | |
| cisco | ios | 11.1\(11\) | |
| cisco | ios | 11.1\(12\) | |
| cisco | ios | 11.1\(13\) | |
| cisco | ios | 11.1\(13\)aa | |
| cisco | ios | 11.1\(13\)ca | |
| cisco | ios | 11.1\(13\)ia | |
| cisco | ios | 11.1\(14\) | |
| cisco | ios | 11.1\(15\) | |
| cisco | ios | 11.1\(15\)aa | |
| cisco | ios | 11.1\(15\)ca | |
| cisco | ios | 11.1\(15\)ia | |
| cisco | ios | 11.1\(16\) | |
| cisco | ios | 11.1\(16\)aa | |
| cisco | ios | 11.1\(16\)ia | |
| cisco | ios | 11.1\(17\) | |
| cisco | ios | 11.1\(17\)cc | |
| cisco | ios | 11.1\(17\)ct | |
| cisco | ios | 11.1\(18\) | |
| cisco | ios | 11.1\(20\)aa4 | |
| cisco | ios | 11.1\(22\) | |
| cisco | ios | 11.1\(24\) | |
| cisco | ios | 11.1\(24a\) | |
| cisco | ios | 11.1\(24b\) | |
| cisco | ios | 11.1\(24c\) | |
| cisco | ios | 11.1\(28a\)ct | |
| cisco | ios | 11.1\(28a\)ia | |
| cisco | ios | 11.1\(36\)ca2 | |
| cisco | ios | 11.1\(36\)ca4 | |
| cisco | ios | 11.1\(36\)cc2 | |
| cisco | ios | 11.1\(36\)cc4 | |
| cisco | ios | 11.1aa | |
| cisco | ios | 11.1ca | |
| cisco | ios | 11.1cc | |
| cisco | ios | 11.1ct | |
| cisco | ios | 11.1ia | |
| cisco | ios | 11.2 | |
| cisco | ios | 11.2\(4\) | |
| cisco | ios | 11.2\(4\)f | |
| cisco | ios | 11.2\(4\)f1 | |
| cisco | ios | 11.2\(4\)xa | |
| cisco | ios | 11.2\(4\)xaf | |
| cisco | ios | 11.2\(8\) | |
| cisco | ios | 11.2\(8\)p | |
| cisco | ios | 11.2\(8\)sa1 | |
| cisco | ios | 11.2\(8\)sa3 | |
| cisco | ios | 11.2\(8\)sa5 | |
| cisco | ios | 11.2\(8.2\)sa6 | |
| cisco | ios | 11.2\(8.9\)sa6 | |
| cisco | ios | 11.2\(9\)p | |
| cisco | ios | 11.2\(9\)xa | |
| cisco | ios | 11.2\(10\) | |
| cisco | ios | 11.2\(10\)bc | |
| cisco | ios | 11.2\(11\) | |
| cisco | ios | 11.2\(11b\)t2 | |
| cisco | ios | 11.2\(14\)gs2 | |
| cisco | ios | 11.2\(15\)g | |
| cisco | ios | 11.2\(15a\)p | |
| cisco | ios | 11.2\(15b\) | |
| cisco | ios | 11.2\(16\) | |
| cisco | ios | 11.2\(16\)p | |
| cisco | ios | 11.2\(17\) | |
| cisco | ios | 11.2\(18\) | |
| cisco | ios | 11.2\(19\)gs0.2 | |
| cisco | ios | 11.2\(19a\)gs6 | |
| cisco | ios | 11.2\(23a\)bc1 | |
| cisco | ios | 11.2\(26\)p2 | |
| cisco | ios | 11.2\(26\)p5 | |
| cisco | ios | 11.2\(26a\) | |
| cisco | ios | 11.2\(26b\) | |
| cisco | ios | 11.2\(26e\) | |
| cisco | ios | 11.2bc | |
| cisco | ios | 11.2f | |
| cisco | ios | 11.2gs | |
| cisco | ios | 11.2p | |
| cisco | ios | 11.2sa | |
| cisco | ios | 11.2wa3 | |
| cisco | ios | 11.2wa4 | |
| cisco | ios | 11.2xa | |
| cisco | ios | 11.3 | |
| cisco | ios | 11.3\(1\) | |
| cisco | ios | 11.3\(1\)ed | |
| cisco | ios | 11.3\(1\)t | |
| cisco | ios | 11.3\(2\)xa | |
| cisco | ios | 11.3\(7\)db1 | |
| cisco | ios | 11.3\(8\)db2 | |
| cisco | ios | 11.3\(8\)t1 | |
| cisco | ios | 11.3\(11\)b | |
| cisco | ios | 11.3\(11b\) | |
| cisco | ios | 11.3\(11b\)t2 | |
| cisco | ios | 11.3\(11c\) | |
| cisco | ios | 11.3\(11d\) | |
| cisco | ios | 11.3aa | |
| cisco | ios | 11.3da | |
| cisco | ios | 11.3db | |
| cisco | ios | 11.3ha | |
| cisco | ios | 11.3ma | |
| cisco | ios | 11.3na | |
| cisco | ios | 11.3t | |
| cisco | ios | 11.3wa4 | |
| cisco | ios | 11.3xa | |
| cisco | ios | 12.0 | |
| cisco | ios | 12.0\(1\) | |
| cisco | ios | 12.0\(1\)s | |
| cisco | ios | 12.0\(1\)st | |
| cisco | ios | 12.0\(1\)w | |
| cisco | ios | 12.0\(1\)xa3 | |
| cisco | ios | 12.0\(1\)xb | |
| cisco | ios | 12.0\(1\)xe | |
| cisco | ios | 12.0\(2\) | |
| cisco | ios | 12.0\(2\)xc | |
| cisco | ios | 12.0\(2\)xd | |
| cisco | ios | 12.0\(2\)xe | |
| cisco | ios | 12.0\(2\)xf | |
| cisco | ios | 12.0\(2\)xg | |
| cisco | ios | 12.0\(2a\) | |
| cisco | ios | 12.0\(2b\) | |
| cisco | ios | 12.0\(3\) | |
| cisco | ios | 12.0\(3\)t2 | |
| cisco | ios | 12.0\(3\)xe | |
| cisco | ios | 12.0\(3.2\) | |
| cisco | ios | 12.0\(3.3\)s | |
| cisco | ios | 12.0\(3.4\)t | |
| cisco | ios | 12.0\(3.6\)w5\(9.0.5\) | |
| cisco | ios | 12.0\(3d\) | |
| cisco | ios | 12.0\(4\) | |
| cisco | ios | 12.0\(4\)s | |
| cisco | ios | 12.0\(4\)t | |
| cisco | ios | 12.0\(4\)xe | |
| cisco | ios | 12.0\(4\)xe1 | |
| cisco | ios | 12.0\(4\)xm | |
| cisco | ios | 12.0\(4\)xm1 | |
| cisco | ios | 12.0\(5\) | |
| cisco | ios | 12.0\(5\)s | |
| cisco | ios | 12.0\(5\)t | |
| cisco | ios | 12.0\(5\)t1 | |
| cisco | ios | 12.0\(5\)t2 | |
| cisco | ios | 12.0\(5\)wc | |
| cisco | ios | 12.0\(5\)wc2 | |
| cisco | ios | 12.0\(5\)wc2b | |
| cisco | ios | 12.0\(5\)wc3 | |
| cisco | ios | 12.0\(5\)wc3b | |
| cisco | ios | 12.0\(5\)wc5a | |
| cisco | ios | 12.0\(05\)wc8 | |
| cisco | ios | 12.0\(5\)wc9 | |
| cisco | ios | 12.0\(5\)wc9a | |
| cisco | ios | 12.0\(5\)wc11 | |
| cisco | ios | 12.0\(5\)wc13 | |
| cisco | ios | 12.0\(5\)wx | |
| cisco | ios | 12.0\(5\)xe | |
| cisco | ios | 12.0\(5\)xk | |
| cisco | ios | 12.0\(5\)xk2 | |
| cisco | ios | 12.0\(5\)xn | |
| cisco | ios | 12.0\(5\)xn1 | |
| cisco | ios | 12.0\(5\)xs | |
| cisco | ios | 12.0\(5\)xu | |
| cisco | ios | 12.0\(5\)yb4 | |
| cisco | ios | 12.0\(5.1\)xp | |
| cisco | ios | 12.0\(5.2\)xu | |
| cisco | ios | 12.0\(5.3\)wc1 | |
| cisco | ios | 12.0\(5.4\)wc1 | |
| cisco | ios | 12.0\(5a\)e | |
| cisco | ios | 12.0\(6\) | |
| cisco | ios | 12.0\(6b\) | |
| cisco | ios | 12.0\(7\)db2 | |
| cisco | ios | 12.0\(7\)dc1 | |
| cisco | ios | 12.0\(7\)s1 | |
| cisco | ios | 12.0\(7\)sc | |
| cisco | ios | 12.0\(7\)t | |
| cisco | ios | 12.0\(7\)t2 | |
| cisco | ios | 12.0\(7\)t3 | |
| cisco | ios | 12.0\(7\)wx5\(15a\) | |
| cisco | ios | 12.0\(7\)xe | |
| cisco | ios | 12.0\(7\)xe2 | |
| cisco | ios | 12.0\(7\)xf | |
| cisco | ios | 12.0\(7\)xf1 | |
| cisco | ios | 12.0\(7\)xk | |
| cisco | ios | 12.0\(7\)xk2 | |
| cisco | ios | 12.0\(7\)xk3 | |
| cisco | ios | 12.0\(7\)xv | |
| cisco | ios | 12.0\(7.4\)s | |
| cisco | ios | 12.0\(7a\) | |
| cisco | ios | 12.0\(8\) | |
| cisco | ios | 12.0\(8\)s1 | |
| cisco | ios | 12.0\(8.0.2\)s | |
| cisco | ios | 12.0\(8.3\)sc | |
| cisco | ios | 12.0\(8a\) | |
| cisco | ios | 12.0\(9\) | |
| cisco | ios | 12.0\(9\)s | |
| cisco | ios | 12.0\(9\)s8 | |
| cisco | ios | 12.0\(9a\) | |
| cisco | ios | 12.0\(10\) | |
| cisco | ios | 12.0\(10\)s3b | |
| cisco | ios | 12.0\(10\)s7 | |
| cisco | ios | 12.0\(10\)s8 | |
| cisco | ios | 12.0\(10\)w5 | |
| cisco | ios | 12.0\(10\)w5\(18f\) | |
| cisco | ios | 12.0\(10\)w5\(18g\) | |
| cisco | ios | 12.0\(10a\) | |
| cisco | ios | 12.0\(11\)s6 | |
| cisco | ios | 12.0\(11\)st4 | |
| cisco | ios | 12.0\(11a\) | |
| cisco | ios | 12.0\(12\) | |
| cisco | ios | 12.0\(12\)s3 | |
| cisco | ios | 12.0\(12\)s4 | |
| cisco | ios | 12.0\(12a\) | |
| cisco | ios | 12.0\(13\)s6 | |
| cisco | ios | 12.0\(13\)s8 | |
| cisco | ios | 12.0\(13\)w5\(19c\) | |
| cisco | ios | 12.0\(13\)wt6\(1\) | |
| cisco | ios | 12.0\(13a\) | |
| cisco | ios | 12.0\(14\) | |
| cisco | ios | 12.0\(14\)s7 | |
| cisco | ios | 12.0\(14\)s8 | |
| cisco | ios | 12.0\(14\)st | |
| cisco | ios | 12.0\(14\)st3 | |
| cisco | ios | 12.0\(14\)w5\(20\) | |
| cisco | ios | 12.0\(14a\) | |
| cisco | ios | 12.0\(15\)s | |
| cisco | ios | 12.0\(15\)s3 | |
| cisco | ios | 12.0\(15\)s6 | |
| cisco | ios | 12.0\(15\)s7 | |
| cisco | ios | 12.0\(15\)sc | |
| cisco | ios | 12.0\(15\)sl | |
| cisco | ios | 12.0\(15a\) | |
| cisco | ios | 12.0\(16\)s | |
| cisco | ios | 12.0\(16\)s8 | |
| cisco | ios | 12.0\(16\)s8a | |
| cisco | ios | 12.0\(16\)s10 | |
| cisco | ios | 12.0\(16\)sc | |
| cisco | ios | 12.0\(16\)sc3 | |
| cisco | ios | 12.0\(16\)st | |
| cisco | ios | 12.0\(16\)st1 | |
| cisco | ios | 12.0\(16\)w5\(21\) | |
| cisco | ios | 12.0\(16.06\)s | |
| cisco | ios | 12.0\(16a\) | |
| cisco | ios | 12.0\(17\) | |
| cisco | ios | 12.0\(17\)s | |
| cisco | ios | 12.0\(17\)s4 | |
| cisco | ios | 12.0\(17\)s7 | |
| cisco | ios | 12.0\(17\)sl | |
| cisco | ios | 12.0\(17\)sl2 | |
| cisco | ios | 12.0\(17\)sl6 | |
| cisco | ios | 12.0\(17\)sl9 | |
| cisco | ios | 12.0\(17\)st1 | |
| cisco | ios | 12.0\(17\)st5 | |
| cisco | ios | 12.0\(17\)st8 | |
| cisco | ios | 12.0\(17a\) | |
| cisco | ios | 12.0\(18\)s | |
| cisco | ios | 12.0\(18\)s5 | |
| cisco | ios | 12.0\(18\)s5a | |
| cisco | ios | 12.0\(18\)s7 | |
| cisco | ios | 12.0\(18\)sl | |
| cisco | ios | 12.0\(18\)st1 | |
| cisco | ios | 12.0\(18\)w5\(22b\) | |
| cisco | ios | 12.0\(18b\) | |
| cisco | ios | 12.0\(19\) | |
| cisco | ios | 12.0\(19\)s | |
| cisco | ios | 12.0\(19\)s2 | |
| cisco | ios | 12.0\(19\)s2a | |
| cisco | ios | 12.0\(19\)s4 | |
| cisco | ios | 12.0\(19\)sl | |
| cisco | ios | 12.0\(19\)sl4 | |
| cisco | ios | 12.0\(19\)sp | |
| cisco | ios | 12.0\(19\)st | |
| cisco | ios | 12.0\(19\)st2 | |
| cisco | ios | 12.0\(19\)st6 | |
| cisco | ios | 12.0\(19a\) | |
| cisco | ios | 12.0\(20\)sl | |
| cisco | ios | 12.0\(20\)sp | |
| cisco | ios | 12.0\(20\)sp1 | |
| cisco | ios | 12.0\(20\)st2 | |
| cisco | ios | 12.0\(20\)st6 | |
| cisco | ios | 12.0\(20\)st7 | |
| cisco | ios | 12.0\(20\)sx | |
| cisco | ios | 12.0\(20\)w5\(22b\) | |
| cisco | ios | 12.0\(20.4\)sp | |
| cisco | ios | 12.0\(20a\) | |
| cisco | ios | 12.0\(21\)s | |
| cisco | ios | 12.0\(21\)s1 | |
| cisco | ios | 12.0\(21\)s3 | |
| cisco | ios | 12.0\(21\)s4a | |
| cisco | ios | 12.0\(21\)s5a | |
| cisco | ios | 12.0\(21\)s6 | |
| cisco | ios | 12.0\(21\)s7 | |
| cisco | ios | 12.0\(21\)sl | |
| cisco | ios | 12.0\(21\)st | |
| cisco | ios | 12.0\(21\)st6 | |
| cisco | ios | 12.0\(21\)st7 | |
| cisco | ios | 12.0\(21\)sx | |
| cisco | ios | 12.0\(21a\) | |
| cisco | ios | 12.0\(22\)s | |
| cisco | ios | 12.0\(22\)s4 | |
| cisco | ios | 12.0\(22\)s5 | |
| cisco | ios | 12.0\(22\)sy | |
| cisco | ios | 12.0\(23\)s2 | |
| cisco | ios | 12.0\(23\)s3 | |
| cisco | ios | 12.0\(23\)s4 | |
| cisco | ios | 12.0\(23\)s5 | |
| cisco | ios | 12.0\(23\)s6 | |
| cisco | ios | 12.0\(23\)sx | |
| cisco | ios | 12.0\(23\)sz | |
| cisco | ios | 12.0\(24\)s1 | |
| cisco | ios | 12.0\(24\)s2 | |
| cisco | ios | 12.0\(24\)s4 | |
| cisco | ios | 12.0\(24\)s5 | |
| cisco | ios | 12.0\(24\)s6 | |
| cisco | ios | 12.0\(24.2\)s | |
| cisco | ios | 12.0\(25\)s1 | |
| cisco | ios | 12.0\(25\)w5\(27\) | |
| cisco | ios | 12.0\(25\)w5\(27c\) | |
| cisco | ios | 12.0\(25\)w5-27d | |
| cisco | ios | 12.0\(25.4\)s1 | |
| cisco | ios | 12.0\(26\) | |
| cisco | ios | 12.0\(26\)s | |
| cisco | ios | 12.0\(26\)s1 | |
| cisco | ios | 12.0\(26\)s2 | |
| cisco | ios | 12.0\(26\)s6 | |
| cisco | ios | 12.0\(26\)w5\(28\) | |
| cisco | ios | 12.0\(26\)w5\(28a\) | |
| cisco | ios | 12.0\(27\) | |
| cisco | ios | 12.0\(27\)s | |
| cisco | ios | 12.0\(27\)s1 | |
| cisco | ios | 12.0\(27\)sv | |
| cisco | ios | 12.0\(27\)sv1 | |
| cisco | ios | 12.0\(27\)sv2 | |
| cisco | ios | 12.0\(28\) | |
| cisco | ios | 12.0\(28\)s3 | |
| cisco | ios | 12.0\(28\)s5 | |
| cisco | ios | 12.0\(28\)w5\(31a\) | |
| cisco | ios | 12.0\(28\)w5-30b | |
| cisco | ios | 12.0\(28\)w5-32a | |
| cisco | ios | 12.0\(28c\) | |
| cisco | ios | 12.0\(28d\) | |
| cisco | ios | 12.0\(30\)s1 | |
| cisco | ios | 12.0\(30\)s2 | |
| cisco | ios | 12.0\(30\)s4 | |
| cisco | ios | 12.0\(31\)s | |
| cisco | ios | 12.0\(31\)s1 | |
| cisco | ios | 12.0da | |
| cisco | ios | 12.0db | |
| cisco | ios | 12.0dc | |
| cisco | ios | 12.0ev | |
| cisco | ios | 12.0s | |
| cisco | ios | 12.0sc | |
| cisco | ios | 12.0sl | |
| cisco | ios | 12.0sp | |
| cisco | ios | 12.0st | |
| cisco | ios | 12.0sv | |
| cisco | ios | 12.0sx | |
| cisco | ios | 12.0sy | |
| cisco | ios | 12.0sz | |
| cisco | ios | 12.0t | |
| cisco | ios | 12.0w5 | |
| cisco | ios | 12.0wc | |
| cisco | ios | 12.0wt | |
| cisco | ios | 12.0wx | |
| cisco | ios | 12.0xa | |
| cisco | ios | 12.0xb | |
| cisco | ios | 12.0xc | |
| cisco | ios | 12.0xd | |
| cisco | ios | 12.0xe | |
| cisco | ios | 12.0xf | |
| cisco | ios | 12.0xg | |
| cisco | ios | 12.0xh | |
| cisco | ios | 12.0xi | |
| cisco | ios | 12.0xj | |
| cisco | ios | 12.0xk | |
| cisco | ios | 12.0xl | |
| cisco | ios | 12.0xm | |
| cisco | ios | 12.0xn | |
| cisco | ios | 12.0xp | |
| cisco | ios | 12.0xq | |
| cisco | ios | 12.0xr | |
| cisco | ios | 12.0xs | |
| cisco | ios | 12.0xt | |
| cisco | ios | 12.0xu | |
| cisco | ios | 12.0xv | |
| cisco | ios | 12.0xw | |
| cisco | ios | 12.1 | |
| cisco | ios | 12.1\(1\) | |
| cisco | ios | 12.1\(1\)db | |
| cisco | ios | 12.1\(1\)db2 | |
| cisco | ios | 12.1\(1\)dc | |
| cisco | ios | 12.1\(1\)dc2 | |
| cisco | ios | 12.1\(1\)e5 | |
| cisco | ios | 12.1\(1\)ex | |
| cisco | ios | 12.1\(1\)t | |
| cisco | ios | 12.1\(1.3\)t | |
| cisco | ios | 12.1\(1a\)t1 | |
| cisco | ios | 12.1\(1c\) | |
| cisco | ios | 12.1\(2\)e1 | |
| cisco | ios | 12.1\(2\)t | |
| cisco | ios | 12.1\(2\)xf | |
| cisco | ios | 12.1\(2\)xf4 | |
| cisco | ios | 12.1\(2\)xf5 | |
| cisco | ios | 12.1\(2b\) | |
| cisco | ios | 12.1\(3\) | |
| cisco | ios | 12.1\(3\)db1 | |
| cisco | ios | 12.1\(3\)dc2 | |
| cisco | ios | 12.1\(3\)t | |
| cisco | ios | 12.1\(3\)xi | |
| cisco | ios | 12.1\(3\)xp | |
| cisco | ios | 12.1\(3\)xp4 | |
| cisco | ios | 12.1\(3\)xq | |
| cisco | ios | 12.1\(3\)xt | |
| cisco | ios | 12.1\(3\)xt3 | |
| cisco | ios | 12.1\(3a\) | |
| cisco | ios | 12.1\(3a\)e7 | |
| cisco | ios | 12.1\(3a\)e8 | |
| cisco | ios | 12.1\(3a\)t4 | |
| cisco | ios | 12.1\(3a\)t7 | |
| cisco | ios | 12.1\(3a\)xi8 | |
| cisco | ios | 12.1\(3b\) | |
| cisco | ios | 12.1\(4\) | |
| cisco | ios | 12.1\(4\)db | |
| cisco | ios | 12.1\(4\)db1 | |
| cisco | ios | 12.1\(4\)db2 | |
| cisco | ios | 12.1\(4\)dc | |
| cisco | ios | 12.1\(4\)dc2 | |
| cisco | ios | 12.1\(4\)e3 | |
| cisco | ios | 12.1\(4\)ea1e | |
| cisco | ios | 12.1\(4\)xm4 | |
| cisco | ios | 12.1\(4\)xz | |
| cisco | ios | 12.1\(4\)xz7 | |
| cisco | ios | 12.1\(4.3\)t | |
| cisco | ios | 12.1\(4a\) | |
| cisco | ios | 12.1\(5\)da1 | |
| cisco | ios | 12.1\(5\)db1 | |
| cisco | ios | 12.1\(5\)dc | |
| cisco | ios | 12.1\(5\)dc2 | |
| cisco | ios | 12.1\(5\)ey | |
| cisco | ios | 12.1\(5\)t | |
| cisco | ios | 12.1\(5\)t9 | |
| cisco | ios | 12.1\(5\)t12 | |
| cisco | ios | 12.1\(5\)t15 | |
| cisco | ios | 12.1\(5\)xg5 | |
| cisco | ios | 12.1\(5\)xm | |
| cisco | ios | 12.1\(5\)xm4 | |
| cisco | ios | 12.1\(5\)xm7 | |
| cisco | ios | 12.1\(5\)xr2 | |
| cisco | ios | 12.1\(5\)xs | |
| cisco | ios | 12.1\(5\)xs2 | |
| cisco | ios | 12.1\(5\)xu1 | |
| cisco | ios | 12.1\(5\)xv | |
| cisco | ios | 12.1\(5\)xv3 | |
| cisco | ios | 12.1\(5\)xv4 | |
| cisco | ios | 12.1\(5\)xv5 | |
| cisco | ios | 12.1\(5\)xy6 | |
| cisco | ios | 12.1\(5\)ya | |
| cisco | ios | 12.1\(5\)ya2 | |
| cisco | ios | 12.1\(5\)yb | |
| cisco | ios | 12.1\(5\)yb4 | |
| cisco | ios | 12.1\(5\)yb5 | |
| cisco | ios | 12.1\(5\)yc | |
| cisco | ios | 12.1\(5\)yc1 | |
| cisco | ios | 12.1\(5\)yc2 | |
| cisco | ios | 12.1\(5\)yd | |
| cisco | ios | 12.1\(5\)yd2 | |
| cisco | ios | 12.1\(5\)yd6 | |
| cisco | ios | 12.1\(5\)yf | |
| cisco | ios | 12.1\(5\)yf2 | |
| cisco | ios | 12.1\(5\)yf4 | |
| cisco | ios | 12.1\(5\)yh | |
| cisco | ios | 12.1\(5\)yh3 | |
| cisco | ios | 12.1\(5\)yi | |
| cisco | ios | 12.1\(5\)yi1 | |
| cisco | ios | 12.1\(5a\)e | |
| cisco | ios | 12.1\(5c\) | |
| cisco | ios | 12.1\(5c\)e12 | |
| cisco | ios | 12.1\(5c\)ex | |
| cisco | ios | 12.1\(5e\) | |
| cisco | ios | 12.1\(6\) | |
| cisco | ios | 12.1\(6\)e8 | |
| cisco | ios | 12.1\(6\)e12 | |
| cisco | ios | 12.1\(6\)ea1 | |
| cisco | ios | 12.1\(6\)ea1a | |
| cisco | ios | 12.1\(6\)ea2 | |
| cisco | ios | 12.1\(6\)ea2a | |
| cisco | ios | 12.1\(6\)ea2b | |
| cisco | ios | 12.1\(6\)ea2c | |
| cisco | ios | 12.1\(6\)ey | |
| cisco | ios | 12.1\(6\)ez1 | |
| cisco | ios | 12.1\(6\)ez2 | |
| cisco | ios | 12.1\(6.5\) | |
| cisco | ios | 12.1\(6.5\)ec3 | |
| cisco | ios | 12.1\(6a\) | |
| cisco | ios | 12.1\(7\) | |
| cisco | ios | 12.1\(7\)cx | |
| cisco | ios | 12.1\(7\)da2 | |
| cisco | ios | 12.1\(7\)da3 | |
| cisco | ios | 12.1\(7\)ec | |
| cisco | ios | 12.1\(7a\)e6 | |
| cisco | ios | 12.1\(7a\)ey | |
| cisco | ios | 12.1\(7a\)ey3 | |
| cisco | ios | 12.1\(7b\) | |
| cisco | ios | 12.1\(8\) | |
| cisco | ios | 12.1\(8\)aa1 | |
| cisco | ios | 12.1\(8\)e | |
| cisco | ios | 12.1\(8\)ea | |
| cisco | ios | 12.1\(8\)ea1b | |
| cisco | ios | 12.1\(8\)ea2b | |
| cisco | ios | 12.1\(8a\)e | |
| cisco | ios | 12.1\(8a\)ew | |
| cisco | ios | 12.1\(8a\)ew1 | |
| cisco | ios | 12.1\(8a\)ex | |
| cisco | ios | 12.1\(8b\)e8 | |
| cisco | ios | 12.1\(8b\)e9 | |
| cisco | ios | 12.1\(8b\)e14 | |
| cisco | ios | 12.1\(8b\)e15 | |
| cisco | ios | 12.1\(8b\)e16 | |
| cisco | ios | 12.1\(8b\)e18 | |
| cisco | ios | 12.1\(8b\)e20 | |
| cisco | ios | 12.1\(8b\)ex4 | |
| cisco | ios | 12.1\(8c\) | |
| cisco | ios | 12.1\(9\) | |
| cisco | ios | 12.1\(9\)aa | |
| cisco | ios | 12.1\(9\)e | |
| cisco | ios | 12.1\(9\)e3 | |
| cisco | ios | 12.1\(9\)ea | |
| cisco | ios | 12.1\(9\)ex | |
| cisco | ios | 12.1\(9\)ex3 | |
| cisco | ios | 12.1\(9a\) | |
| cisco | ios | 12.1\(10\) | |
| cisco | ios | 12.1\(10\)aa | |
| cisco | ios | 12.1\(10\)e | |
| cisco | ios | 12.1\(10\)e4 | |
| cisco | ios | 12.1\(10\)ec | |
| cisco | ios | 12.1\(10\)ec1 | |
| cisco | ios | 12.1\(10\)ex | |
| cisco | ios | 12.1\(10\)ey | |
| cisco | ios | 12.1\(10.5\)ec | |
| cisco | ios | 12.1\(10a\) | |
| cisco | ios | 12.1\(11\) | |
| cisco | ios | 12.1\(11\)e | |
| cisco | ios | 12.1\(11\)ea1 | |
| cisco | ios | 12.1\(11\)ec | |
| cisco | ios | 12.1\(11.5\)e | |
| cisco | ios | 12.1\(11a\) | |
| cisco | ios | 12.1\(11b\) | |
| cisco | ios | 12.1\(11b\)e | |
| cisco | ios | 12.1\(11b\)e12 | |
| cisco | ios | 12.1\(11b\)e14 | |
| cisco | ios | 12.1\(12\) | |
| cisco | ios | 12.1\(12\)e | |
| cisco | ios | 12.1\(12a\) | |
| cisco | ios | 12.1\(12b\) | |
| cisco | ios | 12.1\(12c\) | |
| cisco | ios | 12.1\(12c\)e7 | |
| cisco | ios | 12.1\(12c\)ec | |
| cisco | ios | 12.1\(12c\)ev01 | |
| cisco | ios | 12.1\(12c\)ew4 | |
| cisco | ios | 12.1\(13\) | |
| cisco | ios | 12.1\(13\)ay | |
| cisco | ios | 12.1\(13\)e1 | |
| cisco | ios | 12.1\(13\)e3 | |
| cisco | ios | 12.1\(13\)e7 | |
| cisco | ios | 12.1\(13\)e9 | |
| cisco | ios | 12.1\(13\)e12 | |
| cisco | ios | 12.1\(13\)e13 | |
| cisco | ios | 12.1\(13\)e17 | |
| cisco | ios | 12.1\(13\)ea1 | |
| cisco | ios | 12.1\(13\)ea1c | |
| cisco | ios | 12.1\(13\)ew | |
| cisco | ios | 12.1\(13\)ew4 | |
| cisco | ios | 12.1\(13\)ex2 | |
| cisco | ios | 12.1\(13.4\)e | |
| cisco | ios | 12.1\(14\) | |
| cisco | ios | 12.1\(14\)e1 | |
| cisco | ios | 12.1\(14\)e4 | |
| cisco | ios | 12.1\(14\)e9 | |
| cisco | ios | 12.1\(14\)e10 | |
| cisco | ios | 12.1\(14\)ea1 | |
| cisco | ios | 12.1\(14\)eb | |
| cisco | ios | 12.1\(14.5\) | |
| cisco | ios | 12.1\(15\)bc1 | |
| cisco | ios | 12.1\(16\) | |
| cisco | ios | 12.1\(18\) | |
| cisco | ios | 12.1\(18.4\) | |
| cisco | ios | 12.1\(19\) | |
| cisco | ios | 12.1\(19\)e | |
| cisco | ios | 12.1\(19\)e1 | |
| cisco | ios | 12.1\(19\)e6 | |
| cisco | ios | 12.1\(19\)ec | |
| cisco | ios | 12.1\(19\)ew | |
| cisco | ios | 12.1\(19\)ew3 | |
| cisco | ios | 12.1\(19\)fc1 | |
| cisco | ios | 12.1\(19.3\)e | |
| cisco | ios | 12.1\(20\) | |
| cisco | ios | 12.1\(20\)e | |
| cisco | ios | 12.1\(20\)e1 | |
| cisco | ios | 12.1\(20\)e2 | |
| cisco | ios | 12.1\(20\)e3 | |
| cisco | ios | 12.1\(20\)e5 | |
| cisco | ios | 12.1\(20\)ea1 | |
| cisco | ios | 12.1\(20\)ea1a | |
| cisco | ios | 12.1\(20\)ec | |
| cisco | ios | 12.1\(20\)ec1 | |
| cisco | ios | 12.1\(20\)ec2 | |
| cisco | ios | 12.1\(20\)eo | |
| cisco | ios | 12.1\(20\)eo1 | |
| cisco | ios | 12.1\(20\)eo3 | |
| cisco | ios | 12.1\(20\)ew | |
| cisco | ios | 12.1\(20\)ew1 | |
| cisco | ios | 12.1\(20\)ew2 | |
| cisco | ios | 12.1\(20\)ew4 | |
| cisco | ios | 12.1\(22\) | |
| cisco | ios | 12.1\(22\)e1 | |
| cisco | ios | 12.1\(22\)e3 | |
| cisco | ios | 12.1\(22\)ea3 | |
| cisco | ios | 12.1\(22\)ea4 | |
| cisco | ios | 12.1\(22\)ea4a | |
| cisco | ios | 12.1\(22\)ea5a | |
| cisco | ios | 12.1\(22\)ea6 | |
| cisco | ios | 12.1\(22\)eb | |
| cisco | ios | 12.1\(23\)e1 | |
| cisco | ios | 12.1\(23\)e4 | |
| cisco | ios | 12.1\(26\)e1 | |
| cisco | ios | 12.1\(26\)e3 | |
| cisco | ios | 12.1\(26\)eb1 | |
| cisco | ios | 12.1\(27\) | |
| cisco | ios | 12.1\(27b\) | |
| cisco | ios | 12.1aa | |
| cisco | ios | 12.1ax | |
| cisco | ios | 12.1ay | |
| cisco | ios | 12.1az | |
| cisco | ios | 12.1cx | |
| cisco | ios | 12.1da | |
| cisco | ios | 12.1db | |
| cisco | ios | 12.1dc | |
| cisco | ios | 12.1e | |
| cisco | ios | 12.1ea | |
| cisco | ios | 12.1eb | |
| cisco | ios | 12.1ec | |
| cisco | ios | 12.1eo | |
| cisco | ios | 12.1eu | |
| cisco | ios | 12.1ev | |
| cisco | ios | 12.1ew | |
| cisco | ios | 12.1ex | |
| cisco | ios | 12.1ey | |
| cisco | ios | 12.1ez | |
| cisco | ios | 12.1ga | |
| cisco | ios | 12.1gb | |
| cisco | ios | 12.1m | |
| cisco | ios | 12.1s | |
| cisco | ios | 12.1sec | |
| cisco | ios | 12.1t | |
| cisco | ios | 12.1x\(l\) | |
| cisco | ios | 12.1xa | |
| cisco | ios | 12.1xb | |
| cisco | ios | 12.1xc | |
| cisco | ios | 12.1xd | |
| cisco | ios | 12.1xe | |
| cisco | ios | 12.1xf | |
| cisco | ios | 12.1xg | |
| cisco | ios | 12.1xh | |
| cisco | ios | 12.1xi | |
| cisco | ios | 12.1xj | |
| cisco | ios | 12.1xk | |
| cisco | ios | 12.1xl | |
| cisco | ios | 12.1xm | |
| cisco | ios | 12.1xp | |
| cisco | ios | 12.1xq | |
| cisco | ios | 12.1xr | |
| cisco | ios | 12.1xs | |
| cisco | ios | 12.1xt | |
| cisco | ios | 12.1xu | |
| cisco | ios | 12.1xv | |
| cisco | ios | 12.1xw | |
| cisco | ios | 12.1xx | |
| cisco | ios | 12.1xy | |
| cisco | ios | 12.1xz | |
| cisco | ios | 12.1ya | |
| cisco | ios | 12.1yb | |
| cisco | ios | 12.1yc | |
| cisco | ios | 12.1yd | |
| cisco | ios | 12.1ye | |
| cisco | ios | 12.1yf | |
| cisco | ios | 12.1yh | |
| cisco | ios | 12.1yi | |
| cisco | ios | 12.1yj | |
| cisco | ios | 12.2 | |
| cisco | ios | 12.2\(1\) | |
| cisco | ios | 12.2\(1\)dx | |
| cisco | ios | 12.2\(1\)s | |
| cisco | ios | 12.2\(1\)t | |
| cisco | ios | 12.2\(1\)xa | |
| cisco | ios | 12.2\(1\)xd | |
| cisco | ios | 12.2\(1\)xd1 | |
| cisco | ios | 12.2\(1\)xd3 | |
| cisco | ios | 12.2\(1\)xd4 | |
| cisco | ios | 12.2\(1\)xe | |
| cisco | ios | 12.2\(1\)xe2 | |
| cisco | ios | 12.2\(1\)xe3 | |
| cisco | ios | 12.2\(1\)xh | |
| cisco | ios | 12.2\(1\)xq | |
| cisco | ios | 12.2\(1\)xs | |
| cisco | ios | 12.2\(1\)xs1 | |
| cisco | ios | 12.2\(1.1\) | |
| cisco | ios | 12.2\(1.1\)pi | |
| cisco | ios | 12.2\(1.4\)s | |
| cisco | ios | 12.2\(1b\) | |
| cisco | ios | 12.2\(1b\)da1 | |
| cisco | ios | 12.2\(1d\) | |
| cisco | ios | 12.2\(2\)b | |
| cisco | ios | 12.2\(2\)bx | |
| cisco | ios | 12.2\(2\)by | |
| cisco | ios | 12.2\(2\)by2 | |
| cisco | ios | 12.2\(2\)dd3 | |
| cisco | ios | 12.2\(2\)t | |
| cisco | ios | 12.2\(2\)t1 | |
| cisco | ios | 12.2\(2\)t4 | |
| cisco | ios | 12.2\(2\)xa | |
| cisco | ios | 12.2\(2\)xa1 | |
| cisco | ios | 12.2\(2\)xa5 | |
| cisco | ios | 12.2\(2\)xb | |
| cisco | ios | 12.2\(2\)xb3 | |
| cisco | ios | 12.2\(2\)xb4 | |
| cisco | ios | 12.2\(2\)xb11 | |
| cisco | ios | 12.2\(2\)xb14 | |
| cisco | ios | 12.2\(2\)xb15 | |
| cisco | ios | 12.2\(2\)xc1 | |
| cisco | ios | 12.2\(2\)xf | |
| cisco | ios | 12.2\(2\)xg | |
| cisco | ios | 12.2\(2\)xh | |
| cisco | ios | 12.2\(2\)xh2 | |
| cisco | ios | 12.2\(2\)xh3 | |
| cisco | ios | 12.2\(2\)xi | |
| cisco | ios | 12.2\(2\)xi1 | |
| cisco | ios | 12.2\(2\)xi2 | |
| cisco | ios | 12.2\(2\)xj | |
| cisco | ios | 12.2\(2\)xj1 | |
| cisco | ios | 12.2\(2\)xk | |
| cisco | ios | 12.2\(2\)xk2 | |
| cisco | ios | 12.2\(2\)xn | |
| cisco | ios | 12.2\(2\)xr | |
| cisco | ios | 12.2\(2\)xt | |
| cisco | ios | 12.2\(2\)xt3 | |
| cisco | ios | 12.2\(2\)xu | |
| cisco | ios | 12.2\(2\)xu2 | |
| cisco | ios | 12.2\(2\)yc | |
| cisco | ios | 12.2\(2.2\)t | |
| cisco | ios | 12.2\(3\) | |
| cisco | ios | 12.2\(3.4\)bp | |
| cisco | ios | 12.2\(3d\) | |
| cisco | ios | 12.2\(4\) | |
| cisco | ios | 12.2\(4\)b | |
| cisco | ios | 12.2\(4\)b1 | |
| cisco | ios | 12.2\(4\)b2 | |
| cisco | ios | 12.2\(4\)b3 | |
| cisco | ios | 12.2\(4\)b4 | |
| cisco | ios | 12.2\(4\)bc1 | |
| cisco | ios | 12.2\(4\)bc1a | |
| cisco | ios | 12.2\(4\)bx | |
| cisco | ios | 12.2\(4\)ja | |
| cisco | ios | 12.2\(4\)ja1 | |
| cisco | ios | 12.2\(4\)mb3 | |
| cisco | ios | 12.2\(4\)mb12 | |
| cisco | ios | 12.2\(4\)mb13b | |
| cisco | ios | 12.2\(4\)mb13c | |
| cisco | ios | 12.2\(4\)mx | |
| cisco | ios | 12.2\(4\)mx1 | |
| cisco | ios | 12.2\(4\)t | |
| cisco | ios | 12.2\(4\)t1 | |
| cisco | ios | 12.2\(4\)t3 | |
| cisco | ios | 12.2\(4\)t6 | |
| cisco | ios | 12.2\(4\)xl | |
| cisco | ios | 12.2\(4\)xl4 | |
| cisco | ios | 12.2\(4\)xm | |
| cisco | ios | 12.2\(4\)xm2 | |
| cisco | ios | 12.2\(4\)xr | |
| cisco | ios | 12.2\(4\)xw | |
| cisco | ios | 12.2\(4\)xw1 | |
| cisco | ios | 12.2\(4\)ya | |
| cisco | ios | 12.2\(4\)ya1 | |
| cisco | ios | 12.2\(4\)ya7 | |
| cisco | ios | 12.2\(4\)ya8 | |
| cisco | ios | 12.2\(4\)ya9 | |
| cisco | ios | 12.2\(4\)ya10 | |
| cisco | ios | 12.2\(4\)ya11 | |
| cisco | ios | 12.2\(4\)yb | |
| cisco | ios | 12.2\(5\) | |
| cisco | ios | 12.2\(5\)ca1 | |
| cisco | ios | 12.2\(5d\) | |
| cisco | ios | 12.2\(6.8\)t0a | |
| cisco | ios | 12.2\(6.8\)t1a | |
| cisco | ios | 12.2\(6.8a\) | |
| cisco | ios | 12.2\(6c\) | |
| cisco | ios | 12.2\(7\) | |
| cisco | ios | 12.2\(7\)da | |
| cisco | ios | 12.2\(7.4\)s | |
| cisco | ios | 12.2\(7a\) | |
| cisco | ios | 12.2\(7b\) | |
| cisco | ios | 12.2\(7c\) | |
| cisco | ios | 12.2\(8\)bc1 | |
| cisco | ios | 12.2\(8\)ja | |
| cisco | ios | 12.2\(8\)t | |
| cisco | ios | 12.2\(8\)t10 | |
| cisco | ios | 12.2\(8\)tpc10a | |
| cisco | ios | 12.2\(8\)yd | |
| cisco | ios | 12.2\(8\)yw2 | |
| cisco | ios | 12.2\(8\)yw3 | |
| cisco | ios | 12.2\(8\)yy | |
| cisco | ios | 12.2\(8\)yy3 | |
| cisco | ios | 12.2\(8\)zb7 | |
| cisco | ios | 12.2\(9\)s | |
| cisco | ios | 12.2\(9.4\)da | |
| cisco | ios | 12.2\(10\)da2 | |
| cisco | ios | 12.2\(10\)da4 | |
| cisco | ios | 12.2\(10.5\)s | |
| cisco | ios | 12.2\(10g\) | |
| cisco | ios | 12.2\(11\)bc3c | |
| cisco | ios | 12.2\(11\)ja | |
| cisco | ios | 12.2\(11\)ja1 | |
| cisco | ios | 12.2\(11\)t | |
| cisco | ios | 12.2\(11\)t2 | |
| cisco | ios | 12.2\(11\)t3 | |
| cisco | ios | 12.2\(11\)t8 | |
| cisco | ios | 12.2\(11\)t9 | |
| cisco | ios | 12.2\(11\)yp1 | |
| cisco | ios | 12.2\(11\)yu | |
| cisco | ios | 12.2\(11\)yv | |
| cisco | ios | 12.2\(11\)yx1 | |
| cisco | ios | 12.2\(11\)yz2 | |
| cisco | ios | 12.2\(12\) | |
| cisco | ios | 12.2\(12\)da3 | |
| cisco | ios | 12.2\(12\)da8 | |
| cisco | ios | 12.2\(12\)da9 | |
| cisco | ios | 12.2\(12.02\)s | |
| cisco | ios | 12.2\(12.02\)t | |
| cisco | ios | 12.2\(12.05\) | |
| cisco | ios | 12.2\(12.05\)s | |
| cisco | ios | 12.2\(12.05\)t | |
| cisco | ios | 12.2\(12b\) | |
| cisco | ios | 12.2\(12c\) | |
| cisco | ios | 12.2\(12g\) | |
| cisco | ios | 12.2\(12h\) | |
| cisco | ios | 12.2\(12i\) | |
| cisco | ios | 12.2\(12m\) | |
| cisco | ios | 12.2\(13\) | |
| cisco | ios | 12.2\(13\)ja1 | |
| cisco | ios | 12.2\(13\)mc1 | |
| cisco | ios | 12.2\(13\)t | |
| cisco | ios | 12.2\(13\)t1 | |
| cisco | ios | 12.2\(13\)t9 | |
| cisco | ios | 12.2\(13\)t14 | |
| cisco | ios | 12.2\(13\)t16 | |
| cisco | ios | 12.2\(13\)zc | |
| cisco | ios | 12.2\(13\)zd | |
| cisco | ios | 12.2\(13\)zd3 | |
| cisco | ios | 12.2\(13\)zd4 | |
| cisco | ios | 12.2\(13\)ze | |
| cisco | ios | 12.2\(13\)zf | |
| cisco | ios | 12.2\(13\)zg | |
| cisco | ios | 12.2\(13\)zh | |
| cisco | ios | 12.2\(13\)zh3 | |
| cisco | ios | 12.2\(13\)zh8 | |
| cisco | ios | 12.2\(13\)zj | |
| cisco | ios | 12.2\(13\)zk | |
| cisco | ios | 12.2\(13\)zl | |
| cisco | ios | 12.2\(13.03\)b | |
| cisco | ios | 12.2\(13a\) | |
| cisco | ios | 12.2\(13e\) | |
| cisco | ios | 12.2\(14\)s | |
| cisco | ios | 12.2\(14\)s13 | |
| cisco | ios | 12.2\(14\)s14 | |
| cisco | ios | 12.2\(14\)s15 | |
| cisco | ios | 12.2\(14\)su2 | |
| cisco | ios | 12.2\(14\)sx1 | |
| cisco | ios | 12.2\(14\)sy | |
| cisco | ios | 12.2\(14\)sy1 | |
| cisco | ios | 12.2\(14\)sy03 | |
| cisco | ios | 12.2\(14\)sz | |
| cisco | ios | 12.2\(14\)sz1 | |
| cisco | ios | 12.2\(14\)sz2 | |
| cisco | ios | 12.2\(14\)za | |
| cisco | ios | 12.2\(14\)za2 | |
| cisco | ios | 12.2\(14\)za8 | |
| cisco | ios | 12.2\(14.5\) | |
| cisco | ios | 12.2\(14.5\)t | |
| cisco | ios | 12.2\(15\)b | |
| cisco | ios | 12.2\(15\)bc | |
| cisco | ios | 12.2\(15\)bc1 | |
| cisco | ios | 12.2\(15\)bc1f | |
| cisco | ios | 12.2\(15\)bc2f | |
| cisco | ios | 12.2\(15\)bc2h | |
| cisco | ios | 12.2\(15\)bc2i | |
| cisco | ios | 12.2\(15\)bx | |
| cisco | ios | 12.2\(15\)bz | |
| cisco | ios | 12.2\(15\)cx | |
| cisco | ios | 12.2\(15\)cz3 | |
| cisco | ios | 12.2\(15\)jk2 | |
| cisco | ios | 12.2\(15\)jk4 | |
| cisco | ios | 12.2\(15\)jk5 | |
| cisco | ios | 12.2\(15\)mc1 | |
| cisco | ios | 12.2\(15\)mc2c | |
| cisco | ios | 12.2\(15\)mc2e | |
| cisco | ios | 12.2\(15\)sl1 | |
| cisco | ios | 12.2\(15\)t | |
| cisco | ios | 12.2\(15\)t5 | |
| cisco | ios | 12.2\(15\)t7 | |
| cisco | ios | 12.2\(15\)t8 | |
| cisco | ios | 12.2\(15\)t9 | |
| cisco | ios | 12.2\(15\)t15 | |
| cisco | ios | 12.2\(15\)t16 | |
| cisco | ios | 12.2\(15\)t17 | |
| cisco | ios | 12.2\(15\)xr | |
| cisco | ios | 12.2\(15\)xr2 | |
| cisco | ios | 12.2\(15\)ys | |
| cisco | ios | 12.2\(15\)ys_1.2\(1\) | |
| cisco | ios | 12.2\(15\)zj | |
| cisco | ios | 12.2\(15\)zj1 | |
| cisco | ios | 12.2\(15\)zj2 | |
| cisco | ios | 12.2\(15\)zj3 | |
| cisco | ios | 12.2\(15\)zk | |
| cisco | ios | 12.2\(15\)zl | |
| cisco | ios | 12.2\(15\)zl1 | |
| cisco | ios | 12.2\(15\)zn | |
| cisco | ios | 12.2\(15\)zo | |
| cisco | ios | 12.2\(15.1\)s | |
| cisco | ios | 12.2\(16\)b | |
| cisco | ios | 12.2\(16\)b1 | |
| cisco | ios | 12.2\(16\)bx | |
| cisco | ios | 12.2\(16.1\)b | |
| cisco | ios | 12.2\(16.5\)s | |
| cisco | ios | 12.2\(16f\) | |
| cisco | ios | 12.2\(17\) | |
| cisco | ios | 12.2\(17\)a | |
| cisco | ios | 12.2\(17\)zd3 | |
| cisco | ios | 12.2\(17a\) | |
| cisco | ios | 12.2\(17a\)sxa | |
| cisco | ios | 12.2\(17b\)sxa | |
| cisco | ios | 12.2\(17d\) | |
| cisco | ios | 12.2\(17d\)sx | |
| cisco | ios | 12.2\(17d\)sxb | |
| cisco | ios | 12.2\(17d\)sxb7 | |
| cisco | ios | 12.2\(17d\)sxb8 | |
| cisco | ios | 12.2\(17d\)sxb10 | |
| cisco | ios | 12.2\(17f\) | |
| cisco | ios | 12.2\(18\)ew | |
| cisco | ios | 12.2\(18\)ew2 | |
| cisco | ios | 12.2\(18\)ew3 | |
| cisco | ios | 12.2\(18\)ew5 | |
| cisco | ios | 12.2\(18\)ewa | |
| cisco | ios | 12.2\(18\)s | |
| cisco | ios | 12.2\(18\)s6 | |
| cisco | ios | 12.2\(18\)s8 | |
| cisco | ios | 12.2\(18\)s9 | |
| cisco | ios | 12.2\(18\)s10 | |
| cisco | ios | 12.2\(18\)se | |
| cisco | ios | 12.2\(18\)so4 | |
| cisco | ios | 12.2\(18\)sv | |
| cisco | ios | 12.2\(18\)sv3 | |
| cisco | ios | 12.2\(18\)sw | |
| cisco | ios | 12.2\(18\)sxd1 | |
| cisco | ios | 12.2\(18\)sxd4 | |
| cisco | ios | 12.2\(18\)sxd5 | |
| cisco | ios | 12.2\(18\)sxd6 | |
| cisco | ios | 12.2\(18\)sxd7 | |
| cisco | ios | 12.2\(18\)sxe | |
| cisco | ios | 12.2\(18\)sxe1 | |
| cisco | ios | 12.2\(18\)sxe3 | |
| cisco | ios | 12.2\(18\)sxf | |
| cisco | ios | 12.2\(18.2\) | |
| cisco | ios | 12.2\(19\) | |
| cisco | ios | 12.2\(19\)b | |
| cisco | ios | 12.2\(20\)eu | |
| cisco | ios | 12.2\(20\)eu1 | |
| cisco | ios | 12.2\(20\)eu2 | |
| cisco | ios | 12.2\(20\)ew | |
| cisco | ios | 12.2\(20\)ew2 | |
| cisco | ios | 12.2\(20\)ew3 | |
| cisco | ios | 12.2\(20\)ewa | |
| cisco | ios | 12.2\(20\)ewa2 | |
| cisco | ios | 12.2\(20\)ewa3 | |
| cisco | ios | 12.2\(20\)s | |
| cisco | ios | 12.2\(20\)s1 | |
| cisco | ios | 12.2\(20\)s2 | |
| cisco | ios | 12.2\(20\)s4 | |
| cisco | ios | 12.2\(20\)s7 | |
| cisco | ios | 12.2\(20\)s8 | |
| cisco | ios | 12.2\(20\)s9 | |
| cisco | ios | 12.2\(20\)se3 | |
| cisco | ios | 12.2\(21\) | |
| cisco | ios | 12.2\(21a\) | |
| cisco | ios | 12.2\(21b\) | |
| cisco | ios | 12.2\(22\)ea6 | |
| cisco | ios | 12.2\(22\)s | |
| cisco | ios | 12.2\(22\)s2 | |
| cisco | ios | 12.2\(22\)sv1 | |
| cisco | ios | 12.2\(23\) | |
| cisco | ios | 12.2\(23\)sv1 | |
| cisco | ios | 12.2\(23\)sw | |
| cisco | ios | 12.2\(23.6\) | |
| cisco | ios | 12.2\(23a\) | |
| cisco | ios | 12.2\(23f\) | |
| cisco | ios | 12.2\(24\) | |
| cisco | ios | 12.2\(24\)sv | |
| cisco | ios | 12.2\(24\)sv1 | |
| cisco | ios | 12.2\(25\)ewa | |
| cisco | ios | 12.2\(25\)ewa1 | |
| cisco | ios | 12.2\(25\)ewa3 | |
| cisco | ios | 12.2\(25\)ewa4 | |
| cisco | ios | 12.2\(25\)ex | |
| cisco | ios | 12.2\(25\)ey | |
| cisco | ios | 12.2\(25\)ey2 | |
| cisco | ios | 12.2\(25\)ey3 | |
| cisco | ios | 12.2\(25\)ez | |
| cisco | ios | 12.2\(25\)ez1 | |
| cisco | ios | 12.2\(25\)fx | |
| cisco | ios | 12.2\(25\)fy | |
| cisco | ios | 12.2\(25\)s | |
| cisco | ios | 12.2\(25\)s1 | |
| cisco | ios | 12.2\(25\)s3 | |
| cisco | ios | 12.2\(25\)s4 | |
| cisco | ios | 12.2\(25\)s6 | |
| cisco | ios | 12.2\(25\)se | |
| cisco | ios | 12.2\(25\)seb | |
| cisco | ios | 12.2\(25\)seb2 | |
| cisco | ios | 12.2\(25\)seb3 | |
| cisco | ios | 12.2\(25\)seb4 | |
| cisco | ios | 12.2\(25\)sec1 | |
| cisco | ios | 12.2\(25\)sec2 | |
| cisco | ios | 12.2\(25\)sed | |
| cisco | ios | 12.2\(25\)sg | |
| cisco | ios | 12.2\(25\)sv2 | |
| cisco | ios | 12.2\(25\)sw | |
| cisco | ios | 12.2\(25\)sw3a | |
| cisco | ios | 12.2\(25\)sw4 | |
| cisco | ios | 12.2\(25\)sw4a | |
| cisco | ios | 12.2\(26\)sv | |
| cisco | ios | 12.2\(26\)sv1 | |
| cisco | ios | 12.2\(26b\) | |
| cisco | ios | 12.2\(27\)sbc | |
| cisco | ios | 12.2\(27\)sv1 | |
| cisco | ios | 12.2\(27b\) | |
| cisco | ios | 12.2\(28\) | |
| cisco | ios | 12.2\(28c\) | |
| cisco | ios | 12.2\(29a\) | |
| cisco | ios | 12.2\(30\)s1 | |
| cisco | ios | 12.2\(31\) | |
| cisco | ios | 12.2b | |
| cisco | ios | 12.2bc | |
| cisco | ios | 12.2bw | |
| cisco | ios | 12.2bx | |
| cisco | ios | 12.2by | |
| cisco | ios | 12.2bz | |
| cisco | ios | 12.2ca | |
| cisco | ios | 12.2cx | |
| cisco | ios | 12.2cy | |
| cisco | ios | 12.2cz | |
| cisco | ios | 12.2da | |
| cisco | ios | 12.2dd | |
| cisco | ios | 12.2dx | |
| cisco | ios | 12.2e | |
| cisco | ios | 12.2eu | |
| cisco | ios | 12.2ew | |
| cisco | ios | 12.2ewa | |
| cisco | ios | 12.2ex | |
| cisco | ios | 12.2ey | |
| cisco | ios | 12.2ez | |
| cisco | ios | 12.2f | |
| cisco | ios | 12.2fx | |
| cisco | ios | 12.2fy | |
| cisco | ios | 12.2ja | |
| cisco | ios | 12.2jk | |
| cisco | ios | 12.2jx | |
| cisco | ios | 12.2mb | |
| cisco | ios | 12.2mc | |
| cisco | ios | 12.2mx | |
| cisco | ios | 12.2n | |
| cisco | ios | 12.2pb | |
| cisco | ios | 12.2pi | |
| cisco | ios | 12.2s | |
| cisco | ios | 12.2sa | |
| cisco | ios | 12.2sbc | |
| cisco | ios | 12.2se | |
| cisco | ios | 12.2sea | |
| cisco | ios | 12.2seb | |
| cisco | ios | 12.2sec | |
| cisco | ios | 12.2sg | |
| cisco | ios | 12.2sh | |
| cisco | ios | 12.2so | |
| cisco | ios | 12.2su | |
| cisco | ios | 12.2sv | |
| cisco | ios | 12.2sw | |
| cisco | ios | 12.2sx | |
| cisco | ios | 12.2sxa | |
| cisco | ios | 12.2sxb | |
| cisco | ios | 12.2sxd | |
| cisco | ios | 12.2sxe | |
| cisco | ios | 12.2sxf | |
| cisco | ios | 12.2sy | |
| cisco | ios | 12.2sz | |
| cisco | ios | 12.2t | |
| cisco | ios | 12.2tpc | |
| cisco | ios | 12.2x | |
| cisco | ios | 12.2xa | |
| cisco | ios | 12.2xb | |
| cisco | ios | 12.2xc | |
| cisco | ios | 12.2xd | |
| cisco | ios | 12.2xe | |
| cisco | ios | 12.2xf | |
| cisco | ios | 12.2xg | |
| cisco | ios | 12.2xh | |
| cisco | ios | 12.2xi | |
| cisco | ios | 12.2xj | |
| cisco | ios | 12.2xk | |
| cisco | ios | 12.2xl | |
| cisco | ios | 12.2xm | |
| cisco | ios | 12.2xn | |
| cisco | ios | 12.2xq | |
| cisco | ios | 12.2xr | |
| cisco | ios | 12.2xs | |
| cisco | ios | 12.2xt | |
| cisco | ios | 12.2xu | |
| cisco | ios | 12.2xv | |
| cisco | ios | 12.2xw | |
| cisco | ios | 12.2xz | |
| cisco | ios | 12.2ya | |
| cisco | ios | 12.2yb | |
| cisco | ios | 12.2yc | |
| cisco | ios | 12.2yd | |
| cisco | ios | 12.2ye | |
| cisco | ios | 12.2yf | |
| cisco | ios | 12.2yg | |
| cisco | ios | 12.2yh | |
| cisco | ios | 12.2yj | |
| cisco | ios | 12.2yk | |
| cisco | ios | 12.2yl | |
| cisco | ios | 12.2ym | |
| cisco | ios | 12.2yn | |
| cisco | ios | 12.2yo | |
| cisco | ios | 12.2yp | |
| cisco | ios | 12.2yq | |
| cisco | ios | 12.2yr | |
| cisco | ios | 12.2ys | |
| cisco | ios | 12.2yt | |
| cisco | ios | 12.2yu | |
| cisco | ios | 12.2yv | |
| cisco | ios | 12.2yw | |
| cisco | ios | 12.2yx | |
| cisco | ios | 12.2yy | |
| cisco | ios | 12.2yz | |
| cisco | ios | 12.2za | |
| cisco | ios | 12.2zb | |
| cisco | ios | 12.2zc | |
| cisco | ios | 12.2zd | |
| cisco | ios | 12.2ze | |
| cisco | ios | 12.2zf | |
| cisco | ios | 12.2zg | |
| cisco | ios | 12.2zh | |
| cisco | ios | 12.2zi | |
| cisco | ios | 12.2zj | |
| cisco | ios | 12.2zk | |
| cisco | ios | 12.2zl | |
| cisco | ios | 12.2zm | |
| cisco | ios | 12.2zn | |
| cisco | ios | 12.2zo | |
| cisco | ios | 12.2zp | |
| cisco | ios | 12.2zq | |
| cisco | ios | 12.3 | |
| cisco | ios | 12.3\(1a\) | |
| cisco | ios | 12.3\(2\)ja | |
| cisco | ios | 12.3\(2\)ja5 | |
| cisco | ios | 12.3\(2\)jk | |
| cisco | ios | 12.3\(2\)jk1 | |
| cisco | ios | 12.3\(2\)t3 | |
| cisco | ios | 12.3\(2\)t8 | |
| cisco | ios | 12.3\(2\)xa4 | |
| cisco | ios | 12.3\(2\)xa5 | |
| cisco | ios | 12.3\(2\)xc1 | |
| cisco | ios | 12.3\(2\)xc2 | |
| cisco | ios | 12.3\(2\)xc3 | |
| cisco | ios | 12.3\(2\)xc4 | |
| cisco | ios | 12.3\(2\)xe3 | |
| cisco | ios | 12.3\(2\)xe4 | |
| cisco | ios | 12.3\(3e\) | |
| cisco | ios | 12.3\(3h\) | |
| cisco | ios | 12.3\(3i\) | |
| cisco | ios | 12.3\(4\)eo1 | |
| cisco | ios | 12.3\(4\)ja | |
| cisco | ios | 12.3\(4\)ja1 | |
| cisco | ios | 12.3\(4\)t | |
| cisco | ios | 12.3\(4\)t1 | |
| cisco | ios | 12.3\(4\)t2 | |
| cisco | ios | 12.3\(4\)t3 | |
| cisco | ios | 12.3\(4\)t4 | |
| cisco | ios | 12.3\(4\)t8 | |
| cisco | ios | 12.3\(4\)tpc11a | |
| cisco | ios | 12.3\(4\)xd | |
| cisco | ios | 12.3\(4\)xd1 | |
| cisco | ios | 12.3\(4\)xd2 | |
| cisco | ios | 12.3\(4\)xe4 | |
| cisco | ios | 12.3\(4\)xg1 | |
| cisco | ios | 12.3\(4\)xg2 | |
| cisco | ios | 12.3\(4\)xg4 | |
| cisco | ios | 12.3\(4\)xg5 | |
| cisco | ios | 12.3\(4\)xh | |
| cisco | ios | 12.3\(4\)xk | |
| cisco | ios | 12.3\(4\)xk1 | |
| cisco | ios | 12.3\(4\)xk3 | |
| cisco | ios | 12.3\(4\)xk4 | |
| cisco | ios | 12.3\(4\)xq | |
| cisco | ios | 12.3\(4\)xq1 | |
| cisco | ios | 12.3\(5\) | |
| cisco | ios | 12.3\(5\)b1 | |
| cisco | ios | 12.3\(5a\) | |
| cisco | ios | 12.3\(5a\)b | |
| cisco | ios | 12.3\(5a\)b2 | |
| cisco | ios | 12.3\(5a\)b5 | |
| cisco | ios | 12.3\(5b\) | |
| cisco | ios | 12.3\(5c\) | |
| cisco | ios | 12.3\(5e\) | |
| cisco | ios | 12.3\(5f\) | |
| cisco | ios | 12.3\(6\) | |
| cisco | ios | 12.3\(6a\) | |
| cisco | ios | 12.3\(6d\) | |
| cisco | ios | 12.3\(6e\) | |
| cisco | ios | 12.3\(6f\) | |
| cisco | ios | 12.3\(7\)ja | |
| cisco | ios | 12.3\(7\)ja1 | |
| cisco | ios | 12.3\(7\)jx | |
| cisco | ios | 12.3\(7\)t | |
| cisco | ios | 12.3\(7\)t4 | |
| cisco | ios | 12.3\(7\)t8 | |
| cisco | ios | 12.3\(7\)t9 | |
| cisco | ios | 12.3\(7\)t10 | |
| cisco | ios | 12.3\(7\)t12 | |
| cisco | ios | 12.3\(7\)xi3 | |
| cisco | ios | 12.3\(7\)xi4 | |
| cisco | ios | 12.3\(7\)xi7 | |
| cisco | ios | 12.3\(7\)xr3 | |
| cisco | ios | 12.3\(7\)xr4 | |
| cisco | ios | 12.3\(7\)xr6 | |
| cisco | ios | 12.3\(7.7\) | |
| cisco | ios | 12.3\(8\)ja | |
| cisco | ios | 12.3\(8\)ja1 | |
| cisco | ios | 12.3\(8\)t4 | |
| cisco | ios | 12.3\(8\)t7 | |
| cisco | ios | 12.3\(8\)t8 | |
| cisco | ios | 12.3\(8\)t9 | |
| cisco | ios | 12.3\(8\)t11 | |
| cisco | ios | 12.3\(8\)xu2 | |
| cisco | ios | 12.3\(8\)xy4 | |
| cisco | ios | 12.3\(8\)xy5 | |
| cisco | ios | 12.3\(8\)xy6 | |
| cisco | ios | 12.3\(8\)ya1 | |
| cisco | ios | 12.3\(8\)yd | |
| cisco | ios | 12.3\(8\)yf | |
| cisco | ios | 12.3\(8\)yg | |
| cisco | ios | 12.3\(8\)yg1 | |
| cisco | ios | 12.3\(8\)yg2 | |
| cisco | ios | 12.3\(8\)yg3 | |
| cisco | ios | 12.3\(8\)yh | |
| cisco | ios | 12.3\(8\)yi | |
| cisco | ios | 12.3\(8\)yi1 | |
| cisco | ios | 12.3\(8\)yi3 | |
| cisco | ios | 12.3\(9\) | |
| cisco | ios | 12.3\(9a\)bc | |
| cisco | ios | 12.3\(9a\)bc2 | |
| cisco | ios | 12.3\(9a\)bc6 | |
| cisco | ios | 12.3\(9a\)bc7 | |
| cisco | ios | 12.3\(9d\) | |
| cisco | ios | 12.3\(9e\) | |
| cisco | ios | 12.3\(10\) | |
| cisco | ios | 12.3\(10c\) | |
| cisco | ios | 12.3\(10d\) | |
| cisco | ios | 12.3\(10e\) | |
| cisco | ios | 12.3\(11\) | |
| cisco | ios | 12.3\(11\)t | |
| cisco | ios | 12.3\(11\)t4 | |
| cisco | ios | 12.3\(11\)t5 | |
| cisco | ios | 12.3\(11\)t6 | |
| cisco | ios | 12.3\(11\)t8 | |
| cisco | ios | 12.3\(11\)t9 | |
| cisco | ios | 12.3\(11\)xl | |
| cisco | ios | 12.3\(11\)xl3 | |
| cisco | ios | 12.3\(11\)yf | |
| cisco | ios | 12.3\(11\)yf2 | |
| cisco | ios | 12.3\(11\)yf3 | |
| cisco | ios | 12.3\(11\)yf4 | |
| cisco | ios | 12.3\(11\)yj | |
| cisco | ios | 12.3\(11\)yk | |
| cisco | ios | 12.3\(11\)yk1 | |
| cisco | ios | 12.3\(11\)yk2 | |
| cisco | ios | 12.3\(11\)yl | |
| cisco | ios | 12.3\(11\)yn | |
| cisco | ios | 12.3\(11\)yr | |
| cisco | ios | 12.3\(11\)ys | |
| cisco | ios | 12.3\(11\)ys1 | |
| cisco | ios | 12.3\(11\)yw | |
| cisco | ios | 12.3\(12\) | |
| cisco | ios | 12.3\(12b\) | |
| cisco | ios | 12.3\(12e\) | |
| cisco | ios | 12.3\(13\) | |
| cisco | ios | 12.3\(13a\) | |
| cisco | ios | 12.3\(13a\)bc | |
| cisco | ios | 12.3\(13a\)bc1 | |
| cisco | ios | 12.3\(13b\) | |
| cisco | ios | 12.3\(14\)t | |
| cisco | ios | 12.3\(14\)t2 | |
| cisco | ios | 12.3\(14\)t4 | |
| cisco | ios | 12.3\(14\)t5 | |
| cisco | ios | 12.3\(14\)ym4 | |
| cisco | ios | 12.3\(14\)yq | |
| cisco | ios | 12.3\(14\)yq1 | |
| cisco | ios | 12.3\(14\)yq3 | |
| cisco | ios | 12.3\(14\)yq4 | |
| cisco | ios | 12.3\(14\)yt | |
| cisco | ios | 12.3\(14\)yt1 | |
| cisco | ios | 12.3\(14\)yu | |
| cisco | ios | 12.3\(14\)yu1 | |
| cisco | ios | 12.3\(15\) | |
| cisco | ios | 12.3\(15b\) | |
| cisco | ios | 12.3\(16\) | |
| cisco | ios | 12.3b | |
| cisco | ios | 12.3bc | |
| cisco | ios | 12.3bw | |
| cisco | ios | 12.3j | |
| cisco | ios | 12.3ja | |
| cisco | ios | 12.3jea | |
| cisco | ios | 12.3jeb | |
| cisco | ios | 12.3jec | |
| cisco | ios | 12.3jk | |
| cisco | ios | 12.3jx | |
| cisco | ios | 12.3t | |
| cisco | ios | 12.3tpc | |
| cisco | ios | 12.3xa | |
| cisco | ios | 12.3xb | |
| cisco | ios | 12.3xc | |
| cisco | ios | 12.3xd | |
| cisco | ios | 12.3xe | |
| cisco | ios | 12.3xf | |
| cisco | ios | 12.3xg | |
| cisco | ios | 12.3xh | |
| cisco | ios | 12.3xi | |
| cisco | ios | 12.3xj | |
| cisco | ios | 12.3xk | |
| cisco | ios | 12.3xl | |
| cisco | ios | 12.3xm | |
| cisco | ios | 12.3xn | |
| cisco | ios | 12.3xq | |
| cisco | ios | 12.3xr | |
| cisco | ios | 12.3xs | |
| cisco | ios | 12.3xt | |
| cisco | ios | 12.3xu | |
| cisco | ios | 12.3xv | |
| cisco | ios | 12.3xw | |
| cisco | ios | 12.3xx | |
| cisco | ios | 12.3xy | |
| cisco | ios | 12.3xz | |
| cisco | ios | 12.3ya | |
| cisco | ios | 12.3yb | |
| cisco | ios | 12.3yc | |
| cisco | ios | 12.3yd | |
| cisco | ios | 12.3ye | |
| cisco | ios | 12.3yf | |
| cisco | ios | 12.3yg | |
| cisco | ios | 12.3yh | |
| cisco | ios | 12.3yi | |
| cisco | ios | 12.3yj | |
| cisco | ios | 12.3yk | |
| cisco | ios | 12.3yl | |
| cisco | ios | 12.3ym | |
| cisco | ios | 12.3yn | |
| cisco | ios | 12.3yq | |
| cisco | ios | 12.3yr | |
| cisco | ios | 12.3ys | |
| cisco | ios | 12.3yt | |
| cisco | ios | 12.3yu | |
| cisco | ios | 12.3yw | |
| cisco | ios | 12.3yx | |
| cisco | ios | 12.3yz | |
| cisco | ios | 12.4 | |
| cisco | ios | 12.4\(1\) | |
| cisco | ios | 12.4\(1b\) | |
| cisco | ios | 12.4\(1c\) | |
| cisco | ios | 12.4\(2\)mr | |
| cisco | ios | 12.4\(2\)mr1 | |
| cisco | ios | 12.4\(2\)t | |
| cisco | ios | 12.4\(2\)t1 | |
| cisco | ios | 12.4\(2\)t2 | |
| cisco | ios | 12.4\(2\)t3 | |
| cisco | ios | 12.4\(2\)t4 | |
| cisco | ios | 12.4\(2\)xa | |
| cisco | ios | 12.4\(2\)xb | |
| cisco | ios | 12.4\(2\)xb2 | |
| cisco | ios | 12.4\(3\) | |
| cisco | ios | 12.4\(3\)t2 | |
| cisco | ios | 12.4\(3a\) | |
| cisco | ios | 12.4\(3b\) | |
| cisco | ios | 12.4\(3d\) | |
| cisco | ios | 12.4\(4\)mr | |
| cisco | ios | 12.4\(4\)t | |
| cisco | ios | 12.4\(4\)t2 | |
| cisco | ios | 12.4\(5\) | |
| cisco | ios | 12.4\(5b\) | |
| cisco | ios | 12.4\(6\)t | |
| cisco | ios | 12.4\(6\)t1 | |
| cisco | ios | 12.4\(7\) | |
| cisco | ios | 12.4\(7a\) | |
| cisco | ios | 12.4\(8\) | |
| cisco | ios | 12.4\(9\)t | |
| cisco | ios | 12.4ja | |
| cisco | ios | 12.4md | |
| cisco | ios | 12.4mr | |
| cisco | ios | 12.4sw | |
| cisco | ios | 12.4t | |
| cisco | ios | 12.4xa | |
| cisco | ios | 12.4xb | |
| cisco | ios | 12.4xc | |
| cisco | ios | 12.4xd | |
| cisco | ios | 12.4xe | |
| cisco | ios | 12.4xf | |
| cisco | ios | 12.4xg | |
| cisco | ios | 12.4xj | |
| cisco | ios | 12.4xk | |
| cisco | ios | 12.4xl | |
| cisco | ios | 12.4xm | |
| cisco | ios | 12.4xn | |
| cisco | ios | 12.4xp | |
| cisco | ios | 12.4xt | |
| cisco | ios | 12.4xv | |
| cisco | ios | 12.4xw | |
| dragonflybsd | dragonflybsd | - | |
| dragonflybsd | dragonflybsd | 1.0 | |
| dragonflybsd | dragonflybsd | 1.1 | |
| dragonflybsd | dragonflybsd | 1.2 | |
| dragonflybsd | dragonflybsd | 1.10.1 | |
| freebsd | freebsd | - | |
| freebsd | freebsd | 0.4_1 | |
| freebsd | freebsd | 1.0 | |
| freebsd | freebsd | 1.1 | |
| freebsd | freebsd | 1.1.5 | |
| freebsd | freebsd | 1.1.5.1 | |
| freebsd | freebsd | 1.2 | |
| freebsd | freebsd | 1.5 | |
| freebsd | freebsd | 2.0 | |
| freebsd | freebsd | 2.0.1 | |
| freebsd | freebsd | 2.0.5 | |
| freebsd | freebsd | 2.1 | |
| freebsd | freebsd | 2.1.0 | |
| freebsd | freebsd | 2.1.5 | |
| freebsd | freebsd | 2.1.6 | |
| freebsd | freebsd | 2.1.6.1 | |
| freebsd | freebsd | 2.1.7 | |
| freebsd | freebsd | 2.1.7.1 | |
| freebsd | freebsd | 2.2 | |
| freebsd | freebsd | 2.2.1 | |
| freebsd | freebsd | 2.2.2 | |
| freebsd | freebsd | 2.2.3 | |
| freebsd | freebsd | 2.2.4 | |
| freebsd | freebsd | 2.2.5 | |
| freebsd | freebsd | 2.2.6 | |
| freebsd | freebsd | 2.2.7 | |
| freebsd | freebsd | 2.2.8 | |
| freebsd | freebsd | 3.0 | |
| freebsd | freebsd | 3.1 | |
| freebsd | freebsd | 3.2 | |
| freebsd | freebsd | 3.3 | |
| freebsd | freebsd | 3.4 | |
| freebsd | freebsd | 3.5 | |
| freebsd | freebsd | 3.5.1 | |
| freebsd | freebsd | 4.0 | |
| freebsd | freebsd | 4.1 | |
| freebsd | freebsd | 4.1.1 | |
| freebsd | freebsd | 4.2 | |
| freebsd | freebsd | 4.3 | |
| freebsd | freebsd | 4.4 | |
| freebsd | freebsd | 4.5 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6.1 | |
| freebsd | freebsd | 4.6.1 | |
| freebsd | freebsd | 4.6.1 | |
| freebsd | freebsd | 4.6.1 | |
| freebsd | freebsd | 4.6.1 | |
| freebsd | freebsd | 4.6.2 | |
| freebsd | freebsd | 4.7 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.9 | |
| freebsd | freebsd | 4.10 | |
| freebsd | freebsd | 4.11 | |
| freebsd | freebsd | 5.0 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.2 | |
| freebsd | freebsd | 5.2.1 | |
| freebsd | freebsd | 5.3 | |
| freebsd | freebsd | 5.4 | |
| freebsd | freebsd | 5.5 | |
| freebsd | freebsd | 6.0 | |
| freebsd | freebsd | 6.1 | |
| freebsd | freebsd | 6.2 | |
| freebsd | freebsd | 6.3 | |
| freebsd | freebsd | 7.0 | |
| freebsd | freebsd | 7.1 | |
| linux | linux_kernel | - | |
| linux | linux_kernel | 1.2.0 | |
| linux | linux_kernel | 1.3.0 | |
| linux | linux_kernel | 2.0 | |
| linux | linux_kernel | 2.0.1 | |
| linux | linux_kernel | 2.0.2 | |
| linux | linux_kernel | 2.0.3 | |
| linux | linux_kernel | 2.0.4 | |
| linux | linux_kernel | 2.0.5 | |
| linux | linux_kernel | 2.0.6 | |
| linux | linux_kernel | 2.0.7 | |
| linux | linux_kernel | 2.0.8 | |
| linux | linux_kernel | 2.0.9 | |
| linux | linux_kernel | 2.0.9.9 | |
| linux | linux_kernel | 2.0.10 | |
| linux | linux_kernel | 2.0.11 | |
| linux | linux_kernel | 2.0.12 | |
| linux | linux_kernel | 2.0.13 | |
| linux | linux_kernel | 2.0.14 | |
| linux | linux_kernel | 2.0.15 | |
| linux | linux_kernel | 2.0.16 | |
| linux | linux_kernel | 2.0.17 | |
| linux | linux_kernel | 2.0.18 | |
| linux | linux_kernel | 2.0.19 | |
| linux | linux_kernel | 2.0.20 | |
| linux | linux_kernel | 2.0.21 | |
| linux | linux_kernel | 2.0.22 | |
| linux | linux_kernel | 2.0.23 | |
| linux | linux_kernel | 2.0.24 | |
| linux | linux_kernel | 2.0.25 | |
| linux | linux_kernel | 2.0.26 | |
| linux | linux_kernel | 2.0.27 | |
| linux | linux_kernel | 2.0.28 | |
| linux | linux_kernel | 2.0.29 | |
| linux | linux_kernel | 2.0.30 | |
| linux | linux_kernel | 2.0.31 | |
| linux | linux_kernel | 2.0.32 | |
| linux | linux_kernel | 2.0.33 | |
| linux | linux_kernel | 2.0.34 | |
| linux | linux_kernel | 2.0.35 | |
| linux | linux_kernel | 2.0.36 | |
| linux | linux_kernel | 2.0.37 | |
| linux | linux_kernel | 2.0.38 | |
| linux | linux_kernel | 2.0.39 | |
| linux | linux_kernel | 2.1 | |
| linux | linux_kernel | 2.1.89 | |
| linux | linux_kernel | 2.1.132 | |
| linux | linux_kernel | 2.2.0 | |
| linux | linux_kernel | 2.2.1 | |
| linux | linux_kernel | 2.2.2 | |
| linux | linux_kernel | 2.2.3 | |
| linux | linux_kernel | 2.2.4 | |
| linux | linux_kernel | 2.2.5 | |
| linux | linux_kernel | 2.2.6 | |
| linux | linux_kernel | 2.2.7 | |
| linux | linux_kernel | 2.2.8 | |
| linux | linux_kernel | 2.2.9 | |
| linux | linux_kernel | 2.2.10 | |
| linux | linux_kernel | 2.2.11 | |
| linux | linux_kernel | 2.2.12 | |
| linux | linux_kernel | 2.2.13 | |
| linux | linux_kernel | 2.2.14 | |
| linux | linux_kernel | 2.2.15 | |
| linux | linux_kernel | 2.2.16 | |
| linux | linux_kernel | 2.2.17 | |
| linux | linux_kernel | 2.2.18 | |
| linux | linux_kernel | 2.2.19 | |
| linux | linux_kernel | 2.2.20 | |
| linux | linux_kernel | 2.2.21 | |
| linux | linux_kernel | 2.2.22 | |
| linux | linux_kernel | 2.2.23 | |
| linux | linux_kernel | 2.2.24 | |
| linux | linux_kernel | 2.2.25 | |
| linux | linux_kernel | 2.2.26 | |
| linux | linux_kernel | 2.2.27 | |
| linux | linux_kernel | 2.3.0 | |
| linux | linux_kernel | 2.3.1 | |
| linux | linux_kernel | 2.3.2 | |
| linux | linux_kernel | 2.3.3 | |
| linux | linux_kernel | 2.3.4 | |
| linux | linux_kernel | 2.3.5 | |
| linux | linux_kernel | 2.3.6 | |
| linux | linux_kernel | 2.3.7 | |
| linux | linux_kernel | 2.3.8 | |
| linux | linux_kernel | 2.3.9 | |
| linux | linux_kernel | 2.3.10 | |
| linux | linux_kernel | 2.3.11 | |
| linux | linux_kernel | 2.3.12 | |
| linux | linux_kernel | 2.3.13 | |
| linux | linux_kernel | 2.3.14 | |
| linux | linux_kernel | 2.3.15 | |
| linux | linux_kernel | 2.3.16 | |
| linux | linux_kernel | 2.3.17 | |
| linux | linux_kernel | 2.3.18 | |
| linux | linux_kernel | 2.3.19 | |
| linux | linux_kernel | 2.3.20 | |
| linux | linux_kernel | 2.3.21 | |
| linux | linux_kernel | 2.3.22 | |
| linux | linux_kernel | 2.3.23 | |
| linux | linux_kernel | 2.3.24 | |
| linux | linux_kernel | 2.3.25 | |
| linux | linux_kernel | 2.3.26 | |
| linux | linux_kernel | 2.3.27 | |
| linux | linux_kernel | 2.3.28 | |
| linux | linux_kernel | 2.3.29 | |
| linux | linux_kernel | 2.3.30 | |
| linux | linux_kernel | 2.3.31 | |
| linux | linux_kernel | 2.3.32 | |
| linux | linux_kernel | 2.3.33 | |
| linux | linux_kernel | 2.3.34 | |
| linux | linux_kernel | 2.3.35 | |
| linux | linux_kernel | 2.3.36 | |
| linux | linux_kernel | 2.3.37 | |
| linux | linux_kernel | 2.3.38 | |
| linux | linux_kernel | 2.3.39 | |
| linux | linux_kernel | 2.3.40 | |
| linux | linux_kernel | 2.3.41 | |
| linux | linux_kernel | 2.3.42 | |
| linux | linux_kernel | 2.3.43 | |
| linux | linux_kernel | 2.3.44 | |
| linux | linux_kernel | 2.3.45 | |
| linux | linux_kernel | 2.3.46 | |
| linux | linux_kernel | 2.3.47 | |
| linux | linux_kernel | 2.3.48 | |
| linux | linux_kernel | 2.3.49 | |
| linux | linux_kernel | 2.3.50 | |
| linux | linux_kernel | 2.3.51 | |
| linux | linux_kernel | 2.3.99 | |
| linux | linux_kernel | 2.4.0 | |
| linux | linux_kernel | 2.4.1 | |
| linux | linux_kernel | 2.4.2 | |
| linux | linux_kernel | 2.4.3 | |
| linux | linux_kernel | 2.4.4 | |
| linux | linux_kernel | 2.4.5 | |
| linux | linux_kernel | 2.4.6 | |
| linux | linux_kernel | 2.4.7 | |
| linux | linux_kernel | 2.4.8 | |
| linux | linux_kernel | 2.4.9 | |
| linux | linux_kernel | 2.4.10 | |
| linux | linux_kernel | 2.4.11 | |
| linux | linux_kernel | 2.4.12 | |
| linux | linux_kernel | 2.4.13 | |
| linux | linux_kernel | 2.4.14 | |
| linux | linux_kernel | 2.4.15 | |
| linux | linux_kernel | 2.4.16 | |
| linux | linux_kernel | 2.4.17 | |
| linux | linux_kernel | 2.4.18 | |
| linux | linux_kernel | 2.4.19 | |
| linux | linux_kernel | 2.4.20 | |
| linux | linux_kernel | 2.4.21 | |
| linux | linux_kernel | 2.4.22 | |
| linux | linux_kernel | 2.4.23 | |
| linux | linux_kernel | 2.4.24 | |
| linux | linux_kernel | 2.4.25 | |
| linux | linux_kernel | 2.4.26 | |
| linux | linux_kernel | 2.4.27 | |
| linux | linux_kernel | 2.4.28 | |
| linux | linux_kernel | 2.4.29 | |
| linux | linux_kernel | 2.4.30 | |
| linux | linux_kernel | 2.4.31 | |
| linux | linux_kernel | 2.4.32 | |
| linux | linux_kernel | 2.4.33 | |
| linux | linux_kernel | 2.4.33.2 | |
| linux | linux_kernel | 2.4.33.3 | |
| linux | linux_kernel | 2.4.33.4 | |
| linux | linux_kernel | 2.4.33.5 | |
| linux | linux_kernel | 2.4.34 | |
| linux | linux_kernel | 2.4.34.1 | |
| linux | linux_kernel | 2.4.34.2 | |
| linux | linux_kernel | 2.4.35 | |
| linux | linux_kernel | 2.4.35.2 | |
| linux | linux_kernel | 2.5.0 | |
| linux | linux_kernel | 2.5.1 | |
| linux | linux_kernel | 2.5.2 | |
| linux | linux_kernel | 2.5.3 | |
| linux | linux_kernel | 2.5.4 | |
| linux | linux_kernel | 2.5.5 | |
| linux | linux_kernel | 2.5.6 | |
| linux | linux_kernel | 2.5.7 | |
| linux | linux_kernel | 2.5.8 | |
| linux | linux_kernel | 2.5.9 | |
| linux | linux_kernel | 2.5.10 | |
| linux | linux_kernel | 2.5.11 | |
| linux | linux_kernel | 2.5.12 | |
| linux | linux_kernel | 2.5.13 | |
| linux | linux_kernel | 2.5.14 | |
| linux | linux_kernel | 2.5.15 | |
| linux | linux_kernel | 2.5.16 | |
| linux | linux_kernel | 2.5.17 | |
| linux | linux_kernel | 2.5.18 | |
| linux | linux_kernel | 2.5.19 | |
| linux | linux_kernel | 2.5.20 | |
| linux | linux_kernel | 2.5.21 | |
| linux | linux_kernel | 2.5.22 | |
| linux | linux_kernel | 2.5.23 | |
| linux | linux_kernel | 2.5.24 | |
| linux | linux_kernel | 2.5.25 | |
| linux | linux_kernel | 2.5.26 | |
| linux | linux_kernel | 2.5.27 | |
| linux | linux_kernel | 2.5.28 | |
| linux | linux_kernel | 2.5.29 | |
| linux | linux_kernel | 2.5.30 | |
| linux | linux_kernel | 2.5.31 | |
| linux | linux_kernel | 2.5.32 | |
| linux | linux_kernel | 2.5.33 | |
| linux | linux_kernel | 2.5.34 | |
| linux | linux_kernel | 2.5.35 | |
| linux | linux_kernel | 2.5.36 | |
| linux | linux_kernel | 2.5.37 | |
| linux | linux_kernel | 2.5.38 | |
| linux | linux_kernel | 2.5.39 | |
| linux | linux_kernel | 2.5.40 | |
| linux | linux_kernel | 2.5.41 | |
| linux | linux_kernel | 2.5.42 | |
| linux | linux_kernel | 2.5.43 | |
| linux | linux_kernel | 2.5.44 | |
| linux | linux_kernel | 2.5.45 | |
| linux | linux_kernel | 2.5.46 | |
| linux | linux_kernel | 2.5.47 | |
| linux | linux_kernel | 2.5.48 | |
| linux | linux_kernel | 2.5.49 | |
| linux | linux_kernel | 2.5.50 | |
| linux | linux_kernel | 2.5.51 | |
| linux | linux_kernel | 2.5.52 | |
| linux | linux_kernel | 2.5.53 | |
| linux | linux_kernel | 2.5.54 | |
| linux | linux_kernel | 2.5.55 | |
| linux | linux_kernel | 2.5.56 | |
| linux | linux_kernel | 2.5.57 | |
| linux | linux_kernel | 2.5.58 | |
| linux | linux_kernel | 2.5.59 | |
| linux | linux_kernel | 2.5.60 | |
| linux | linux_kernel | 2.5.61 | |
| linux | linux_kernel | 2.5.62 | |
| linux | linux_kernel | 2.5.63 | |
| linux | linux_kernel | 2.5.64 | |
| linux | linux_kernel | 2.5.65 | |
| linux | linux_kernel | 2.5.66 | |
| linux | linux_kernel | 2.5.67 | |
| linux | linux_kernel | 2.5.68 | |
| linux | linux_kernel | 2.5.69 | |
| linux | linux_kernel | 2.6.0 | |
| linux | linux_kernel | 2.6.1 | |
| linux | linux_kernel | 2.6.2 | |
| linux | linux_kernel | 2.6.3 | |
| linux | linux_kernel | 2.6.4 | |
| linux | linux_kernel | 2.6.5 | |
| linux | linux_kernel | 2.6.6 | |
| linux | linux_kernel | 2.6.7 | |
| linux | linux_kernel | 2.6.8 | |
| linux | linux_kernel | 2.6.8.1 | |
| linux | linux_kernel | 2.6.8.1.5 | |
| linux | linux_kernel | 2.6.9 | |
| linux | linux_kernel | 2.6.10 | |
| linux | linux_kernel | 2.6.11 | |
| linux | linux_kernel | 2.6.11.1 | |
| linux | linux_kernel | 2.6.11.2 | |
| linux | linux_kernel | 2.6.11.3 | |
| linux | linux_kernel | 2.6.11.4 | |
| linux | linux_kernel | 2.6.11.5 | |
| linux | linux_kernel | 2.6.11.6 | |
| linux | linux_kernel | 2.6.11.7 | |
| linux | linux_kernel | 2.6.11.8 | |
| linux | linux_kernel | 2.6.11.9 | |
| linux | linux_kernel | 2.6.11.10 | |
| linux | linux_kernel | 2.6.11.11 | |
| linux | linux_kernel | 2.6.11.12 | |
| linux | linux_kernel | 2.6.12 | |
| linux | linux_kernel | 2.6.12.1 | |
| linux | linux_kernel | 2.6.12.2 | |
| linux | linux_kernel | 2.6.12.3 | |
| linux | linux_kernel | 2.6.12.4 | |
| linux | linux_kernel | 2.6.12.5 | |
| linux | linux_kernel | 2.6.12.6 | |
| linux | linux_kernel | 2.6.12.12 | |
| linux | linux_kernel | 2.6.12.22 | |
| linux | linux_kernel | 2.6.13 | |
| linux | linux_kernel | 2.6.13.1 | |
| linux | linux_kernel | 2.6.13.2 | |
| linux | linux_kernel | 2.6.13.3 | |
| linux | linux_kernel | 2.6.13.4 | |
| linux | linux_kernel | 2.6.13.5 | |
| linux | linux_kernel | 2.6.14 | |
| linux | linux_kernel | 2.6.14.1 | |
| linux | linux_kernel | 2.6.14.2 | |
| linux | linux_kernel | 2.6.14.3 | |
| linux | linux_kernel | 2.6.14.4 | |
| linux | linux_kernel | 2.6.14.5 | |
| linux | linux_kernel | 2.6.14.6 | |
| linux | linux_kernel | 2.6.14.7 | |
| linux | linux_kernel | 2.6.15 | |
| linux | linux_kernel | 2.6.15.1 | |
| linux | linux_kernel | 2.6.15.2 | |
| linux | linux_kernel | 2.6.15.3 | |
| linux | linux_kernel | 2.6.15.4 | |
| linux | linux_kernel | 2.6.15.5 | |
| linux | linux_kernel | 2.6.15.6 | |
| linux | linux_kernel | 2.6.15.7 | |
| linux | linux_kernel | 2.6.15.11 | |
| linux | linux_kernel | 2.6.16 | |
| linux | linux_kernel | 2.6.16.1 | |
| linux | linux_kernel | 2.6.16.2 | |
| linux | linux_kernel | 2.6.16.3 | |
| linux | linux_kernel | 2.6.16.4 | |
| linux | linux_kernel | 2.6.16.5 | |
| linux | linux_kernel | 2.6.16.6 | |
| linux | linux_kernel | 2.6.16.7 | |
| linux | linux_kernel | 2.6.16.8 | |
| linux | linux_kernel | 2.6.16.9 | |
| linux | linux_kernel | 2.6.16.10 | |
| linux | linux_kernel | 2.6.16.11 | |
| linux | linux_kernel | 2.6.16.12 | |
| linux | linux_kernel | 2.6.16.13 | |
| linux | linux_kernel | 2.6.16.14 | |
| linux | linux_kernel | 2.6.16.15 | |
| linux | linux_kernel | 2.6.16.16 | |
| linux | linux_kernel | 2.6.16.17 | |
| linux | linux_kernel | 2.6.16.18 | |
| linux | linux_kernel | 2.6.16.19 | |
| linux | linux_kernel | 2.6.16.20 | |
| linux | linux_kernel | 2.6.16.21 | |
| linux | linux_kernel | 2.6.16.22 | |
| linux | linux_kernel | 2.6.16.23 | |
| linux | linux_kernel | 2.6.16.24 | |
| linux | linux_kernel | 2.6.16.25 | |
| linux | linux_kernel | 2.6.16.26 | |
| linux | linux_kernel | 2.6.16.27 | |
| linux | linux_kernel | 2.6.16.28 | |
| linux | linux_kernel | 2.6.16.29 | |
| linux | linux_kernel | 2.6.16.30 | |
| linux | linux_kernel | 2.6.16.31 | |
| linux | linux_kernel | 2.6.16.32 | |
| linux | linux_kernel | 2.6.16.33 | |
| linux | linux_kernel | 2.6.16.34 | |
| linux | linux_kernel | 2.6.16.35 | |
| linux | linux_kernel | 2.6.16.36 | |
| linux | linux_kernel | 2.6.16.37 | |
| linux | linux_kernel | 2.6.16.38 | |
| linux | linux_kernel | 2.6.16.39 | |
| linux | linux_kernel | 2.6.16.40 | |
| linux | linux_kernel | 2.6.16.41 | |
| linux | linux_kernel | 2.6.16.43 | |
| linux | linux_kernel | 2.6.16.44 | |
| linux | linux_kernel | 2.6.16.45 | |
| linux | linux_kernel | 2.6.16.46 | |
| linux | linux_kernel | 2.6.16.47 | |
| linux | linux_kernel | 2.6.16.48 | |
| linux | linux_kernel | 2.6.16.49 | |
| linux | linux_kernel | 2.6.16.50 | |
| linux | linux_kernel | 2.6.16.51 | |
| linux | linux_kernel | 2.6.16.52 | |
| linux | linux_kernel | 2.6.16.53 | |
| linux | linux_kernel | 2.6.17 | |
| linux | linux_kernel | 2.6.17.1 | |
| linux | linux_kernel | 2.6.17.2 | |
| linux | linux_kernel | 2.6.17.3 | |
| linux | linux_kernel | 2.6.17.4 | |
| linux | linux_kernel | 2.6.17.5 | |
| linux | linux_kernel | 2.6.17.6 | |
| linux | linux_kernel | 2.6.17.7 | |
| linux | linux_kernel | 2.6.17.8 | |
| linux | linux_kernel | 2.6.17.9 | |
| linux | linux_kernel | 2.6.17.10 | |
| linux | linux_kernel | 2.6.17.11 | |
| linux | linux_kernel | 2.6.17.12 | |
| linux | linux_kernel | 2.6.17.13 | |
| linux | linux_kernel | 2.6.17.14 | |
| linux | linux_kernel | 2.6.18 | |
| linux | linux_kernel | 2.6.18.0 | |
| linux | linux_kernel | 2.6.18.1 | |
| linux | linux_kernel | 2.6.18.2 | |
| linux | linux_kernel | 2.6.18.3 | |
| linux | linux_kernel | 2.6.18.4 | |
| linux | linux_kernel | 2.6.18.5 | |
| linux | linux_kernel | 2.6.18.6 | |
| linux | linux_kernel | 2.6.18.7 | |
| linux | linux_kernel | 2.6.18.8 | |
| linux | linux_kernel | 2.6.19 | |
| linux | linux_kernel | 2.6.19.1 | |
| linux | linux_kernel | 2.6.19.2 | |
| linux | linux_kernel | 2.6.19.3 | |
| linux | linux_kernel | 2.6.19.4 | |
| linux | linux_kernel | 2.6.20 | |
| linux | linux_kernel | 2.6.20.1 | |
| linux | linux_kernel | 2.6.20.2 | |
| linux | linux_kernel | 2.6.20.3 | |
| linux | linux_kernel | 2.6.20.4 | |
| linux | linux_kernel | 2.6.20.5 | |
| linux | linux_kernel | 2.6.20.6 | |
| linux | linux_kernel | 2.6.20.7 | |
| linux | linux_kernel | 2.6.20.8 | |
| linux | linux_kernel | 2.6.20.9 | |
| linux | linux_kernel | 2.6.20.10 | |
| linux | linux_kernel | 2.6.20.11 | |
| linux | linux_kernel | 2.6.20.12 | |
| linux | linux_kernel | 2.6.20.13 | |
| linux | linux_kernel | 2.6.20.14 | |
| linux | linux_kernel | 2.6.20.15 | |
| linux | linux_kernel | 2.6.21 | |
| linux | linux_kernel | 2.6.21.1 | |
| linux | linux_kernel | 2.6.21.2 | |
| linux | linux_kernel | 2.6.21.3 | |
| linux | linux_kernel | 2.6.21.4 | |
| linux | linux_kernel | 2.6.22 | |
| linux | linux_kernel | 2.6.22.1 | |
| linux | linux_kernel | 2.6.22.3 | |
| linux | linux_kernel | 2.6.22.4 | |
| linux | linux_kernel | 2.6.22.5 | |
| linux | linux_kernel | 2.6.22.6 | |
| linux | linux_kernel | 2.6.22.7 | |
| linux | linux_kernel | 2.6.22.16 | |
| linux | linux_kernel | 2.6.23 | |
| linux | linux_kernel | 2.6.23.1 | |
| linux | linux_kernel | 2.6.23.2 | |
| linux | linux_kernel | 2.6.23.3 | |
| linux | linux_kernel | 2.6.23.4 | |
| linux | linux_kernel | 2.6.23.5 | |
| linux | linux_kernel | 2.6.23.6 | |
| linux | linux_kernel | 2.6.23.7 | |
| linux | linux_kernel | 2.6.23.9 | |
| linux | linux_kernel | 2.6.23.14 | |
| linux | linux_kernel | 2.6.24 | |
| linux | linux_kernel | 2.6.24 | |
| midnightbsd | midnightbsd | - | |
| netbsd | netbsd | - | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| netbsd | netbsd | 1.3 | |
| netbsd | netbsd | 1.3.1 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| netbsd | netbsd | 1.4 | |
| netbsd | netbsd | 1.4.1 | |
| netbsd | netbsd | 1.4.2 | |
| netbsd | netbsd | 1.4.3 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| netbsd | netbsd | 1.6.1 | |
| netbsd | netbsd | 1.6.2 | |
| netbsd | netbsd | 2.0 | |
| netbsd | netbsd | 2.0.1 | |
| netbsd | netbsd | 2.0.2 | |
| netbsd | netbsd | 2.0.3 | |
| netbsd | netbsd | 2.0.4 | |
| netbsd | netbsd | 2.1 | |
| netbsd | netbsd | 2.1.1 | |
| netbsd | netbsd | 3.0 | |
| netbsd | netbsd | 3.0.1 | |
| netbsd | netbsd | 3.0.2 | |
| netbsd | netbsd | 3.1 | |
| netbsd | netbsd | 3.99.15 | |
| netbsd | netbsd | 4.0 | |
| openbsd | openbsd | - | |
| openbsd | openbsd | 2.0 | |
| openbsd | openbsd | 2.1 | |
| openbsd | openbsd | 2.2 | |
| openbsd | openbsd | 2.3 | |
| openbsd | openbsd | 2.4 | |
| openbsd | openbsd | 2.5 | |
| openbsd | openbsd | 2.6 | |
| openbsd | openbsd | 2.7 | |
| openbsd | openbsd | 2.8 | |
| openbsd | openbsd | 2.9 | |
| openbsd | openbsd | 3.0 | |
| openbsd | openbsd | 3.1 | |
| openbsd | openbsd | 3.2 | |
| openbsd | openbsd | 3.3 | |
| openbsd | openbsd | 3.4 | |
| openbsd | openbsd | 3.5 | |
| openbsd | openbsd | 3.6 | |
| openbsd | openbsd | 3.7 | |
| openbsd | openbsd | 3.8 | |
| openbsd | openbsd | 3.9 | |
| openbsd | openbsd | 4.0 | |
| openbsd | openbsd | 4.1 | |
| openbsd | openbsd | 4.2 | |
| openbsd | openbsd | 4.3 | |
| trustedbsd | trustedbsd | - | |
| microsoft | windows_2000 | - | |
| microsoft | windows_server_2003 | - | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_vista | - | |
| microsoft | windows_vista | - | |
| microsoft | windows_xp | - | |
| microsoft | windows_xp | - | |
| cisco | catalyst_blade_switch_3020_firmware | * | |
| cisco | catalyst_blade_switch_3020 | - | |
| cisco | catalyst_blade_switch_3120_firmware | * | |
| cisco | catalyst_blade_switch_3120 | - | |
| cisco | catalyst_blade_switch_3120x_firmware | * | |
| cisco | catalyst_blade_switch_3120x | - | |
| oracle | solaris | 8 | |
| oracle | solaris | 9 | |
| oracle | solaris | 10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsd:bsd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD1A8C6-A3A4-47A6-B8B0-6CB6787C5B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsd:bsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1119D3-A2B4-45C2-8EC1-F28EB948CDC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsd:bsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "32E0E862-63E6-42DA-8CCC-AAAC581FE211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsd:bsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "388BB5C2-53B3-4597-913C-7D86E585CCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsd:bsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C37EB61-50BE-451A-916B-B05BAC79962B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2466F147-1EEC-442F-8066-EF7C65D17F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E922C-239D-4F98-87ED-BB7998BE99C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD254562-D74A-4D7C-B846-E242D785B830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFBCFEE-C24C-4D38-83F9-810E05D27901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "950CE88E-E396-4D32-AC9D-B76EB2B537C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F185FD65-A2A8-4170-8419-E939450055B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7ECF99E9-1C3B-4D8F-A52E-28D0BFEB2E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A37687D5-1239-474B-994C-C638AB9B105B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D6DE57-1B0D-4F40-9E9F-CB72BAC0201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7267B83B-1DC7-4A38-9338-B3BC3B2ECD74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6230A85-30D2-4934-A8A0-11499B7B09F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96C6FB91-22FC-4DA9-B19A-8065D8B89F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06CF972E-A755-4FB7-BFD7-9F4CDDEA4F1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B4FC3E9-E88E-4C87-ADA4-AC9370BBFD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E72B3032-154D-45C2-8380-CCB28E4F2E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87395248-5E9C-4257-9CC7-2E2805B69F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A476BFB0-E587-41A6-B691-2609E0146C2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E9A00D5-A594-4C64-B982-10CB4C554F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "327028C0-D9F3-46A3-B2CC-4630FE18C43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3824A6CC-5C3A-4146-9CDD-B7B213527552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3\\(3.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F9FE0721-5166-4756-B620-9C2DFCB252A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3\\(3.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "630947E3-6D04-4A99-AAB3-B988BD513885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3\\(4.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "850D8A04-E853-4570-A81D-EC053C47BB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3\\(4.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67D70854-1DEC-43FF-ABA6-85009A253874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D48379D9-1189-4176-A48E-A6ED9B3F91BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.3\\(19a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5A60756F-CF53-4E57-B313-EC6B9E160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11:*:*:*:*:*:*:*",
"matchCriteriaId": "155F8A0D-EE85-4FB9-97FB-E410A9374310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D626B494-6210-4F74-8D17-BA480B6665C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B5F4E6F1-8624-4672-A4F3-EC79E49E6D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E41CBC97-0C46-4717-A525-3A674F07C122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(17\\)bt:*:*:*:*:*:*:*",
"matchCriteriaId": "275BF994-A447-4C58-855C-E0C21D114B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4742B4D8-971B-450F-916C-C83FAB808BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(20.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86AFAF8F-B8E2-453B-895C-F94138720745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(22a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D8524C5-FBC3-4A2F-96D0-15CC43287DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(22b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53F3AD1F-6213-42A7-9C93-EA42C3F4288E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0\\(x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "180E123C-BC2B-4CD0-B772-46253E46B93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0.12\\(a\\)bt:*:*:*:*:*:*:*",
"matchCriteriaId": "321EEFCA-4DDE-4F37-9F55-55B9500CC104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82B6315D-7BEF-419F-9B93-3CF669E986D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "19F493EC-885B-4EA6-B1F3-CA5777B67D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F7AE747C-2507-46FE-B3F8-3C1E6F50353D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(7\\)aa:*:*:*:*:*:*:*",
"matchCriteriaId": "4B85BFC6-7053-4456-B52A-45F36F285F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(7\\)ca:*:*:*:*:*:*:*",
"matchCriteriaId": "D996F0BC-80EF-45BD-BA24-6F2E22C67D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(9\\)ia:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E95809-C581-4D40-8237-AD74742EBB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC86CED5-1421-40A9-9573-B87EDA6E462E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "328D5C81-27AC-41B9-81FE-7666CE9085B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B36FF40E-EF0A-4149-A35D-8D765EBFFAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(13\\)aa:*:*:*:*:*:*:*",
"matchCriteriaId": "51382DA5-4EBC-44DC-951F-32FC7AA719A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(13\\)ca:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA2A1FD-11A3-403A-B5A6-0220CA18EC99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(13\\)ia:*:*:*:*:*:*:*",
"matchCriteriaId": "3493F361-0C8A-4B66-AF6B-926E2D66BBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1F7375C1-F60A-4793-8C09-70C950F36F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DB9CBC6C-9824-486C-B8E2-76DF3EC2A5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(15\\)aa:*:*:*:*:*:*:*",
"matchCriteriaId": "FB42AFD1-7FEE-45D4-8CF4-58EF43AB7C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(15\\)ca:*:*:*:*:*:*:*",
"matchCriteriaId": "841513AE-7521-4670-8438-AE5EB70F3A48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(15\\)ia:*:*:*:*:*:*:*",
"matchCriteriaId": "14BDD1FC-F0DF-443B-A498-CDD3A51F146E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF3E8F79-6177-453C-99B5-BC9BC7670869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(16\\)aa:*:*:*:*:*:*:*",
"matchCriteriaId": "4B244655-A6A5-40D0-A0D1-34C814DA9389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(16\\)ia:*:*:*:*:*:*:*",
"matchCriteriaId": "CA064273-1A6E-4303-BAAB-F585691EF9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "672742B0-7D4B-4B2E-96C2-0C74D9A5400A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(17\\)cc:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8158E2-0DFE-479B-B085-9775FF700C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(17\\)ct:*:*:*:*:*:*:*",
"matchCriteriaId": "29CA3070-B75D-4E56-A338-E10F5509394E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF085D4E-D2EB-46FA-A426-FC53EB7F5FFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(20\\)aa4:*:*:*:*:*:*:*",
"matchCriteriaId": "E36721A7-B29F-4C43-B77B-7C8BB9B8DF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2AA82A6-B7B8-4B3A-8E6A-968C24EE0FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(24\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81640A61-B4E4-4209-A9AB-726C15522037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(24a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A53348EA-99B2-4091-9112-B3428E019597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(24b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6022E5C8-34BD-45C4-8FD0-7898902B01A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(24c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9408971-2732-4CBF-A94E-8A1778DFEBCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(28a\\)ct:*:*:*:*:*:*:*",
"matchCriteriaId": "D1795C25-47DD-48E2-B1DE-FD080C497B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(28a\\)ia:*:*:*:*:*:*:*",
"matchCriteriaId": "6FDC895C-803F-4B04-BBC8-3571C7ECCC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(36\\)ca2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2ED206F-850A-4AEE-87DA-CC2688BC1173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(36\\)ca4:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B084A3-9F94-4F4C-8622-2D56BB2B3593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(36\\)cc2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF849813-7A2B-4EB2-8A93-2693636D4E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1\\(36\\)cc4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C43AE16-7B01-4BE1-857D-CFE8AB504FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1aa:*:*:*:*:*:*:*",
"matchCriteriaId": "C2842913-FEFF-4443-809B-F1793DDD08AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1ca:*:*:*:*:*:*:*",
"matchCriteriaId": "478D7C73-4039-4352-ADFF-55623B011C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1cc:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F31EAA-F76F-4182-B90D-6997E52EEB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1ct:*:*:*:*:*:*:*",
"matchCriteriaId": "8D419BED-A8C0-4304-A0E9-7805CE3E7FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1ia:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4EA445-2947-4754-81BF-2046DFD4DE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8026B11-6144-467F-8094-F4F73CD37526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "550EBE5B-3136-4D67-B2AF-869DE111A821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(4\\)f:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1D2A78-BCE8-4E8A-B7DE-36A64B81820C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(4\\)f1:*:*:*:*:*:*:*",
"matchCriteriaId": "17DE2319-19D9-4C02-80B4-0A6AAD853867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(4\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB0E1F3-CF25-4FD6-B33F-8C9FD660D8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(4\\)xaf:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E42FA2-0827-4FCC-98F2-A5C0F79C7016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "82BFEABB-6E90-4A24-BBE3-2BDB524028A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8\\)p:*:*:*:*:*:*:*",
"matchCriteriaId": "F169E322-3D72-4F86-BD5F-74589E5DD823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8\\)sa1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA5D334-6DB8-44B0-92EF-8694BBE79A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8\\)sa3:*:*:*:*:*:*:*",
"matchCriteriaId": "099CFED1-0E2F-46B2-8136-BFA146EB9A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8\\)sa5:*:*:*:*:*:*:*",
"matchCriteriaId": "754F06BF-EB7D-4DAD-BF5D-7DF2619A7499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8.2\\)sa6:*:*:*:*:*:*:*",
"matchCriteriaId": "D97C1243-BBEB-44AC-96E1-AC46F946EA42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(8.9\\)sa6:*:*:*:*:*:*:*",
"matchCriteriaId": "22CD9785-D78E-408F-A3A0-3974DFF3DE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(9\\)p:*:*:*:*:*:*:*",
"matchCriteriaId": "047F9781-38B8-488C-B999-A3CA6BDB639C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(9\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3586C0-64AF-4584-8F56-7E0756B4A521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B784C9F-79EE-4D08-9D03-985EC7E378FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(10\\)bc:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBA8825-442E-4CAD-A9B2-4DD8546F35F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5947E00E-68E7-4E8C-99C5-D69CA67CFCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(11b\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "394E271B-557A-496C-813E-E067D0188136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(14\\)gs2:*:*:*:*:*:*:*",
"matchCriteriaId": "0023E04A-6244-4221-AE19-616265074BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(15\\)g:*:*:*:*:*:*:*",
"matchCriteriaId": "52C4A8A9-A17E-48A1-99EC-A9F87CE17318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(15a\\)p:*:*:*:*:*:*:*",
"matchCriteriaId": "B1928C83-1379-4D6C-A7C0-FC7326E558C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(15b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0485E527-0305-4C64-805B-6AD5E611EE50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68C31722-3157-41D6-AABF-B9B18247CE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(16\\)p:*:*:*:*:*:*:*",
"matchCriteriaId": "F33246EE-340C-4D61-B5D1-780A0785B9D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F106D24F-7EDD-4A52-9A3A-F25E6EEC1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED418AF9-FCC1-4BFC-8526-AA1BBD5F8E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(19\\)gs0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF4A90A-8F19-48C6-A340-0CF7701D4F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(19a\\)gs6:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5681AC-1FF2-4CC9-959B-5B56E66AB1C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(23a\\)bc1:*:*:*:*:*:*:*",
"matchCriteriaId": "82DE2BBD-70F5-42D6-AC32-A2AE2CF21789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(26\\)p2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7B8494-A9C5-4ACD-B345-9650DE3E1003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(26\\)p5:*:*:*:*:*:*:*",
"matchCriteriaId": "8C30199A-2150-45A3-867C-AAAAEFECEED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(26a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6EDF0979-4462-4715-A4A0-77DC3273CF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(26b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FA28477F-5F6A-4627-B521-248A4533E7C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2\\(26e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4EF5B2CA-33BC-4D82-97E9-19378EF7AE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2bc:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5BBB7A-3154-4B90-BFC9-17D788387002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2f:*:*:*:*:*:*:*",
"matchCriteriaId": "64999EDC-0E53-4736-BA6E-219ADE6E75B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2gs:*:*:*:*:*:*:*",
"matchCriteriaId": "95ACBC17-10FA-449C-B418-F705E9A81363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2p:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC1411B-4E7E-4F57-B025-9FE27B09C7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2sa:*:*:*:*:*:*:*",
"matchCriteriaId": "AA95673E-1686-48D7-8FE9-99D8FAB47FCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2wa3:*:*:*:*:*:*:*",
"matchCriteriaId": "36548158-EA5E-4638-9309-532B1CCD20A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2wa4:*:*:*:*:*:*:*",
"matchCriteriaId": "29122FF8-92A4-4072-8B8F-2F9AC79BA4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.2xa:*:*:*:*:*:*:*",
"matchCriteriaId": "583E7622-18CB-4C58-B714-F14CB12D1491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A6F8329-15C7-4FED-A61D-5AF4F3A33976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(1\\)ed:*:*:*:*:*:*:*",
"matchCriteriaId": "CD13732A-DAE0-4D5B-9DAC-6D2CF391220D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(1\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "A53DE80A-5865-4514-BE14-BA5992EE7BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(2\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "89347FD1-1C65-4947-8AA6-CCCB0F42AC28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(7\\)db1:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CB1B7D-F47E-488D-A4BB-5DABB2406673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(8\\)db2:*:*:*:*:*:*:*",
"matchCriteriaId": "C03D666A-4FFD-4486-B8ED-183FC10821E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(8\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8811993-BEBB-448C-A23A-EDF1344AC076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(11\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7C99C7-ABF5-4581-B3CB-A8B2DCD7A5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40EEA20D-C974-418D-90AD-2C7099BA76E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(11b\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "918ED671-E08D-4DA6-9FDB-E0878C759F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(11c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0DE733B-BDBC-49B0-B63C-4DC291DF99B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3\\(11d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C353926-CFF7-4B84-84FE-0D1B3CFB2057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3aa:*:*:*:*:*:*:*",
"matchCriteriaId": "D8783C0A-990A-4B79-8BF9-64E425DA585E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3da:*:*:*:*:*:*:*",
"matchCriteriaId": "11B3630E-6ED6-4A8F-8FBC-AA68E81490F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3db:*:*:*:*:*:*:*",
"matchCriteriaId": "046D8679-38F8-4DC9-82A7-2562DE0495F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3ha:*:*:*:*:*:*:*",
"matchCriteriaId": "92509012-2DA2-4045-9AE4-4D8681F64D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3ma:*:*:*:*:*:*:*",
"matchCriteriaId": "1C993003-8B99-4CFF-8546-888E8C5D8FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3na:*:*:*:*:*:*:*",
"matchCriteriaId": "80AEA6F5-907D-493F-AB07-971D13BC1CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3t:*:*:*:*:*:*:*",
"matchCriteriaId": "655BB9C1-BA90-452E-A9C8-9B1E15B99650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3wa4:*:*:*:*:*:*:*",
"matchCriteriaId": "3D3267A4-3654-4C7A-966F-9F26B132A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3xa:*:*:*:*:*:*:*",
"matchCriteriaId": "0A747DB2-A031-470F-8EA5-F37FBE175D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5CFBBDA3-8A5E-407D-8608-45C1BD56BF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(1\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "D14EBDCA-7CEB-4394-95EF-D4AEE991E2DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(1\\)st:*:*:*:*:*:*:*",
"matchCriteriaId": "F006CA61-42CD-4928-A445-E54B968553C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(1\\)w:*:*:*:*:*:*:*",
"matchCriteriaId": "53D87AC5-0F63-4AE8-AC05-FCEC98D18BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(1\\)xa3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE210B04-7ECD-419C-9258-0F619A353A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(1\\)xb:*:*:*:*:*:*:*",
"matchCriteriaId": "3B467741-B277-4128-9804-E13ED23FD310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(1\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7EE856-9CE7-49FD-8ADC-05C580CD54A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77DDC99D-8B73-452C-94A7-A9A48F2F379B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2\\)xc:*:*:*:*:*:*:*",
"matchCriteriaId": "5145C737-2D5E-4BD4-BA9F-66ED2887A4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2\\)xd:*:*:*:*:*:*:*",
"matchCriteriaId": "C48466C4-5A1E-4C71-8822-32D387B36B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "12551307-4D72-4D24-BA0D-07235EB762AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2\\)xf:*:*:*:*:*:*:*",
"matchCriteriaId": "08E23131-D207-4D98-96D5-2B71FF792604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2\\)xg:*:*:*:*:*:*:*",
"matchCriteriaId": "1BFB5A8C-BF1B-4111-9E6A-F8D8FE1476AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E32C808-0471-443D-98AC-DF30AFFE633D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "593E5730-3777-4DEF-A1D3-73AF0B98448B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF2207E5-7458-40C5-AEF4-73B271EAB3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7109585-1433-4940-B7C9-C561DEAF1498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F96BEB-19C2-48E4-8884-EA61B32D5BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "851EF536-76E0-40E6-9051-7412A8235B4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3.3\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "4E61151D-1658-49B2-AEAA-11F61AB71118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3.4\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "49869323-98A1-4258-8D7E-B6DE9DA45CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3.6\\)w5\\(9.0.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52BDD49A-6D71-4C33-8B09-C0E9F2DD030E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "32B93745-F14C-428E-9A90-47ACE43451EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A0D82E1-CCF7-429B-A637-479E839EAE3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(4\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D1F7A6-6DB3-41D1-BD87-DE1898EC91A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(4\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1B2747-4A9C-44FC-BBA8-39E338B30417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(4\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "65176343-0120-4038-844E-FDE48A920270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(4\\)xe1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAE67104-9212-4E28-886B-ADFA9503DBBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(4\\)xm:*:*:*:*:*:*:*",
"matchCriteriaId": "01F9B9CF-787B-4BE0-988C-669531BFFAA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(4\\)xm1:*:*:*:*:*:*:*",
"matchCriteriaId": "43D88280-5701-45EF-99CA-3056AD2216F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5BB7513-C232-4B4F-BE68-972B05086ABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4F875A-D58F-47BA-A441-2362C1688256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCEE111-BEFA-4285-B892-58DE3964F497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA263B60-E7C0-4374-96DF-6E4EB9C16743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C570B5A-185E-4AA7-A8B8-BE80605020FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc:*:*:*:*:*:*:*",
"matchCriteriaId": "2E17E7C3-53FE-424F-8F47-7B8C70C9807E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc2:*:*:*:*:*:*:*",
"matchCriteriaId": "47E6CE0D-852B-4169-9849-98CDC91E3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc2b:*:*:*:*:*:*:*",
"matchCriteriaId": "DD620020-D5B4-4FE3-AEA5-C43686992F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4705F7-8E36-4C2D-A23C-E6002E459F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc3b:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A0DF3A-430D-444F-BD02-D18D10245138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc5a:*:*:*:*:*:*:*",
"matchCriteriaId": "DA39DE28-F3D3-4613-97EA-11896913F300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(05\\)wc8:*:*:*:*:*:*:*",
"matchCriteriaId": "27476F7B-9DD2-4A7F-8C0A-65EF52F70DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc9:*:*:*:*:*:*:*",
"matchCriteriaId": "758CF4D4-46B9-4EE1-9C43-0620D1C31EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc9a:*:*:*:*:*:*:*",
"matchCriteriaId": "62559EC5-D019-4C78-B589-80E16784A821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc11:*:*:*:*:*:*:*",
"matchCriteriaId": "E52672D5-5DFD-484E-9463-522AA4348456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wc13:*:*:*:*:*:*:*",
"matchCriteriaId": "DE397409-D527-4283-833C-8A79F3CF8749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)wx:*:*:*:*:*:*:*",
"matchCriteriaId": "F92CF99B-5043-4EDA-965F-3D8F32F9D742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "15295BD6-CC76-41BE-B5A0-A08888207011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)xk:*:*:*:*:*:*:*",
"matchCriteriaId": "1423776F-1C73-4872-81F6-29C411B6E545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)xk2:*:*:*:*:*:*:*",
"matchCriteriaId": "06FA18C8-0152-4035-8C6F-9AAC4B1985B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)xn:*:*:*:*:*:*:*",
"matchCriteriaId": "49DB7F15-B0C2-4EF0-A3E7-6DFD03C0A25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)xn1:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE88EB7-215B-4FCA-82DD-AC2A9D243323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)xs:*:*:*:*:*:*:*",
"matchCriteriaId": "763A8E4B-B394-4EB2-829D-70A030551D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)xu:*:*:*:*:*:*:*",
"matchCriteriaId": "198E5016-4494-4BA0-BC9A-C588264F79E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5\\)yb4:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3A893-6322-4E04-803E-1D18224E7AF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5.1\\)xp:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB89FCC-6602-4B41-9BFA-91B0B48827A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5.2\\)xu:*:*:*:*:*:*:*",
"matchCriteriaId": "D5DF5835-5DE4-4C4E-BFF3-2B15B01771B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5.3\\)wc1:*:*:*:*:*:*:*",
"matchCriteriaId": "238DCBE2-E511-42D1-B938-3FA15E4969E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5.4\\)wc1:*:*:*:*:*:*:*",
"matchCriteriaId": "10065276-0C45-4B35-8ACC-9EB8A73E5739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(5a\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "21703640-6091-4136-A2A9-B046E0A8406E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ECCE69A3-41C6-4893-86D4-7F264352C8A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C575430A-762A-405F-95DA-92589BF4C611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)db2:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA412BD-1EFD-4FE2-AC6D-E9AC93B1F750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)dc1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E45CDF-F745-4336-B5D2-0917C66C1D08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE808362-AFA6-4270-8ECE-8FFD10EE3678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)sc:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA0B5C8-9BB3-40BC-ADED-3A21DD019A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "FA654CE6-82C3-43D0-BAED-70E88A740BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "1720AE47-5ED4-4E5D-AF25-F9FD7E43F6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "E339A080-2572-4764-BB7C-F49F66432BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)wx5\\(15a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2318131B-BA10-4C44-8F90-215CDA28576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "E83EFCCC-D01E-4F0E-9990-1F323167B430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xe2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E737A2B-8B1A-4F53-B1AA-ECB354D10D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xf:*:*:*:*:*:*:*",
"matchCriteriaId": "0C977C71-7F61-444C-A0E4-14E5269E6B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xf1:*:*:*:*:*:*:*",
"matchCriteriaId": "533BD959-48CF-4664-B4EC-37314AB93EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xk:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC5E6E9-E639-424B-963D-2760B2C38D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xk2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDCC99B-BC23-4101-9D73-A21107FF8630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xk3:*:*:*:*:*:*:*",
"matchCriteriaId": "4ED4869D-EB53-4A7B-A630-69B8D76D48DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7\\)xv:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5AE2F8-53B5-4B13-A1DB-57E2531943A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7.4\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "EB26AA22-D05C-4B88-8E1B-63A8EFE6A841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6833BBD-CB8C-40E3-BCB1-193E0E03A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "387FCCC1-B05D-4493-9F05-BAC5A0E57F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(8\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "33E0F459-8A71-4FAE-BE7A-6C56E28988BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(8.0.2\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "F7976536-FD4C-4AE7-8838-6E28E0CFE740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(8.3\\)sc:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D2F695-9A42-4425-8CA6-63CB8E99F893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E63F87A-7BBB-4619-935E-F1F0C3C7E322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B6ABDAE-182B-4367-80B6-B8C8ABF92059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(9\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EB360F-7BAE-4BB5-BB55-E3FFC567A1E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(9\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "EAA03CF9-26C6-4621-B73C-EBABB20CB250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(9a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B94014A-8415-4174-AF4B-C9026C6EC559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "66FEB240-8BB9-4AD6-8188-836D866F4F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10\\)s3b:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F41EB6-4214-4A86-BBB5-619154971F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "14E5113C-945B-40CB-9F5C-0B7063704364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB25BAC-590E-4496-AB43-64A8EEBFDCBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10\\)w5:*:*:*:*:*:*:*",
"matchCriteriaId": "75528B66-3966-4299-B9BD-69B039AB2F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10\\)w5\\(18f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09DFBF77-BBE3-41BA-A6C6-32DD555F0AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10\\)w5\\(18g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "77D178AF-15CB-4352-8193-741F8B49688A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(10a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1863F9E2-9FFB-4C19-92E3-15DD9ED72608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(11\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "403EE717-FD69-405C-9544-6349CBE09D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(11\\)st4:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF987B2-BA35-4933-85F7-7F3F2C732961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(11a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D77A942A-4A2C-4A87-A866-12B758DB645B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63FACCFF-1222-4C02-A286-717E954A7ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(12\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "07E0B16B-D4C1-4140-830F-4F5C0D90AD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(12\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "A15063AA-2800-4856-B3F2-F727BE44BAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(12a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B3C8355-42F3-43DE-A2D9-0B77138461FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(13\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "C9BD6B1C-DDA0-4C64-84C5-68F51BFAB457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(13\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "050F0FAE-8871-4A14-9180-4779014D9BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(13\\)w5\\(19c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B92AE5F7-DD9A-486C-AB39-580E8E29EB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(13\\)wt6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45246611-F8E6-4DD5-967B-815048CCAC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(13a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3572607D-5E92-4706-8B83-C5CF01E63416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "60C7CA43-AB0C-4085-BB46-78A622241E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(14\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "5D7B8E04-A044-4A32-ADB7-9C25B32E9F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(14\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "EF44B838-8E44-4281-94FD-922A60047F48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(14\\)st:*:*:*:*:*:*:*",
"matchCriteriaId": "353010B4-3E37-4451-9B17-EF5701DCE9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(14\\)st3:*:*:*:*:*:*:*",
"matchCriteriaId": "828D84E5-E8E4-4425-9E35-B1EBDBE245BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(14\\)w5\\(20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4BC109F5-0907-4CDB-90BD-61788921DABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(14a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "279DBE65-0402-4205-8820-48EB20386DB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(15\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "E8ECE5F1-5153-4F93-9618-CF7AD2B3C426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(15\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC97D92-C82C-4CBF-93E3-4215B11FD896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(15\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "295B139A-50F6-48E7-B42D-9A53BCA3777F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(15\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "992DF258-DAEC-4EF1-941D-7DBD347546B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(15\\)sc:*:*:*:*:*:*:*",
"matchCriteriaId": "52531223-05D2-41C7-ADE2-E957443297F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(15\\)sl:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E611A0-B984-47A6-95F3-B582EE0766E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(15a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E93E4A5-6D2B-4E79-B713-7CA1BEE0E36C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BF480A-AD29-4CE3-9B88-E917D75F3FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "2657AD4D-F324-4527-9C4F-360946FE0D89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)s8a:*:*:*:*:*:*:*",
"matchCriteriaId": "211CF1C3-3A5E-49CA-9D01-AC3DB4A7159E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)s10:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C19B39-258F-4A26-B751-8E9AB4807718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)sc:*:*:*:*:*:*:*",
"matchCriteriaId": "641A5B81-B92B-4A65-9828-C7795B0AB4C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)sc3:*:*:*:*:*:*:*",
"matchCriteriaId": "DD766E23-7CA6-4CC3-9CFF-4E81E370CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)st:*:*:*:*:*:*:*",
"matchCriteriaId": "5E68F0B5-D6B5-4012-A563-346FD83AC9B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)st1:*:*:*:*:*:*:*",
"matchCriteriaId": "39C3D66E-C49F-4A41-B67E-D9DE768356FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16\\)w5\\(21\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09D35D67-529A-425D-800A-D986297D42C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16.06\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8BD083-812F-414A-8E21-A8119D3ADE7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(16a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD09CC38-FBBD-44DD-8322-F642DC8B6F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6342713F-C4C6-4451-9637-B744311EC287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "F95185E5-65CF-478B-B450-2FA9C05E4A13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "D281BAB0-994A-418A-8FB9-C8F6509DC56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5E2F5D-ED58-44F3-A26D-D93DCF093C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)sl:*:*:*:*:*:*:*",
"matchCriteriaId": "04586FE6-78BF-4171-8A6A-EFAC90BAC8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)sl2:*:*:*:*:*:*:*",
"matchCriteriaId": "C4444CF9-66F8-4941-8300-4547BA7C164B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)sl6:*:*:*:*:*:*:*",
"matchCriteriaId": "33C204A1-935D-4CFF-8FBA-9A6E37597E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)sl9:*:*:*:*:*:*:*",
"matchCriteriaId": "C88479A3-251A-4D36-9737-CC454640E9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)st1:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA42C30-EB70-4030-9D02-0F3635C980EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)st5:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4EE26C-9B9D-41B5-9E0D-46D599EDE8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17\\)st8:*:*:*:*:*:*:*",
"matchCriteriaId": "1A125557-4893-4C74-800D-D5A2FCFE6C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(17a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3F7B649-548F-46B5-BC0C-AB4013CF290F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4D37B0-460F-4F16-B4F4-33A4DB80FC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "6018992E-1FB3-4ED8-ADC3-3BA49B76165D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18\\)s5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF6C534-3DF7-45A5-8F76-DF75A7EB0E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "684ED113-91F6-41BC-BAF5-62041D850F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18\\)sl:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6E2071-516B-41B6-A897-799B66907FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18\\)st1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEE0CBD-9810-46D0-87B8-0B46926C2F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18\\)w5\\(22b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6710AB1-42BC-4612-99EB-4E3C9A811E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(18b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BDD3722-C5FC-4AD0-83D3-7E5D2F4B51E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13BB143D-CE87-4B5B-8B41-F641C160624F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "53BF4CAE-9C49-412C-A3F3-F365D2E0F619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA28B36-9E53-4D2C-9ADB-C878182DB688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)s2a:*:*:*:*:*:*:*",
"matchCriteriaId": "801F584F-A11B-4C28-BF74-2917BED984DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6B7A5F-DFE1-4597-B121-BF4714CD2E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)sl:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7D5266-C127-4CF4-B1CF-3D639A9E204C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)sl4:*:*:*:*:*:*:*",
"matchCriteriaId": "A78459C5-2762-4652-8D34-772F3A025381",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)sp:*:*:*:*:*:*:*",
"matchCriteriaId": "96C97A75-1498-40A2-8569-581FB3D13598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)st:*:*:*:*:*:*:*",
"matchCriteriaId": "52877E55-8DB4-4E4E-BBA1-72F2E1B0C6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)st2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B9AD4E-CF9A-4772-9E84-6C11401245A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\)st6:*:*:*:*:*:*:*",
"matchCriteriaId": "5B83B0C4-897E-487E-939F-1E40144399EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(19a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9ECD6C4-10AA-4B34-96F3-7EF6A093EDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)sl:*:*:*:*:*:*:*",
"matchCriteriaId": "4017470C-5EB2-4E30-834F-EAAF1738B8FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)sp:*:*:*:*:*:*:*",
"matchCriteriaId": "67EC4390-6EDE-4235-83C9-DE8B0BE74539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C89179A-562B-48C7-A4ED-E98ABC855972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)st2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9032AFE-430F-409F-9558-F2179CE19087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)st6:*:*:*:*:*:*:*",
"matchCriteriaId": "587A531C-B3EF-4B7F-872B-7481E38BA785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)st7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F59E7FC-C1AB-4C4F-B1A6-2A30FF64405F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)sx:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6C9A4F-1F21-4AF4-B694-6A6F3A6C2170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20\\)w5\\(22b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F54D02AB-FED4-49C8-87C4-1745FA867A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20.4\\)sp:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAFB5F7-4343-480B-B3DC-7ADC66582983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(20a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1734A3F8-45A2-4590-9518-0753F503433D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8735B4-CD22-40E7-B7D2-C7A4B559F7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB9029-DC45-4F55-A4FF-F6DEEDFFA150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5310F83-EB1F-423C-A5EF-681FECAD66FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)s4a:*:*:*:*:*:*:*",
"matchCriteriaId": "390D496F-AFFE-4CAA-AA27-66E8C755887C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)s5a:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB6075-DB61-4BDE-BD9E-4DBE06CF25E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "E9AB2EF6-03CC-4C83-B81D-E7C4B2C03B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "6B88B203-B522-428B-A273-2DDFF9CC2898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)sl:*:*:*:*:*:*:*",
"matchCriteriaId": "F3408ED7-AAE8-4BD8-9A1C-B7F048C63CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)st:*:*:*:*:*:*:*",
"matchCriteriaId": "466E247E-5514-4489-A169-513115AB42D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)st6:*:*:*:*:*:*:*",
"matchCriteriaId": "7CEEF0AA-002E-4768-9302-B7CCBBF25C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)st7:*:*:*:*:*:*:*",
"matchCriteriaId": "911BBC74-F18B-470A-A1E9-4D67F5866D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21\\)sx:*:*:*:*:*:*:*",
"matchCriteriaId": "08A4E74E-DE87-4787-8E2E-3C7D77E02224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(21a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "442338B0-C242-45A1-8860-4386A5033C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(22\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "6070D9A2-9A74-46B1-979D-F3F80D69513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(22\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBB2CF9-2F36-4CA8-8814-C34AE5620942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(22\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "7498FF80-0A4D-4510-9C1A-DA24E1A4A4E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(22\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "312DB4D6-81B5-44C5-B99F-D56603C00B98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(23\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "D448CA2F-8C4B-4834-8B36-B2E60D7A2D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(23\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBAB365-6B58-44D2-A078-B3B4369CA32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(23\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "332C413B-7AC7-4475-A968-9D0B7EF14B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(23\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "35999D5E-F831-446C-B509-F1531A2D1DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(23\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "67DEFA98-F2AE-437A-8BE3-7F021C0AE76C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(23\\)sx:*:*:*:*:*:*:*",
"matchCriteriaId": "02F37758-9AC2-4CAA-8A09-5A59FC622267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(23\\)sz:*:*:*:*:*:*:*",
"matchCriteriaId": "53D11EA0-B7E1-46F5-9FCE-0812A7DD776D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3630462-F414-4D6B-8766-7CED5366C852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6D0C5A-87C7-4169-B9DC-2AFA217888F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "58DF5979-73D5-4B2E-B98E-CD0AB8517F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA92F7A-C14E-4186-8E96-51D2BDC40DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "F451B6F0-429F-4B75-93F2-52AF4F65D3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24.2\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "8C3E9A9A-B80F-43BD-8A63-762B60D6DBE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(25\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C634FD5-0716-435A-8D5A-0640DB34C069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(25\\)w5\\(27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A0CCE7A4-A7EC-4926-90BA-B4AA87DAD99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(25\\)w5\\(27c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00EDE5CF-FFB6-463A-B55A-53D76F3B7670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(25\\)w5-27d:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8FB0C2-4ECA-4371-B874-2496232965A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(25.4\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5A4482-9555-4DA0-87CB-3F17EE84EA2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(26\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C17DD4A5-9E82-49EF-965D-DF714DDBFF44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(26\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "25058DEF-01CC-4148-923C-7AC433D82E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(26\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "179CEE21-E5CA-466A-BAF0-8936F2E0B06F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(26\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F22B210-D1B8-4875-BDF2-2BE5B116B527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(26\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "DA1E0BA5-4A57-4D26-A453-A4D5D56DE66B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(26\\)w5\\(28\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D95BA23-C2A0-4659-B664-0B7FE74D9E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(26\\)w5\\(28a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE1C0D16-5167-4A29-A8C8-3EF603AA8894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7A300584-6480-410F-8399-092682A62435",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(27\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "00682210-2C86-4912-A423-5F7011C2FA2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(27\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5C5244-8E39-41AE-931D-D935DC3CE00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(27\\)sv:*:*:*:*:*:*:*",
"matchCriteriaId": "498F4C0D-393D-4406-9752-4E49D6BB42B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(27\\)sv1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C87916-D186-4E36-A4B6-5FA858FFC7E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(27\\)sv2:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF9C316-FF3D-4C52-A770-B8597895BA06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28\\):*:*:*:*:*:*:*",
"matchCriteriaId": "816276EF-A529-4522-9F49-80E9FF64F795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "1336C42E-DA75-4DBC-81E1-70DD987EE54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28\\)s5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7042F5-2878-45B2-856B-5EBC93A2BE0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28\\)w5\\(31a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B74536A-EC0C-4C39-BA91-72990A4886E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28\\)w5-30b:*:*:*:*:*:*:*",
"matchCriteriaId": "37E48A25-53DE-4A07-B6B2-A275F390ABAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28\\)w5-32a:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4789A3-692B-4BC4-8A91-1F576C27C8B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "43C4011A-B88C-49BD-B798-786EAC87EB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(28d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F864A21-658C-4789-940C-E915F6C9F8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(30\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "D49C8C12-CE1E-41B9-991D-CC3AE51FEA8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(30\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1DAEE2-8026-46DA-A652-6E0CD5A6A657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(30\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "616EA4E3-C5FC-4145-963B-E3ABAFB5E5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(31\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "3B896570-8184-4EC8-8EB3-95312E4ED869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(31\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "5743923A-A78D-4C8C-99C5-5063A609700C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0da:*:*:*:*:*:*:*",
"matchCriteriaId": "12434A88-88C6-4749-981F-E2B4D725F48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0db:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7CF26C-AEAA-42D7-8136-56E77E73DCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0dc:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4864A2-D6BB-4E2A-9AA4-519EE0732D16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0ev:*:*:*:*:*:*:*",
"matchCriteriaId": "84299245-5091-4ED5-A107-4F7A2BE499E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2C398460-3F38-4AA7-A4B1-FD8A01588DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0sc:*:*:*:*:*:*:*",
"matchCriteriaId": "793F494D-F6BD-4B23-92BE-83B9DD9D4A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0sl:*:*:*:*:*:*:*",
"matchCriteriaId": "2B6B0C2F-2FBE-4422-AD30-305100C595CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0sp:*:*:*:*:*:*:*",
"matchCriteriaId": "932C1AC0-0BD1-46DF-A241-AA71BBD785BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEA01D2-B985-4575-AF00-144CE2E3024D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0sv:*:*:*:*:*:*:*",
"matchCriteriaId": "3999B90E-FE66-4B5D-8186-66C658855D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0sx:*:*:*:*:*:*:*",
"matchCriteriaId": "5C11A2BE-19E7-4148-B3CC-B4956B07273E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0sy:*:*:*:*:*:*:*",
"matchCriteriaId": "65E78DEE-1125-4183-A0CD-947B850E956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0sz:*:*:*:*:*:*:*",
"matchCriteriaId": "B6943D9D-4A73-4EB2-B5C5-B7132AFFBE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7F94E8-86FC-456B-A7BB-57953F67F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0w5:*:*:*:*:*:*:*",
"matchCriteriaId": "5A92DCEF-C205-4145-91B0-DB9991130457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0wc:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B5CC91-144D-4818-871E-E6120A7E1050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0wt:*:*:*:*:*:*:*",
"matchCriteriaId": "23E5F43E-20DA-4C5C-B8C5-1A5512CA07B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0wx:*:*:*:*:*:*:*",
"matchCriteriaId": "C6333F9A-2605-41EE-9AB4-1D04C5825BAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xa:*:*:*:*:*:*:*",
"matchCriteriaId": "1050ACB3-E5B2-4710-910B-F3DF4B49907F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xb:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABE71F9-17D4-47C4-A762-18CC8716E477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xc:*:*:*:*:*:*:*",
"matchCriteriaId": "7977DA9F-41DE-4482-B0CD-896EEEFB5689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xd:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0A8D1D-ED94-4A2E-ACC5-0408C2C9FCFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xe:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADAB898-7728-4C14-B69A-7B8B06AFC894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xf:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBE69A0-85B1-423B-88FB-CDA80E9186EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xg:*:*:*:*:*:*:*",
"matchCriteriaId": "C14C28A4-91C1-4AE0-8A14-8E98A569F7B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xh:*:*:*:*:*:*:*",
"matchCriteriaId": "54424787-34AC-410D-985F-511ADB2BB144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xi:*:*:*:*:*:*:*",
"matchCriteriaId": "70F54F0C-AC91-4CB7-9FEB-257F03547864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xj:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A0D017-F26F-4429-891E-C7E1C66B6588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xk:*:*:*:*:*:*:*",
"matchCriteriaId": "26FA075D-4A9E-44EE-90CF-23947C9040EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xl:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3DFAEC-4534-4A8D-9886-0723F57C7A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xm:*:*:*:*:*:*:*",
"matchCriteriaId": "E5451772-87D4-42E2-8F48-D137670DA3E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xn:*:*:*:*:*:*:*",
"matchCriteriaId": "D162976F-87A3-42BF-8C9F-A981B14F4673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xp:*:*:*:*:*:*:*",
"matchCriteriaId": "E2606209-91BE-4BEB-A163-0D3873A033FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xq:*:*:*:*:*:*:*",
"matchCriteriaId": "43581A57-418A-4A35-ACF2-1380A8DA8A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xr:*:*:*:*:*:*:*",
"matchCriteriaId": "AC17E231-9256-4600-A33B-238E7E83CF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xs:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D5468-BB6A-4665-964F-D8F636359CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xt:*:*:*:*:*:*:*",
"matchCriteriaId": "F0AB67FC-88F4-42BB-BB90-54521950DE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xu:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0082D5-CE3E-433A-84E9-1311C8B7899A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xv:*:*:*:*:*:*:*",
"matchCriteriaId": "00EB78A4-B386-4FCB-A21F-BD2B2EFC9616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0xw:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED30640-AABE-4CA2-8B45-509270748BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D86E0B83-3098-47A6-9298-43D3D5F476DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\)db:*:*:*:*:*:*:*",
"matchCriteriaId": "960F3C8E-AB3A-4A73-A1B8-E4DD98FACF14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\)db2:*:*:*:*:*:*:*",
"matchCriteriaId": "516E4BEC-B9DA-4E21-9271-742F1CEDA087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\)dc:*:*:*:*:*:*:*",
"matchCriteriaId": "E9829AB1-BB64-4D0F-88BB-894FCF9CA2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\)dc2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0ADD1EB-B46F-4B8C-BF4D-5A9631BDFA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\)e5:*:*:*:*:*:*:*",
"matchCriteriaId": "A09F6AD8-4B16-465A-9781-1B650062FB6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "96541BD7-7D90-4C56-BC23-7071A07711DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA56EF-E123-4539-80EA-B94965EAA2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1.3\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "605C83F3-9159-4D8F-90C4-886543D2BBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1a\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "9EDD9202-56A8-4924-AC60-08B223D5C3DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E960CA4-679E-4748-ADDA-D122C5A2D331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(2\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "326374ED-7ADC-457A-A8E1-4C42CDB8F3BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A0B63E-5CCF-4441-A6A1-B4EE1A556070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(2\\)xf:*:*:*:*:*:*:*",
"matchCriteriaId": "6255AFC2-DAC7-40AE-BD1C-3BFEB5544FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(2\\)xf4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF37C54B-72D1-4D7C-B0BA-0D9C7BA6C80A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(2\\)xf5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF1C787-B425-44FD-8C9B-8F6BFDD42BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B58DAD06-8EE4-4991-8D3F-087CB2D7B557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F6812739-E9C0-425A-989D-E68CE3030E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)db1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BBD302C-CA25-4DB0-9183-CCE038573D51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)dc2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1FBD098-4B1E-4FEA-A5CB-DDB9F1E39411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "156DB723-98BC-402A-A517-18D20DA45206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)xi:*:*:*:*:*:*:*",
"matchCriteriaId": "02516D45-C6EB-4B06-B309-C093E4C75F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)xp:*:*:*:*:*:*:*",
"matchCriteriaId": "49176A2B-7194-49A3-AACA-2457F3733231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)xp4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE045552-B648-40DA-9F78-DBF1CA8818D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)xq:*:*:*:*:*:*:*",
"matchCriteriaId": "6C847187-D66E-4C06-BAA4-4C12DB167584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)xt:*:*:*:*:*:*:*",
"matchCriteriaId": "8698ABDC-307A-4187-9F53-99F1428F75D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3\\)xt3:*:*:*:*:*:*:*",
"matchCriteriaId": "9F051387-6398-4880-9A57-B52C31D9646F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "652D2AD8-3C65-4EE3-95B8-C03173031367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3a\\)e7:*:*:*:*:*:*:*",
"matchCriteriaId": "30142776-CF36-485C-AD6D-2F245BFD88F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3a\\)e8:*:*:*:*:*:*:*",
"matchCriteriaId": "CF621A5A-A65E-42C6-A046-CE995DF4CEF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3a\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "F3061CCE-5295-426D-86AD-7E3905E50E4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3a\\)t7:*:*:*:*:*:*:*",
"matchCriteriaId": "35494253-675B-42E6-90CC-B5510024C4AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3a\\)xi8:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDE8D34-5405-45B6-BB59-3D2853123B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28E0C1D4-265E-4505-8570-CE242B5FCECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F16649D4-A884-45F0-AF7C-754AC68E777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)db:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE87A20-D684-4679-9B6E-3D945CD06CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)db1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D576D29-F8B4-408D-9982-0F08C6D8E862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)db2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EB5F43-8D46-4E53-86E1-1B151EDD8068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)dc:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5DEDA7-DD61-4E78-92F1-77972B1C9E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)dc2:*:*:*:*:*:*:*",
"matchCriteriaId": "41285CF3-A946-40FF-A6BB-C52713C2CBD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF1198D-69FA-48C1-A853-083CE294D2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)ea1e:*:*:*:*:*:*:*",
"matchCriteriaId": "19D7A275-0889-400E-9CAD-BE6C5FE79356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)xm4:*:*:*:*:*:*:*",
"matchCriteriaId": "7FDB25D1-E913-4EA1-959C-5103A860DE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)xz:*:*:*:*:*:*:*",
"matchCriteriaId": "71E06301-E2D0-42EF-AFA2-3FE2EFDE1E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4\\)xz7:*:*:*:*:*:*:*",
"matchCriteriaId": "AD91CD31-9677-4CC2-A41D-FBD005E8E909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4.3\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7ED6DD-D86C-4BF9-8F7F-7E2383B15366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D0BE079-5746-4C3D-BA05-469C4E7F2C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)da1:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F27868-5EBF-4613-B184-18F3EEF037C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)db1:*:*:*:*:*:*:*",
"matchCriteriaId": "52084CCC-4ACC-40F9-8F6B-3F0C838AE330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)dc:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A9E4A3-5CFB-4985-A20E-F0681EF0F0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)dc2:*:*:*:*:*:*:*",
"matchCriteriaId": "32D1FD9E-5B47-4057-A6D2-ADD59B968F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA17170-13DB-4019-A1C1-A4A9A00601DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60337C-9487-47FD-95AB-8F6D012B59BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)t9:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFF4E1E-FAA5-434B-80E8-E6EBE939C6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)t12:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF6864A-9F94-4A3F-B127-323F2220D6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)t15:*:*:*:*:*:*:*",
"matchCriteriaId": "EAED3057-BBBF-4A5C-B912-013307282E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xg5:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC91E63-4E93-4345-BC31-C1BF979AD618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xm:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A0F6A-B2F7-4F00-9E9C-002E0E48E1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xm4:*:*:*:*:*:*:*",
"matchCriteriaId": "B2F2766E-6E82-416E-A24A-04D95459F99B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xm7:*:*:*:*:*:*:*",
"matchCriteriaId": "EA86FEC9-116E-4740-AD42-CF0093E48B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xr2:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABC7C22-4E6D-4908-8F64-9EE1574DD635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xs:*:*:*:*:*:*:*",
"matchCriteriaId": "8B717378-F6D8-4A15-8D79-B70EF540CBF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xs2:*:*:*:*:*:*:*",
"matchCriteriaId": "55F3AF17-076E-4973-9573-DB46967F2CAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xu1:*:*:*:*:*:*:*",
"matchCriteriaId": "88F46869-0883-43B4-999A-21AFCD933193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xv:*:*:*:*:*:*:*",
"matchCriteriaId": "F9607DFF-DD24-4BC1-BC40-04B89AB07F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xv3:*:*:*:*:*:*:*",
"matchCriteriaId": "81A8947C-1B05-4EB7-86D1-003B091F8DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xv4:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D15335-C316-4681-87DF-C259C4A962D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xv5:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0572EF-3070-43D1-91FE-3D33A66ED413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)xy6:*:*:*:*:*:*:*",
"matchCriteriaId": "41940F9E-3381-452A-BBCC-E8CC96B9070F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)ya:*:*:*:*:*:*:*",
"matchCriteriaId": "C99915F7-2B91-4CA2-8499-F4B094475B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)ya2:*:*:*:*:*:*:*",
"matchCriteriaId": "4376EDFF-B9A0-4937-AC66-38676A06272B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yb:*:*:*:*:*:*:*",
"matchCriteriaId": "80262A82-A668-4C85-A9AA-D27DCA9C327D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yb4:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F44952-5746-4D27-8025-27FC4B4E9CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yb5:*:*:*:*:*:*:*",
"matchCriteriaId": "11CA7C44-0DC9-40C4-A57B-5D108209D931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yc:*:*:*:*:*:*:*",
"matchCriteriaId": "C49E8DAE-2C34-4191-B888-BFF2398006E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yc1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA64AC20-EC74-4EC4-B04B-D019F91A4A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yc2:*:*:*:*:*:*:*",
"matchCriteriaId": "631B088C-18A1-411E-A62F-F0DD48832732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yd:*:*:*:*:*:*:*",
"matchCriteriaId": "0E13FC17-7206-4055-A46D-47421F2F07BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yd2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7353F76-EE99-48F1-A68B-BD4EAC823268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yd6:*:*:*:*:*:*:*",
"matchCriteriaId": "410F01C8-0A60-44C8-8906-AA8AC7D9A4D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yf:*:*:*:*:*:*:*",
"matchCriteriaId": "37FA259A-F5F0-4D2B-A604-47D21A694BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yf2:*:*:*:*:*:*:*",
"matchCriteriaId": "128421E8-60B8-4986-8033-D0E69BB22296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yf4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9DD4D5-8D5E-48AF-9B33-1C25CB5E701B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yh:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7F832A-A24B-4A4F-BB6C-5DE8A25C4B24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yh3:*:*:*:*:*:*:*",
"matchCriteriaId": "251419AA-0212-4269-A4C6-5C497BD2CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yi:*:*:*:*:*:*:*",
"matchCriteriaId": "18097A8F-588A-46B4-A203-01AFEA175595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5\\)yi1:*:*:*:*:*:*:*",
"matchCriteriaId": "710E3A8C-7403-4BE5-9184-DBAF8DD218A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5a\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "72C05152-8070-4853-BC0A-01A0A2C226F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2544486-0053-4A71-A55B-E8EC529D4794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5c\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "A661E88D-A248-4622-B667-FD2FD4AA3624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5c\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "1637C389-A962-4695-AC35-47785C205FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97B11FB8-9490-49D8-AC87-F63F48B39CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A9C34CF-FA5A-411D-94D6-3101625E871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)e8:*:*:*:*:*:*:*",
"matchCriteriaId": "942A6040-051A-4FD1-935C-54CDF87C19DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E5CA82-CA58-4B6B-B99E-59D905E7C304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1168DD8-4DF7-4A2B-B080-D267BF815F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ea1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCEF5EBB-226A-4E8F-A78D-9C1754F1FBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ea2:*:*:*:*:*:*:*",
"matchCriteriaId": "3316587B-3BCE-4F4A-8835-BDC12A7F12F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ea2a:*:*:*:*:*:*:*",
"matchCriteriaId": "148C0902-66C4-4952-8319-40B8B145A901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ea2b:*:*:*:*:*:*:*",
"matchCriteriaId": "1037D61F-BDE2-4956-9B27-25FD5408F1A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ea2c:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC077AA-909C-4344-B5A9-F71FBCC34B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C9A6C0-F89B-4C11-B415-D78693C0E83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ez1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D7E0FE-ABA8-4423-A126-EE56E4AC6E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6\\)ez2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3C6083-0A69-4B38-B7AC-9F7DD4D41BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A759C05-80B5-4A5C-8B9A-C0AC13638EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6.5\\)ec3:*:*:*:*:*:*:*",
"matchCriteriaId": "93063C37-AEEA-47EE-A87A-5BB4BB76F416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(6a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDAE896A-4B97-4E67-8A55-046AB7CC0C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0CF63-FCC4-427A-9A86-48A03D913726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7\\)cx:*:*:*:*:*:*:*",
"matchCriteriaId": "DB234FEB-C185-420C-87C0-B54E9463D24D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7\\)da2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFE5890-AA06-40A5-B02B-F6E02D6749BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7\\)da3:*:*:*:*:*:*:*",
"matchCriteriaId": "0E621324-E76F-446D-9477-DE68A28206F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7\\)ec:*:*:*:*:*:*:*",
"matchCriteriaId": "1481AA47-0E3F-4B64-B8EF-13358EDB4B8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7a\\)e6:*:*:*:*:*:*:*",
"matchCriteriaId": "7E24AB6D-AEDD-47D2-868E-7C2801B8A667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7a\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "0F0A9F96-4BBC-4154-8098-2E6CD2B9391E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7a\\)ey3:*:*:*:*:*:*:*",
"matchCriteriaId": "43155865-F9DF-43E9-B688-246AD46FFA4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(7b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "989069B1-5B8B-4F6E-BD76-3B2999F2BC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DF384E8C-2EB1-4747-B749-E89E25A77321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8\\)aa1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA2FB3CC-64F1-4204-A04B-BCED3ADE7102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "4D37BA51-A0F6-4CF4-A729-44C1060DEBD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0F1E8-B2AD-40A2-A7A5-8AF0D0198E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8\\)ea1b:*:*:*:*:*:*:*",
"matchCriteriaId": "09C8E9BF-1C07-47FE-8F98-ED5960D302FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8\\)ea2b:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFD542A-C3E0-4E81-AA6C-D32BE269B6C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8a\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "72BC63AE-31B1-44E7-BABF-B8C529283E90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8a\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "429E111D-F383-4DCC-A378-D7F15234E059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8a\\)ew1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B45852-A773-40E0-97D5-4F4A5F6E8D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8a\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA87A2A-E394-4EA4-82BA-9CA3A561C8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)e8:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2B299-8C70-444B-9AEC-B9EAD4650C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "37EC9304-51E7-4147-820B-E6DFA9267617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF5CF62-C9A7-43C7-82DD-3CDAD6218D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)e15:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1AAD07-8EA0-496D-A4A7-6DD72B711813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)e16:*:*:*:*:*:*:*",
"matchCriteriaId": "25619ACF-6813-4470-B1F6-0D05D155DFA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)e18:*:*:*:*:*:*:*",
"matchCriteriaId": "B7258C5E-8D61-4ADF-AF7D-F772C0A14C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)e20:*:*:*:*:*:*:*",
"matchCriteriaId": "4859372A-D2F6-4D97-939D-91A28B65B1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8b\\)ex4:*:*:*:*:*:*:*",
"matchCriteriaId": "C47237CD-540B-462F-8B29-AC1EF4AF868B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(8c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3184A435-713F-499F-83D5-51233607861E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2C03276-B783-49BC-841B-6A75FFDDCBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9\\)aa:*:*:*:*:*:*:*",
"matchCriteriaId": "E8737806-D06E-4859-ABC2-B6D764AA74A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "61B04BC6-B6BD-4CD2-9257-B7493B33ADAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "718E435B-14E4-45AD-8565-CAE1F245772D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9\\)ea:*:*:*:*:*:*:*",
"matchCriteriaId": "CB79AFC9-2863-4DAE-9235-56DBD7C4E066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "2465A016-415C-4EE9-9DEC-B71C3EDC0BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9\\)ex3:*:*:*:*:*:*:*",
"matchCriteriaId": "71655A8A-9E5F-4B48-A490-2A3110230DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(9a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FB6D148F-D29B-4610-85EB-557AC86C7FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "791F8D35-C80C-4540-9FD4-A957F429C712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\)aa:*:*:*:*:*:*:*",
"matchCriteriaId": "68E75B85-BD83-4183-8738-10B7ABFCD333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "F32F2780-796C-4A03-BA5C-3B0CDCD2FEB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "2046F5A7-EA7D-4C6F-9B93-467AB1CC2624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\)ec:*:*:*:*:*:*:*",
"matchCriteriaId": "AA022E55-1EC7-4447-8B1F-1DE2102F71FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\)ec1:*:*:*:*:*:*:*",
"matchCriteriaId": "11032330-069D-4E4A-8F65-BC9EC832EC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9352A8-5C48-46D7-A9B9-61C6D003E9D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "401856C7-EDE5-4B89-8A09-EFC2F878E753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10.5\\)ec:*:*:*:*:*:*:*",
"matchCriteriaId": "95257024-EEB8-4111-BC17-82173B759397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(10a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CB900989-74D8-4DD2-93BF-5A6D50E48213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9B0EBB1-E870-4794-9474-F4E2A8AFEC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "91195861-AC53-4468-B1BB-3144A6F3CB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)ec:*:*:*:*:*:*:*",
"matchCriteriaId": "238FC81A-606E-49ED-B97C-432A82BF7318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11.5\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D3C225-A31E-4E61-9B90-BBD38A8F6C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "330A2017-426D-4D6D-86A1-1D063038366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7FC01431-DCF5-4F12-B95C-4F0813A04070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*",
"matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7DA6CBB3-6F8D-40D4-9511-C9DD6F703C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2C4D9-65CC-4C27-8240-C8F00F38A3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5A3BEF7-B34D-4D07-A8E6-834F555D0468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4DC4D8BB-2A95-4A57-AF3F-1CD01F55D62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93AA3BC4-C536-4EEF-85E3-D521580F18D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12c\\)e7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8C082A-A9B7-4333-9ACB-CB75DCB73973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12c\\)ec:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF8CAD4-6B77-4B1F-B3EF-05873051949C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12c\\)ev01:*:*:*:*:*:*:*",
"matchCriteriaId": "014D2124-5158-4FCB-A831-9457CA435A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(12c\\)ew4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E89EF44-F094-4002-A325-C765D5CB9B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C9A3703-1082-45A6-B510-9B6C880F14A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)ay:*:*:*:*:*:*:*",
"matchCriteriaId": "7E473130-ED52-48FA-AAAD-A1EA427AEBE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9478F31-994D-4FD8-AC53-B000815FBA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB275FD-926E-4875-AAA2-88F8DB3B8B98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e7:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EEC237-DD65-43F0-9DFE-0D32C929153E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e12:*:*:*:*:*:*:*",
"matchCriteriaId": "EE497DA8-240B-44DE-92F4-6CAC88A89B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e13:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFCFBFD-E998-4581-B7C1-5A8BFA27DE82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e17:*:*:*:*:*:*:*",
"matchCriteriaId": "337A0980-A5B4-4605-8572-8283FD1588C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC069569-859C-41DB-93FE-57E8B3F2EBCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)ea1c:*:*:*:*:*:*:*",
"matchCriteriaId": "17B63153-D51A-40AE-887B-CC9362263602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "DB3F54C6-FD33-442F-9E82-510EA39B0A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)ew4:*:*:*:*:*:*:*",
"matchCriteriaId": "A6568612-226C-48A3-B619-4C540D05968A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)ex2:*:*:*:*:*:*:*",
"matchCriteriaId": "20A9F169-F1BB-4D40-81CF-9772B4E3BFEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(13.4\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6CA25F-5D9A-4996-AE41-FCF9BB9A6C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C0097ECF-6FB0-444C-997C-7FA44E82321C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "F633F237-0B44-482F-A120-53A90EE0A328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0E2DFA-B2B6-4FB3-97DD-D1167014323F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14\\)e9:*:*:*:*:*:*:*",
"matchCriteriaId": "6277E1AB-5962-47DA-BCBB-B6BF3A5BFAB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14\\)e10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED09E588-89E8-416F-9A7B-0CF73807998C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1229A52-54B6-478F-A419-8D0340336BF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14\\)eb:*:*:*:*:*:*:*",
"matchCriteriaId": "2652E42C-E7FF-405A-8B6D-47C28A62757E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(14.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5A69E21D-CF3F-4A57-9088-C9FF1C0ED5A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(15\\)bc1:*:*:*:*:*:*:*",
"matchCriteriaId": "D61DA1C6-B112-448D-8E23-07800DA3E3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2FA390A-9AE1-4C7D-906B-EFB5F927CC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A8C2D22-61C6-4CA5-A275-DAEE2CD7D3B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(18.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8A4ACEAA-2B21-4C3B-AA12-235626E54581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4944AFEF-D002-4C86-958A-4EB753399FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "00DEF5CE-8637-42DA-A371-AC9BF74D213F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e6:*:*:*:*:*:*:*",
"matchCriteriaId": "46C3903E-94DA-409B-A0E9-A66BCB48204E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)ec:*:*:*:*:*:*:*",
"matchCriteriaId": "54874F5C-4165-4CFA-9908-587A808CF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "184BB6B9-4E7D-4107-BFBA-847329C59209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)ew3:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B06D76-49C9-412A-95C8-4C78C303488D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)fc1:*:*:*:*:*:*:*",
"matchCriteriaId": "17C19283-A797-4508-B180-0EA5A1D14310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(19.3\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "4F62D015-0F71-4B7C-9B75-04F495725DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DFC9A03B-752D-4F68-B360-CBE2EDBFD8F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "D0C3B6E2-3D33-457E-B85D-8C2FC9DA2FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "C41AB141-A566-4738-8E07-E6410590FB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)e2:*:*:*:*:*:*:*",
"matchCriteriaId": "F074DF74-81FA-4F09-A6E5-18DD9A4E76C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "9689234D-7762-4BA4-827E-702407F5BDF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)e5:*:*:*:*:*:*:*",
"matchCriteriaId": "A390527A-7522-4580-8C0A-F68BF90A5CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ea1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4041EB0-F402-4C01-9337-212E3E461AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ea1a:*:*:*:*:*:*:*",
"matchCriteriaId": "00388B56-F514-4A9F-95FE-1D8239BE1EF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ec:*:*:*:*:*:*:*",
"matchCriteriaId": "0DEB16EF-D0C1-4C56-85B1-3C07D8CFD493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ec1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCFD88F-4320-4F4F-9CAD-BA8A5AA5D389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ec2:*:*:*:*:*:*:*",
"matchCriteriaId": "D89132D4-850A-4C33-BDE4-51F6A053C848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)eo:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF2BEC0-6D37-4BC2-9A78-FC0D06CE7573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)eo1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBCCE83-076A-4B0C-9331-B9FE7DA8278E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)eo3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0B22A1-8B4B-4ECD-89B3-EDB5A14D1799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "379E0F70-EE01-48F9-A4F0-BFCF9BDAB4AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ew1:*:*:*:*:*:*:*",
"matchCriteriaId": "17CD0C63-7500-4A32-BD85-27E6C2F70FB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ew2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDFD76E-0668-4137-A747-8FDE700A3B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(20\\)ew4:*:*:*:*:*:*:*",
"matchCriteriaId": "17F7143A-9B42-47FC-8626-19A850A74E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8E63F79F-BF31-4076-BBCA-1BC6CC23D0CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7744338-A68E-4F38-8C89-E07DC4BDCFB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "32E01A6F-E21C-414E-BCA2-F7490DC78147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)ea3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB440BC6-9FC8-4EFD-B05E-3F5A5A68F8EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)ea4:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF4A473-C851-4D2F-A22E-66A267A1BDB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)ea4a:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD4687F-D78C-41C8-B2B8-D140813A8619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)ea5a:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8C33CF-9FD2-4DC5-B69C-0C8E0C6A987F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)ea6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFF09A6-DE59-4CBF-AF02-DF2862C05D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(22\\)eb:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7112F7-C3AB-4B67-A58B-A04E60F5F244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(23\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "A43DD0D6-6890-472F-AA0B-75B218FCDC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(23\\)e4:*:*:*:*:*:*:*",
"matchCriteriaId": "AB58F9A6-9298-4C47-A3C3-5C1DBF93E65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(26\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "038514E5-49BA-4E0D-AEDB-6868117E0B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(26\\)e3:*:*:*:*:*:*:*",
"matchCriteriaId": "0563D082-E449-40F0-93EE-437C1780CC75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(26\\)eb1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FCF2E0B-0747-42A5-9EBC-22E81DFB2112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B430330A-8D7A-44F1-A338-7E6F702FB70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1\\(27b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A38345DF-A94B-4C8B-9F4D-9D70BC0ECA80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1aa:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6FFE33-2891-48E5-9D0C-C52F88B2D76C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ax:*:*:*:*:*:*:*",
"matchCriteriaId": "442972CD-50D3-4C46-AB73-44AED94B9F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ay:*:*:*:*:*:*:*",
"matchCriteriaId": "19077C39-A27B-4EC3-A882-9AC826E61570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1az:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B31AFC-9C72-4737-B6B7-E938C13695BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1cx:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEF6AED-4477-4AAC-9759-1996B77DFEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1da:*:*:*:*:*:*:*",
"matchCriteriaId": "C9427851-B0DC-4CE6-8BFA-60619D1DC87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1db:*:*:*:*:*:*:*",
"matchCriteriaId": "6D07DD94-0925-4FEE-9565-5F36B9AAF448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1dc:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3A67F5-05C6-4097-A88E-0A0F165C12EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "7126E176-D739-4102-8F10-1EEB8C6A219D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ea:*:*:*:*:*:*:*",
"matchCriteriaId": "E90C0554-1A50-4341-AB07-80AA854673D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1eb:*:*:*:*:*:*:*",
"matchCriteriaId": "4A8C5149-40F8-40C9-9FC3-7E7C68801320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ec:*:*:*:*:*:*:*",
"matchCriteriaId": "46FF39C5-CC37-4573-BB18-36254D38509B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1eo:*:*:*:*:*:*:*",
"matchCriteriaId": "C1AF45D8-A32A-482F-8183-F0DC3C4FB5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1eu:*:*:*:*:*:*:*",
"matchCriteriaId": "B377A8B9-90F2-41B7-9098-5ABEB621E2E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ev:*:*:*:*:*:*:*",
"matchCriteriaId": "896A71EC-9508-406F-8DE8-58953D9A30FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ew:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B15FCC-1BB3-41CA-9550-6D55DD381F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ex:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A85892-C3AB-4920-A949-A71BD0332D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ey:*:*:*:*:*:*:*",
"matchCriteriaId": "C6330829-9A7B-479D-B38B-BC64148EC172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ez:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9F1E38-3482-4EAC-8654-EBC004B9344B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ga:*:*:*:*:*:*:*",
"matchCriteriaId": "51BCD9C9-7E6B-42EB-A645-32B3C00CDDEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1gb:*:*:*:*:*:*:*",
"matchCriteriaId": "34A61768-E18E-4DB0-9EDF-2E36D0F62DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1m:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B13CDA-C376-412A-AF5D-8FC25C74A0A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4EEFAB2C-172F-45AE-9C84-A036AD22B5EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1sec:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3EFB16-B62B-4D24-B99F-AED2CD35C28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "752C3C6B-910D-4153-A162-DF255F60306B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1x\\(l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B11A6E0-36BB-44C5-893C-59AC283E515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xa:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBE2FF-5DAE-447A-9C3D-3F48B24AECA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xb:*:*:*:*:*:*:*",
"matchCriteriaId": "297FAD97-60C0-473D-A18D-03657B81B7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xc:*:*:*:*:*:*:*",
"matchCriteriaId": "2AD4A33B-B13E-40C6-B47F-A406ACC6664F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xd:*:*:*:*:*:*:*",
"matchCriteriaId": "0E488E6E-87F0-4292-B97B-31087FDB4655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xe:*:*:*:*:*:*:*",
"matchCriteriaId": "0D199CB1-A2A3-4678-9503-C5B61281755C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xf:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D743DF-838A-4E7A-A4FC-BB5EB7D93CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xg:*:*:*:*:*:*:*",
"matchCriteriaId": "19952DC6-1186-4754-BB1E-BA1D78A19C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xh:*:*:*:*:*:*:*",
"matchCriteriaId": "441CB9D6-5EDB-457B-B59E-D48B01AEAF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xi:*:*:*:*:*:*:*",
"matchCriteriaId": "28097F62-B51F-4A3B-BB31-6FA67E8C8B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xj:*:*:*:*:*:*:*",
"matchCriteriaId": "80E8AF76-0A1D-4BAE-BF10-D63080352E6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xk:*:*:*:*:*:*:*",
"matchCriteriaId": "8A11AF3F-C82F-4431-9CF1-84FDAD388D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xl:*:*:*:*:*:*:*",
"matchCriteriaId": "3B674647-4438-4450-9DCA-25184D4E2682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xm:*:*:*:*:*:*:*",
"matchCriteriaId": "86E5CC41-1344-4A65-A653-8012ACE2CF2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xp:*:*:*:*:*:*:*",
"matchCriteriaId": "71FB7128-CF11-4903-97D7-418403A03CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xq:*:*:*:*:*:*:*",
"matchCriteriaId": "63EFB20A-78E2-4BA1-B87C-BB74E8982D99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xr:*:*:*:*:*:*:*",
"matchCriteriaId": "3A273401-9394-4BC3-879C-DE3EFC09B3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xs:*:*:*:*:*:*:*",
"matchCriteriaId": "6DABF911-FCDF-4095-A95D-4BB73628FCA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xt:*:*:*:*:*:*:*",
"matchCriteriaId": "77886493-C30E-439E-BBB4-3D34A8938378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xu:*:*:*:*:*:*:*",
"matchCriteriaId": "7813F511-CF6D-487F-9D1C-7A6CF85AD724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xv:*:*:*:*:*:*:*",
"matchCriteriaId": "677DC4B6-8B3D-4A0D-9934-743FD7494DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xw:*:*:*:*:*:*:*",
"matchCriteriaId": "E272881F-0804-4190-A21D-3D0B9A774F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xx:*:*:*:*:*:*:*",
"matchCriteriaId": "B12B39FE-3E7B-4D96-8CD4-0D57C50A786A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xy:*:*:*:*:*:*:*",
"matchCriteriaId": "F084DA16-24CB-41D1-92B7-C6E0499AAD10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1xz:*:*:*:*:*:*:*",
"matchCriteriaId": "BA979D75-F60E-45F8-B99C-1402DC8CFCDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ya:*:*:*:*:*:*:*",
"matchCriteriaId": "194F0AB1-92E6-4CE3-A5A1-904BF75F05D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1yb:*:*:*:*:*:*:*",
"matchCriteriaId": "884753D4-3AF0-4723-9D51-26BA7B4CA533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1yc:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF3601D-DF44-4A10-A424-8E97C65A36A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1yd:*:*:*:*:*:*:*",
"matchCriteriaId": "BC38BD6C-9823-4D2A-8BE2-60AABE3C4932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1ye:*:*:*:*:*:*:*",
"matchCriteriaId": "C1835410-77EB-46F2-ACF0-379759D4B0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1yf:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB103ED-B170-4193-84CD-4C59F4D6A10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1yh:*:*:*:*:*:*:*",
"matchCriteriaId": "F88DCCDE-6A81-473F-B4FE-95A84F8DF964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1yi:*:*:*:*:*:*:*",
"matchCriteriaId": "63D55886-268F-4E4D-B00F-8A5D97A73BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.1yj:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7C6FB8-8393-4916-BB2B-3097B1995C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF86B641-08DC-404A-9718-F2A99C1B0889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)dx:*:*:*:*:*:*:*",
"matchCriteriaId": "324E754D-D755-4987-A892-D04A0690DD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "67A304F2-D112-47B5-8859-10FF62990368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "897A6F3D-9C80-4E3E-B3E3-5CA48227CA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "915157AA-15BE-4792-95D8-4D1E1EF34EB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd:*:*:*:*:*:*:*",
"matchCriteriaId": "F38C9EE3-1A86-4930-AEF7-EAC3A2713DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd1:*:*:*:*:*:*:*",
"matchCriteriaId": "742CC70E-68FB-4658-A475-E7BBC5983878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd3:*:*:*:*:*:*:*",
"matchCriteriaId": "10CE5741-1569-4B69-B7F7-094F0C6101AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xd4:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B4D71A-D418-4E6B-88F7-50833C00236C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD14702-51AC-46B1-95A3-4AD47A4DCD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe2:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA8E55E-7E11-4D46-A1BC-B3655906FDF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xe3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E16ED18-4EB6-40D5-A857-6398A78693D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xh:*:*:*:*:*:*:*",
"matchCriteriaId": "979D4077-A3CB-4134-B180-EF10F01413BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xq:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C96C90-8B2D-4A88-A4B8-FA43332BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xs:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9B3920-D3F1-478F-ADE9-6022763E8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1\\)xs1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC9CF50-E0F7-4513-B7EB-A2E095D3E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52332F68-2C6B-4226-9B36-345AD0A904E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1.1\\)pi:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1FCC6A-332A-43B9-B8D9-513D9B0DB374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1.4\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "D13AA694-BAAF-4BE0-B900-4C2BCCCDA00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAD94AB1-0D8D-4DBE-AB1B-6AE464743E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1b\\)da1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4C28B5-4591-49E0-80F9-7C6059F24B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2D6897E-33F3-409A-B874-501FFF989EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE975E4-1D07-464A-8116-69393D07C362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)bx:*:*:*:*:*:*:*",
"matchCriteriaId": "8FFF0815-8F37-4613-A54D-42D7AA299D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)by:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB420B3-E9DA-4C5A-9299-FFAB48734116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)by2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB7CEB1-84F0-405E-967A-A62B54B7CBCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)dd3:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA91C37-5799-4B30-97FF-76A6A84F3606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6F2B76-43DA-4C2B-AA6F-C6A4BBF7DE12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD6C223-10B9-4381-A4AE-77DD415B5AF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A3E8C4-0E94-4027-ABDE-47A364071D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "07398411-7920-4B52-92C8-3696F49370B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa1:*:*:*:*:*:*:*",
"matchCriteriaId": "371FA715-3966-4071-961F-12E691608DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xa5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2713E8-3E4B-4C60-9ABD-01B962A85A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb:*:*:*:*:*:*:*",
"matchCriteriaId": "5400D72E-CD49-41E7-BA47-33E3AB920320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A44418C-C041-4A98-9D1F-1E7510B9AD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb4:*:*:*:*:*:*:*",
"matchCriteriaId": "474FA3DA-6967-48A6-AAB4-E7C382D3C942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb11:*:*:*:*:*:*:*",
"matchCriteriaId": "D2808EB6-5964-4931-AEE2-BE1CF503B7E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb14:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0CD136-C54F-41F9-9969-9F367921B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xb15:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABBB62E-EE60-4E80-9208-A6F5C1F80C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xc1:*:*:*:*:*:*:*",
"matchCriteriaId": "78C39B9F-E597-473E-8297-6D1E8D9713E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xf:*:*:*:*:*:*:*",
"matchCriteriaId": "E319FE1E-8D75-4CA2-8EA9-C1C32C290891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xg:*:*:*:*:*:*:*",
"matchCriteriaId": "B82C4003-D2CD-4243-8A8D-B8A9B449D096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh:*:*:*:*:*:*:*",
"matchCriteriaId": "29056463-CDD9-4399-964E-14BDBFF760A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh2:*:*:*:*:*:*:*",
"matchCriteriaId": "259BD3FC-FFC5-44B7-8641-917A1BF2E98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xh3:*:*:*:*:*:*:*",
"matchCriteriaId": "34F414DF-19C3-42BC-B43D-5CF60A3C0991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi:*:*:*:*:*:*:*",
"matchCriteriaId": "E32D7BFD-EC96-464D-81CB-E9CC12C21EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi1:*:*:*:*:*:*:*",
"matchCriteriaId": "32421120-BCA2-4218-8CB3-C77452A69295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xi2:*:*:*:*:*:*:*",
"matchCriteriaId": "B03537E8-D899-44D5-976D-A6E10FF16FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xj:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4C67B0-81D3-4430-A9F7-6F15C601693E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xj1:*:*:*:*:*:*:*",
"matchCriteriaId": "520E6B5D-C163-4633-A2DC-D02335838FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xk:*:*:*:*:*:*:*",
"matchCriteriaId": "BA145839-3DC4-41C4-96B7-88B8EE87D70E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xk2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC95C37-9102-45C7-813A-15A0ACFF5D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xn:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8D649D-474E-4661-A68E-517EA3563CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xr:*:*:*:*:*:*:*",
"matchCriteriaId": "420C23F6-1E44-418F-B6CA-DECA22218B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xt:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FEB158-215B-4C9D-8882-D44EE7F90B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xt3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BD8E31-5117-4E79-92A4-5FF08BC8BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xu:*:*:*:*:*:*:*",
"matchCriteriaId": "274DF264-D0DE-46DC-A91F-DD53ACE06AAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)xu2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC678F0D-4307-48B9-8C29-9E85DB756809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2\\)yc:*:*:*:*:*:*:*",
"matchCriteriaId": "D917117D-CF4D-427C-8529-EB2D856E8A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(2.2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD87D10-0406-43C0-B961-47BAA4264641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "16EA6782-77F4-4E2B-A882-A24ACEA5776B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(3.4\\)bp:*:*:*:*:*:*:*",
"matchCriteriaId": "80D35309-D236-4F49-88F9-AF29574630B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8A33120F-F2DD-47A6-9BA3-58989C3CF448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7840C1F9-C5C6-42BE-97F3-BE6F174F8C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "3A82EDE9-A7BD-4F36-8A97-DDDDAC45D80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b1:*:*:*:*:*:*:*",
"matchCriteriaId": "8697C1FE-2EC8-4116-809D-461801FDE1A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b2:*:*:*:*:*:*:*",
"matchCriteriaId": "4181019C-3AF9-42A7-AD01-28B17AB6DE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b3:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7265E4-1EE9-45E7-AB34-9BD6AA13E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)b4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5DC2C3-1DF3-47ED-BA83-9C9FEC2FD8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)bc1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2979C5-DAF5-4A29-BD21-F6B0173574E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)bc1a:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FDBABF-EDEC-4E65-925B-E4FB97FF27BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)bx:*:*:*:*:*:*:*",
"matchCriteriaId": "90E26E18-5F6D-4C34-AD4D-CC69135DC9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ja:*:*:*:*:*:*:*",
"matchCriteriaId": "0200FB78-35ED-4CEF-A49E-52D6F8F6102D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ja1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCFAA1B-DDCC-4E2E-B9BF-B51E0B5710F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mb3:*:*:*:*:*:*:*",
"matchCriteriaId": "213AB5CB-DB2C-4939-94D7-E211AD817FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mb12:*:*:*:*:*:*:*",
"matchCriteriaId": "76A1F18F-77EB-4BE9-AFF4-00187613E5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mb13b:*:*:*:*:*:*:*",
"matchCriteriaId": "C785F596-113A-4B2E-9963-4D740F15DF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mb13c:*:*:*:*:*:*:*",
"matchCriteriaId": "E93B704C-55B8-4FFF-8910-314604143411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mx:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEC62C5-DEAD-45A2-8339-EDA980833ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)mx1:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1C216-F510-48C6-9065-708408D8CE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "8330DE9E-EF94-4402-9B3A-AA876F9F0035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "9934E886-22CD-489D-B90B-FD23B6A2D722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "51DD991F-682A-43E5-9BED-58F524616A9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)t6:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA2B86D-05A1-4F17-903C-5E14A98493A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xl:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB4D744-B7FA-41E4-8272-BC71C413BAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xl4:*:*:*:*:*:*:*",
"matchCriteriaId": "06997F81-3A97-44C3-84B4-0868E0D20CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xm:*:*:*:*:*:*:*",
"matchCriteriaId": "52EA73E8-D40C-4E1D-94E9-E6FA63D7C253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xm2:*:*:*:*:*:*:*",
"matchCriteriaId": "4478DFE6-341F-410D-967E-EFF8B67A2E80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xr:*:*:*:*:*:*:*",
"matchCriteriaId": "0570296A-6F1C-40E1-93F8-C23BF4330E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xw:*:*:*:*:*:*:*",
"matchCriteriaId": "D79D38C9-271A-433C-9BED-C4893C2B0260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)xw1:*:*:*:*:*:*:*",
"matchCriteriaId": "5507D5CE-F07A-4BAA-96E6-96A67F4C0A3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya:*:*:*:*:*:*:*",
"matchCriteriaId": "1119AC22-9A4E-468D-A9A4-27A4C9191F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya1:*:*:*:*:*:*:*",
"matchCriteriaId": "35A326CF-ED69-44A6-B7BC-3DCCC2A1766C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya7:*:*:*:*:*:*:*",
"matchCriteriaId": "A76FBC72-6021-4535-8CD1-DD4208FD9CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya8:*:*:*:*:*:*:*",
"matchCriteriaId": "6D992EE7-4F7F-413F-9E4B-A7722249A74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya9:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA74A4B-A292-4825-9DDD-403A7EBAF007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya10:*:*:*:*:*:*:*",
"matchCriteriaId": "A282CADD-CE0E-45F7-AE48-BC42133BF16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)ya11:*:*:*:*:*:*:*",
"matchCriteriaId": "A89A62A5-38CE-4BA6-8330-8345BB0F7B53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(4\\)yb:*:*:*:*:*:*:*",
"matchCriteriaId": "15DF8F59-0C88-4E38-B9A5-12293A2FE722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC6829DD-33EA-40CE-A01B-EAA7667CBDF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(5\\)ca1:*:*:*:*:*:*:*",
"matchCriteriaId": "65C9A347-8EB3-4651-B7F4-BBE72E87B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(5d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F327B39-CCBA-4B2F-A083-CEEB625BD836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(6.8\\)t0a:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC7DFB1-014D-442E-B6B1-400B1F4BBDD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(6.8\\)t1a:*:*:*:*:*:*:*",
"matchCriteriaId": "C289616B-36BA-440E-8380-5523844C2C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(6.8a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D295C746-6702-4DCF-91FE-62810B37549B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(6c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B858AB50-2EC6-4820-801B-5EAB72A0F947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87CED27A-7885-4D42-8A91-128BD76EF585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(7\\)da:*:*:*:*:*:*:*",
"matchCriteriaId": "A057D34A-C0E0-4DA1-8E51-2E7C2572D28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(7.4\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "33AFA64E-4181-4751-B93E-EC067C97FC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A65C0314-7816-40C4-9950-1B40740204E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(7b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84CAE9D3-209C-4663-BD5E-424928E152F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(7c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "191428C2-2F39-49B6-9ACA-E4C1A46F6C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)bc1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D67FDB9-FA6C-41F7-ACA0-AA04066B92F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)ja:*:*:*:*:*:*:*",
"matchCriteriaId": "D359AB74-8958-477E-8B97-F5A1FC3BDC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "402CF7F0-EC7B-474C-98F5-F9FA3486E45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)t10:*:*:*:*:*:*:*",
"matchCriteriaId": "7BBE9430-02C3-41AE-899D-8935F3EF215E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)tpc10a:*:*:*:*:*:*:*",
"matchCriteriaId": "C0977D51-0EF6-4219-BEC9-400DF80B356C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yd:*:*:*:*:*:*:*",
"matchCriteriaId": "A331B245-2FFC-41AE-9E17-61F6E9AD002C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yw2:*:*:*:*:*:*:*",
"matchCriteriaId": "139DE650-5861-495E-9B87-6C9B68AA5233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yw3:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A7C0DB-63E2-447A-A66C-1F7419F1EB3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yy:*:*:*:*:*:*:*",
"matchCriteriaId": "70E5F20E-18F9-4108-AB48-E9A4DBB230B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)yy3:*:*:*:*:*:*:*",
"matchCriteriaId": "C91D2A28-D85D-4F62-92ED-11317A9C5947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(8\\)zb7:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF4480F-6C08-43B0-92C5-3FE07B5E09D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(9\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "4F575CA7-9875-4582-B9E0-446DE7227073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(9.4\\)da:*:*:*:*:*:*:*",
"matchCriteriaId": "3021A9C0-3504-4B98-AD5A-9DB93E8803F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(10\\)da2:*:*:*:*:*:*:*",
"matchCriteriaId": "55396406-FB71-46A6-9CDF-27F041605097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(10\\)da4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC774495-327F-4488-A257-1F3C5FB2E00B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(10.5\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "E0922A76-8F2E-4898-9AA6-32A0E3F2A8C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(10g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21E013BC-9F5F-4209-9588-1A3CDB017659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)bc3c:*:*:*:*:*:*:*",
"matchCriteriaId": "6B059AD2-3215-4647-B4A6-AC9642E5623E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)ja:*:*:*:*:*:*:*",
"matchCriteriaId": "665CB7BC-E97E-4461-B83B-681047A6EEAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)ja1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7E536B-DD9A-4F46-B8C1-F29DC3298972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "92A9D069-4C88-4BE1-92E3-8A7056DD8825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E735E1-79B9-4FB3-B994-63D15AF6DBF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "7861C0AC-51C3-40F4-8D72-061153D71E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t8:*:*:*:*:*:*:*",
"matchCriteriaId": "35B57355-CE86-4605-9123-15B1445C226D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)t9:*:*:*:*:*:*:*",
"matchCriteriaId": "617CC100-06BA-4916-A2FA-EA91049DED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yp1:*:*:*:*:*:*:*",
"matchCriteriaId": "F60222E3-B02F-44B8-9E64-DB8AE3BFAEC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yu:*:*:*:*:*:*:*",
"matchCriteriaId": "4B52D7F7-AC13-42FF-BBDC-FFF4A25DFD54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yv:*:*:*:*:*:*:*",
"matchCriteriaId": "574C686D-F7B6-42F5-BBE6-AAA61425DF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yx1:*:*:*:*:*:*:*",
"matchCriteriaId": "62A62D04-0DD5-456D-8C13-88A0DD3E1FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)yz2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2FDA81-E862-45C4-BB48-152BB4C33BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3568B82-1112-417F-8F2A-ADAC7BE9D0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12\\)da3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA67A2F1-F728-4776-AC96-0FB1C0326572",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12\\)da8:*:*:*:*:*:*:*",
"matchCriteriaId": "37C0F9A6-F438-44B2-8CA4-F8810160801C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12\\)da9:*:*:*:*:*:*:*",
"matchCriteriaId": "4DCC7A72-05CB-4283-82B8-3F5501CDF923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.02\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "E06B7024-F66C-4642-8BDB-5D88B66902DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.02\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BA5828-6F26-4F92-9B22-C1A403D34D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.05\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0DDBD22-6C29-4275-9BB6-0F9E7717D382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.05\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "4569DDA0-1961-4CF2-ADBB-055144B6DDF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12.05\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8BF6E5-BA09-4EBE-9C06-28CD8397AF69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD9B22DC-353D-437E-B648-CFB39D6D34BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA8EA12C-A99D-4FE3-B18F-715D49764320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B7CC6B5-44B7-4DCA-86C8-F032AF65FDAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "208A52BF-BAE3-4F5F-9279-88C360FDCBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F081454-D139-4630-BCCB-172303F78DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(12m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F440A82E-518E-4E35-AC1D-7B2BA9963EB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E926A720-D79D-4A81-8E28-137CE36C4995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)ja1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB70336-4345-4B02-98A9-A8F1A16657C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)mc1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E5B6FEA-3AD4-4401-96F6-8DC986D6509F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "59169A2A-FC3D-4C62-BD1A-F6AB7653BC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB000AC6-C4C6-481E-A75C-7AA81BFAEE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t9:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE016D9-FA6A-4FF3-9B18-7CBC37CEB136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t14:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF7BD28-EEC4-44C3-B54D-566A3D450D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)t16:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBA5AA2-2AEC-4A03-98AE-F7FD59E1944D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zc:*:*:*:*:*:*:*",
"matchCriteriaId": "37DA4E81-4BE9-42FD-AA1E-E99FE7817FFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zd:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F77A78-FFCE-4BD5-A027-A3AE81AE4C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zd3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA235645-9AC4-4876-A512-425097C5D2D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zd4:*:*:*:*:*:*:*",
"matchCriteriaId": "8886373B-3CEF-4B67-9137-736191C10D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)ze:*:*:*:*:*:*:*",
"matchCriteriaId": "D71C31AB-60C5-41D3-9C28-E11D8C87BA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zf:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F26995-8997-4665-B277-42119A370FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zg:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F5E02F-2EDF-4C24-8279-5602638E0E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zh:*:*:*:*:*:*:*",
"matchCriteriaId": "C9585CFD-C563-4D76-A606-6C629B0BA12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zh3:*:*:*:*:*:*:*",
"matchCriteriaId": "D193A196-05E1-4143-961B-E8100C7A7323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zh8:*:*:*:*:*:*:*",
"matchCriteriaId": "4B01E7FA-7314-4E50-BFA6-3E2E5A4552D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zj:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BAAAC5-FD95-48C1-9834-A0BD5BB16699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zk:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C78ED-4BEA-4DC9-8FF4-11DD8803AAB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13\\)zl:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE1FD8-530B-4530-9109-76F852C196FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13.03\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "64098AE7-DEB7-4D7B-801A-AF624C9E00FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "02879682-3521-4E10-95C7-4F3C3B488B04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(13e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20087BA2-1C64-4741-BF0B-7DF45DCC9364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "1B721725-3499-4653-8489-A0337FE08215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)s13:*:*:*:*:*:*:*",
"matchCriteriaId": "C6181F56-00F9-4FF6-8285-271D9E1FEA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)s14:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC33DFE-2514-4A75-AB59-8EA0C03187B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)s15:*:*:*:*:*:*:*",
"matchCriteriaId": "034A3445-32E6-4CCE-89A4-DDB6DE25A9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7682BC6-5FF5-449A-905D-2178C16361F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sx1:*:*:*:*:*:*:*",
"matchCriteriaId": "77C60F5A-0478-4CF1-B621-4B747DD02A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy03:*:*:*:*:*:*:*",
"matchCriteriaId": "936E22FD-5210-46F7-89E5-5458A9C58F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9BA55-F193-4BCA-ACC2-BBC892E9D7E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz1:*:*:*:*:*:*:*",
"matchCriteriaId": "46974023-379B-4475-A59F-BD340043CFAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz2:*:*:*:*:*:*:*",
"matchCriteriaId": "D71C21E1-BC04-4537-B64D-76492F282B76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za:*:*:*:*:*:*:*",
"matchCriteriaId": "26835676-2738-47CB-A364-78D1964FEC4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za2:*:*:*:*:*:*:*",
"matchCriteriaId": "209A1BE7-EEFC-476E-84E4-4EFD68DD7E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9BF07C-DB46-4646-A11D-FFC5C13D6387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9802FF68-2932-42F6-B66F-545A59FB5EB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14.5\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "0E51D01E-F3CB-4413-985E-D72F71D7B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3DF4A1-DF61-46CB-AFF5-9B7DD6F93317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8421C4-3CB5-40B8-AB20-5E883FAC276C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CDFBF7-D393-42F5-89A8-482459A426A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc1f:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D17BA6-BA60-4019-8034-302777B06CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc2f:*:*:*:*:*:*:*",
"matchCriteriaId": "9185C8A1-426B-4313-832F-18B2F9507DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc2h:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4938C9-0511-4AC3-85F0-44A0AC8D5820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bc2i:*:*:*:*:*:*:*",
"matchCriteriaId": "9D137683-0B21-45E4-AA17-FCFA1085499D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bx:*:*:*:*:*:*:*",
"matchCriteriaId": "864B17DA-90A8-40F0-8885-3F9E47589131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)bz:*:*:*:*:*:*:*",
"matchCriteriaId": "31E2E42C-DB5E-4534-9BE5-E2717E96C784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)cx:*:*:*:*:*:*:*",
"matchCriteriaId": "32737FE9-2E17-4DA9-B3DD-6B5A4CBE2C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)cz3:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF872FE-9B30-4D0B-B129-6A317176A517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)jk2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5B2939-F4F2-409F-8FFB-AC7B0D6C7B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)jk4:*:*:*:*:*:*:*",
"matchCriteriaId": "1562A3BE-7447-4227-BD04-33C248F04C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)jk5:*:*:*:*:*:*:*",
"matchCriteriaId": "711839A6-984E-4341-B7A0-DFEDC31FBF23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)mc1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C02477E-BBB9-49A2-94CC-9457DC928EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)mc2c:*:*:*:*:*:*:*",
"matchCriteriaId": "05CA5BF4-05BD-4B26-A49F-AB3897B563CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)mc2e:*:*:*:*:*:*:*",
"matchCriteriaId": "2360BC32-F9AD-4407-9BB2-C19CC190B1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)sl1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B71B83-3E4E-4ADE-97CE-F72B52E41BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "284DFE38-63FE-45CC-8CF7-B84050674EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A424753-62C6-466F-BD19-047A1611A4FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A353C2-69AE-4343-A6FF-E0736836EAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t8:*:*:*:*:*:*:*",
"matchCriteriaId": "56E5E477-2236-45DC-900E-75FAB2E7DFE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t9:*:*:*:*:*:*:*",
"matchCriteriaId": "A67A7F96-5B78-4466-B5D4-3811C6DE7A1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t15:*:*:*:*:*:*:*",
"matchCriteriaId": "CA1CEF76-1CB2-45BA-856C-3E23668DF0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t16:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB35113-BA54-4DAF-A293-2B6B328A5CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)t17:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC5651C-AA17-4275-997F-C85FB48D7ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)xr:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2B0007-128F-4B50-A7B5-3985C40890A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)xr2:*:*:*:*:*:*:*",
"matchCriteriaId": "A12EE4BC-9C6D-4791-B99C-5F1F0B89BA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)ys:*:*:*:*:*:*:*",
"matchCriteriaId": "77166237-71D5-40EF-AE47-32CE7BC300BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)ys_1.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "882715D1-D669-4107-A39F-41C27084B2E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj:*:*:*:*:*:*:*",
"matchCriteriaId": "FE530211-6ECF-4881-A069-826E0737CE5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5C18D0-B516-4F5A-AB43-B3D5FBB14202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj2:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1FC76-DFCC-4F06-A320-82C27A502B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zj3:*:*:*:*:*:*:*",
"matchCriteriaId": "C17E0E7D-E7C0-434D-9142-F8A93BF63FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zk:*:*:*:*:*:*:*",
"matchCriteriaId": "C81871C3-7AB6-41A1-BECF-2F34ED208E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zl:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFB25CF-C329-46A0-A404-36D951C7A0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zl1:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CD80CB-7E2D-4DC0-A84E-D9E1ADFA141F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zn:*:*:*:*:*:*:*",
"matchCriteriaId": "776DCDA0-839D-4EA2-8C0C-D28E897C1E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zo:*:*:*:*:*:*:*",
"matchCriteriaId": "55827F80-F1A1-4538-85C0-069413E3DB80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15.1\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B7EF3-FD99-4CCD-B05A-807EE53A58BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6730C6-1387-4A52-8778-7FC144134AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16\\)b1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D461538-0218-40E9-A74A-9982E4075485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16\\)bx:*:*:*:*:*:*:*",
"matchCriteriaId": "79433418-CB13-4F11-B606-3D804926BB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16.1\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "AB1A7354-F886-427D-943A-388824100550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16.5\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0B5AD-229E-4406-A5E6-190067352BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "680AC7AF-998A-4584-8087-9409A7407AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D298FE2E-227C-4385-9DFA-55A2D5C04E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17\\)a:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF5B18A-3F59-4CED-BADD-6C7E41E2A28A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17\\)zd3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B284ED6-7182-4138-9111-8DE89F9EBD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A28E43B-9153-4491-AA25-0011732C6E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17a\\)sxa:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7F49F3-0A0A-4270-A657-CDE987637684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17b\\)sxa:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC22162-36D7-43C0-966C-2DD62CA1DD6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3514C99A-95B8-4827-A9D4-E8E851D7FB2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\)sx:*:*:*:*:*:*:*",
"matchCriteriaId": "8089D89D-AF38-4445-82BE-61FF2ABFEF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\)sxb:*:*:*:*:*:*:*",
"matchCriteriaId": "E947BE8B-DB42-45E9-89E9-2E42DF6242F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\)sxb7:*:*:*:*:*:*:*",
"matchCriteriaId": "E30C6E0A-6D9F-43EF-A202-678BAC2C9950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\)sxb8:*:*:*:*:*:*:*",
"matchCriteriaId": "95CE4197-A9D6-4DF5-A8F9-8E1520D80D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17d\\)sxb10:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2A7C58-5AF1-4486-B81D-A68DC3D738AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(17f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "75999E88-10C0-4F99-9F2E-7F2325E2737A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "9E49B392-5366-422D-A10E-EE4F3A33C4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew2:*:*:*:*:*:*:*",
"matchCriteriaId": "D11BE83A-EE4B-4495-BAEF-EA4802FE5376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew3:*:*:*:*:*:*:*",
"matchCriteriaId": "A077B6B3-F0CA-45BC-8A62-EAC12EB28FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew5:*:*:*:*:*:*:*",
"matchCriteriaId": "44E46610-76B6-4C7D-AC8B-64B24CFBE303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ewa:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF707A6-5834-4295-8B38-17F279D49C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0E67EE-AF42-4B53-B70A-45562CE164D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "D8942C0A-8DDB-46CA-81CA-0DA442C27502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7979BB-03BD-495B-8C4A-EF916AC5B546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s9:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCFBB45-4784-490A-BDD2-DA2D54C792B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s10:*:*:*:*:*:*:*",
"matchCriteriaId": "8E3AC772-803C-499C-85E7-7176688DCB4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)se:*:*:*:*:*:*:*",
"matchCriteriaId": "9E319ADC-C636-4933-BD50-B613677AD4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)so4:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF320DA-468E-4E40-A55E-E74EA44A3122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sv:*:*:*:*:*:*:*",
"matchCriteriaId": "1A15042D-EB07-4754-8144-947CDE669CAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sv3:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC2BB88-ECB4-4F93-BDE7-8486852AB27A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sw:*:*:*:*:*:*:*",
"matchCriteriaId": "E58F4903-E834-4476-876F-8C144BD93D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxd1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D890842-FBBC-4D2F-8403-E8FF383A0289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxd4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A59C144-2B35-470D-BF33-29CA7EFF2ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxd5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0B9E6B-439F-4623-BE70-68F1835747BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxd6:*:*:*:*:*:*:*",
"matchCriteriaId": "086B1BAC-0C9A-40C7-BEBB-FF0E1FC72463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxd7:*:*:*:*:*:*:*",
"matchCriteriaId": "B94D83AD-D5B4-4968-8080-92CE49A1494C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxe:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF6A337-FE37-4CE2-B0FC-AB0AE099C10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxe1:*:*:*:*:*:*:*",
"matchCriteriaId": "0076A522-5490-4D31-A10A-3611B587E5C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxe3:*:*:*:*:*:*:*",
"matchCriteriaId": "A041C16C-8A48-4470-B1E9-3159C3463A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sxf:*:*:*:*:*:*:*",
"matchCriteriaId": "6A523641-0044-4A2A-9097-D32504F2A019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(18.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C20E75F7-CEF6-4985-942D-F054879C312D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "532987C6-8D68-40B0-ABB3-236C49A63D31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(19\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "9045CACC-F1AE-4924-94FE-825DE629C415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)eu:*:*:*:*:*:*:*",
"matchCriteriaId": "522425D5-1EFE-4F07-88FE-9EE4376D7171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)eu1:*:*:*:*:*:*:*",
"matchCriteriaId": "145A21CA-3E35-4F73-9451-72EF1265ECA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)eu2:*:*:*:*:*:*:*",
"matchCriteriaId": "47186E81-9EAD-4AD6-B888-F1F94C2EA128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ew:*:*:*:*:*:*:*",
"matchCriteriaId": "955BF110-FFBE-4368-BE06-21AC794C53AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ew2:*:*:*:*:*:*:*",
"matchCriteriaId": "11DBF354-E96F-41C8-A393-077682738B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ew3:*:*:*:*:*:*:*",
"matchCriteriaId": "93FC49A2-CB0C-43CB-86F2-2D4483CFE5F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ewa:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F08381-956E-4E97-8226-6EDC66C281D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ewa2:*:*:*:*:*:*:*",
"matchCriteriaId": "54CCAA24-53BB-4998-B986-358701A8A8F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ewa3:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2560DA-E091-4344-A7D0-9BEEB6998AC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "10151339-0261-4F5D-9601-F048C0B70908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "2498113D-65B7-4144-AD1C-9FCB6534B7BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "84685E46-066D-42B4-8800-7D529AFC4FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "99299759-15D1-4BEB-95D3-8D53C27674A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s7:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4528A0-A342-482E-BF87-AB4B7EC69C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s8:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2C7EF6-410E-4D27-8C09-D0CEFDA360AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)s9:*:*:*:*:*:*:*",
"matchCriteriaId": "326FC2B8-62F0-46B9-961F-4D5526D41A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)se3:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA90AE6-0BC8-442E-81F3-49E6C8D71F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(21\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9324BF58-67E2-410D-AA71-F280B3D64498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(21a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "060D7CA2-0A02-49E3-BCFB-EFE7F6EC08F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(21b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3AAE391-8039-4BCA-851E-CC3992BE7F75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(22\\)ea6:*:*:*:*:*:*:*",
"matchCriteriaId": "848E6315-3901-48C5-95F4-81A397485C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(22\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "2B20E6F8-5E33-4F24-BB8B-8B61E39C01E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(22\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "F657AFFB-B3C7-419F-82A2-B244186EDD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(22\\)sv1:*:*:*:*:*:*:*",
"matchCriteriaId": "777381FD-8BC0-49AF-A4D9-83FC7E601BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(23\\):*:*:*:*:*:*:*",
"matchCriteriaId": "947062EE-A5CF-4A7F-8EF7-921F45118268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(23\\)sv1:*:*:*:*:*:*:*",
"matchCriteriaId": "099D2308-DAFA-4790-AFD8-066B841CD0C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(23\\)sw:*:*:*:*:*:*:*",
"matchCriteriaId": "2C78ECAE-978F-4DDE-83D4-DCF4ECC20EAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(23.6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "24044D5B-B73A-4873-A36E-E35B8A6AB087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(23a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04D1C25C-1BED-41F9-8CCC-044065B7572A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(23f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "62B55C5D-F153-47CC-8E79-94B6451D04A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(24\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F4E83FE-4A5F-49A1-B6E5-B39171AA8825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(24\\)sv:*:*:*:*:*:*:*",
"matchCriteriaId": "F69F16A8-ED8E-4B89-AA80-CEF9C488A03D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(24\\)sv1:*:*:*:*:*:*:*",
"matchCriteriaId": "016CB579-0452-4DFE-8CDE-D3161579DDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ewa:*:*:*:*:*:*:*",
"matchCriteriaId": "878773DC-1360-4608-AB17-0081B33B11F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ewa1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C2B085A-57AF-4A84-A354-166E61B5CAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ewa3:*:*:*:*:*:*:*",
"matchCriteriaId": "A35979BE-B33F-4709-8B36-FB8297E321FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ewa4:*:*:*:*:*:*:*",
"matchCriteriaId": "66130668-1107-42B3-BFAF-5640D3AC7595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "7346EC5B-4F87-423A-A579-AE0E1583190A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ey:*:*:*:*:*:*:*",
"matchCriteriaId": "C22E4042-3628-4A7E-BD93-1F3F282F9E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ey2:*:*:*:*:*:*:*",
"matchCriteriaId": "A84C2CA8-1BA4-4899-9AFF-443FBC5003D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ey3:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5E50CF-9084-459B-AFE5-5E0C63E17AB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ez:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC9A8EF-FE37-42CB-A33F-4B6AF29A8827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)ez1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C9F1F1-EA5E-4921-A862-06304CE55C4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)fx:*:*:*:*:*:*:*",
"matchCriteriaId": "8508A0FF-D18D-430C-9A26-6B5BBFD7DF70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)fy:*:*:*:*:*:*:*",
"matchCriteriaId": "393A274B-BAA4-46F3-BC35-BE697B96A684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "DA143186-1E3B-4B5F-A5FD-AE90A2664AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4912CA3-2311-4D0F-8767-6815F43BE645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "092374D9-6DFE-45A8-B3F1-562C56787304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E5E380-4843-4E2F-8807-BFBDB42CB734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)s6:*:*:*:*:*:*:*",
"matchCriteriaId": "065CBFDD-BF57-4FE4-A48E-03CFDE5530B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)se:*:*:*:*:*:*:*",
"matchCriteriaId": "36953AD6-CE36-480E-8679-DE5EEBCC5A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)seb:*:*:*:*:*:*:*",
"matchCriteriaId": "F571ECA8-0AB1-4BC0-A6AE-06BAE1FD2375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)seb2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E67F0D3-5722-49F3-80FA-8BA7292C085D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)seb3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA79BC8E-753F-4245-9885-A7A2733E4013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)seb4:*:*:*:*:*:*:*",
"matchCriteriaId": "6B820873-78DF-401B-8A99-EB1F115FED35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sec1:*:*:*:*:*:*:*",
"matchCriteriaId": "86F88317-18BE-4484-A027-D69500937799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sec2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF6CCDEE-0D38-4C6B-82D8-CDE5067CC704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sed:*:*:*:*:*:*:*",
"matchCriteriaId": "0C342FEA-F2AC-4E0C-946E-1F7DB2994D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sg:*:*:*:*:*:*:*",
"matchCriteriaId": "3B142BAA-613A-40F8-9FD2-EB081867B3F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sv2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1036B4D-4666-4BCC-9345-2DEAD2F49ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sw:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3C8845-179E-4098-842D-2F886885CFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sw3a:*:*:*:*:*:*:*",
"matchCriteriaId": "16F5683A-5EA5-4991-A677-2390477BA8A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sw4:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF0E312-0A76-47FD-BCFD-39ABDDDB99A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(25\\)sw4a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3D41BA-41BD-4F4A-9CD5-1EDA026F0979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(26\\)sv:*:*:*:*:*:*:*",
"matchCriteriaId": "183C82F0-09A5-406F-9362-E268335D4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(26\\)sv1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1F98B3-23E1-475E-8CC4-7E39D091BDD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(26b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A40966B8-23E0-4ADC-BCEB-74DC2FA7EA3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(27\\)sbc:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFC5FC-CE15-4C83-8E11-7CC29EE8F32A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(27\\)sv1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3C951B-527D-4C0E-A1AF-D0F6871AEB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(27b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "85D4091C-087D-4267-B606-664EDA55DE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(28\\):*:*:*:*:*:*:*",
"matchCriteriaId": "968C42F5-9FB5-4442-9314-9D0156DA4719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(28c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1625DE6D-5848-436B-A220-C0D1EE3ED0F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(29a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F018CEF-2A91-4067-8104-63686F9489CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(30\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "84F12CDE-0C47-433D-81CC-EE33C3C36B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(31\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9D5BAE50-27D4-4BAC-9C15-0EC889139144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "E314B0F7-1A27-483E-B3B3-947A5561281F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2bc:*:*:*:*:*:*:*",
"matchCriteriaId": "A3EF2531-3E6B-4FDC-B96B-2BC3F8EAF39A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2bw:*:*:*:*:*:*:*",
"matchCriteriaId": "05B838C9-E60E-46A3-A5FB-4F67291D0851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2bx:*:*:*:*:*:*:*",
"matchCriteriaId": "2B29F111-CBA4-464D-8B25-C2677BA270EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2by:*:*:*:*:*:*:*",
"matchCriteriaId": "E96C76C5-52BA-45D9-9803-048E770BAA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2bz:*:*:*:*:*:*:*",
"matchCriteriaId": "42EB3A6A-8B37-47E6-AA9B-1B13FC08F542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ca:*:*:*:*:*:*:*",
"matchCriteriaId": "22D57BED-1D99-4077-941C-E60BEA65324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2cx:*:*:*:*:*:*:*",
"matchCriteriaId": "F4BA2D6E-FD22-4BFD-B8B4-D6542E173C72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2cy:*:*:*:*:*:*:*",
"matchCriteriaId": "78B9E2C6-0E23-4AC9-906F-28BBC15868DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2cz:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F75542-F2C5-4CEB-B655-E0620408A3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2da:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7EA3DA-33B3-4480-B3B8-413745D6C5FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2dd:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC41749-91FC-43DB-A52F-AC3E3A2205C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2dx:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0195AE-24FD-43B2-892B-F646B8B5ED6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "84E71A69-60C3-4F63-B368-A9AEE6E501A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2eu:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9F8FF-94EA-4D1D-93AE-623075014426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ew:*:*:*:*:*:*:*",
"matchCriteriaId": "316924D4-10D4-4C98-AF05-DDE1D530A205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ewa:*:*:*:*:*:*:*",
"matchCriteriaId": "11866346-C29A-463D-A18F-528C23DD579E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ex:*:*:*:*:*:*:*",
"matchCriteriaId": "0912492E-565A-4559-ABB8-D2898F06CF29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ey:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD6421A-D8C4-4A3E-9497-4AC130CFE597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ez:*:*:*:*:*:*:*",
"matchCriteriaId": "91F44EC8-13BF-4032-9EBA-0D50C6A353BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2f:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1C019A-0B91-4A3C-98DB-F467C054AA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2fx:*:*:*:*:*:*:*",
"matchCriteriaId": "370EEE74-3DAA-4BB2-9192-66672229DC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2fy:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF74B28-CD95-4BC6-97D4-D529D30E1509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ja:*:*:*:*:*:*:*",
"matchCriteriaId": "B98E703A-717D-4997-AFBC-CAE4B644025D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2jk:*:*:*:*:*:*:*",
"matchCriteriaId": "01A0A03A-5BFE-4A15-A983-B3EB8EE6B25A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2jx:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4BC2FA-19F0-41FC-9786-8006B1D2E7DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2mb:*:*:*:*:*:*:*",
"matchCriteriaId": "6B27825D-099A-4733-8D3F-8EF2B050E5B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2mc:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A63E2B-8C1B-4EF7-BCDD-BBF3EC2C7113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2mx:*:*:*:*:*:*:*",
"matchCriteriaId": "ED8A1FE0-F74A-4C92-8625-7C933128B567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2n:*:*:*:*:*:*:*",
"matchCriteriaId": "0E90AD18-3ED7-4DA9-A6DF-281C1F3226D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2pb:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3BD76F-F93A-4902-B4F6-4D9231C29EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2pi:*:*:*:*:*:*:*",
"matchCriteriaId": "2AD6BA55-0A6B-4981-AA70-4D1FDD49B996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "2D035A35-D53E-4C49-B4E4-F40B85866F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sa:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC41CCD-96B0-493D-B206-37773FD65388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sbc:*:*:*:*:*:*:*",
"matchCriteriaId": "F1579A2D-955F-4CC6-9F94-9D40C669D903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2se:*:*:*:*:*:*:*",
"matchCriteriaId": "F05A548B-C443-4C15-B636-64C1F9B9860D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sea:*:*:*:*:*:*:*",
"matchCriteriaId": "87DC8B40-2093-4D3A-B18B-F95868A36D8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2seb:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB7E760-8260-4488-B9FB-C741C1763F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sec:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F4B373-490C-463F-B518-89D0CABB852C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sg:*:*:*:*:*:*:*",
"matchCriteriaId": "E85ABE5E-7900-4A9C-A945-48B293EF46B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sh:*:*:*:*:*:*:*",
"matchCriteriaId": "BA4B787E-5700-44B8-8C98-24DB1983AE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2so:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1A9400-571E-4955-AB84-C49A4255A5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2su:*:*:*:*:*:*:*",
"matchCriteriaId": "FC70491B-F701-4D33-A314-C686469DBD2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sv:*:*:*:*:*:*:*",
"matchCriteriaId": "198C24E9-6D45-44FD-B502-D14ACDA99EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sw:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEF14D5-1327-4012-913F-DA0E12C4E953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sx:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE0B5B8-DEB1-4021-B854-177C0D9FD73A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sxa:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A672BD-87AE-424D-8735-073BBE9CE164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sxb:*:*:*:*:*:*:*",
"matchCriteriaId": "95C033E3-184B-4AC1-B10D-8318FEAF73FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sxd:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1DDD7C-7921-45D3-81F7-4D9A407CBB5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sxe:*:*:*:*:*:*:*",
"matchCriteriaId": "5A68D177-B028-4025-BD7B-82ACDB2D1E21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sxf:*:*:*:*:*:*:*",
"matchCriteriaId": "485ACF9E-1305-4D71-A766-5BE1D748AAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
"matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2sz:*:*:*:*:*:*:*",
"matchCriteriaId": "6E709D6B-61DB-4905-B539-B8488D7E2DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "84900BB3-B49F-448A-9E04-FE423FBCCC4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2tpc:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C1C831-556D-4634-AA24-6D64943ED275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2x:*:*:*:*:*:*:*",
"matchCriteriaId": "1975B29A-42E5-4DB8-928C-F8F775DAA3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xa:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC6758B-C6EE-45CB-AC2D-28C4AE709DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xb:*:*:*:*:*:*:*",
"matchCriteriaId": "075CD42D-070A-49BA-90D9-E7925BB41A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xc:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB9967A-1EBD-4BE0-8651-1C7D42B2BF4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xd:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB8E66C-A16F-4CC5-9FDF-AE274FF035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xe:*:*:*:*:*:*:*",
"matchCriteriaId": "746DDC61-3981-4E93-A7EE-C120E0265485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC88CC5-CF58-48A3-AFB6-FD38E5F40845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xg:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF2C6C2-58E8-4EA6-84FB-4D11F31490A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xh:*:*:*:*:*:*:*",
"matchCriteriaId": "4628FDA0-4260-4493-92C9-4574E5EC06A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xi:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FA064A-6E1A-4415-84D4-1A33FF667011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xj:*:*:*:*:*:*:*",
"matchCriteriaId": "EE896909-F8C3-4723-B5E7-9FB5FA2B73B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xk:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9CDCE5-F6D3-4FA3-ADA0-EED2517FF7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xl:*:*:*:*:*:*:*",
"matchCriteriaId": "7E03EE34-C398-43B4-A529-BE7BAFA4B3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xm:*:*:*:*:*:*:*",
"matchCriteriaId": "21147732-FA22-4728-B5F2-D115B78A8EDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xn:*:*:*:*:*:*:*",
"matchCriteriaId": "4D717498-4DF9-4D15-A25B-D777FF460E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xq:*:*:*:*:*:*:*",
"matchCriteriaId": "4B40548F-3914-4227-9E4C-F1B34071C069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xr:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C23EC9-C1C6-4F73-9FF5-24A5B97B8D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xs:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE49281-0571-49F7-95FF-68B1ACA07537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xt:*:*:*:*:*:*:*",
"matchCriteriaId": "9B09B72E-6862-4115-9A0B-574089A94289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xu:*:*:*:*:*:*:*",
"matchCriteriaId": "EC38B64C-E246-467F-A185-669497DEA839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xv:*:*:*:*:*:*:*",
"matchCriteriaId": "FBB42063-9DB5-42DB-825A-53C6DBB51A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xw:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5C90EE-A9C0-461C-9E89-732BFA9BD066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xz:*:*:*:*:*:*:*",
"matchCriteriaId": "972EC35D-B727-49A0-A0F1-654FD4E9576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ya:*:*:*:*:*:*:*",
"matchCriteriaId": "E74B6350-C2F8-4786-8E32-2ED6C188A5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yb:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E26473-A8EF-44C5-B550-5E0B86D31291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yc:*:*:*:*:*:*:*",
"matchCriteriaId": "663FE3CE-FA09-46A2-9C0D-2797D9137A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yd:*:*:*:*:*:*:*",
"matchCriteriaId": "86309E93-F2C9-4334-9A1C-989EFDC99215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ye:*:*:*:*:*:*:*",
"matchCriteriaId": "761D49D6-0624-41CE-829E-49E7EA679EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yf:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFAF394-6E9A-4CD6-B8A6-5BDDE4EC8EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yg:*:*:*:*:*:*:*",
"matchCriteriaId": "65318A70-40FF-4BE8-962B-DFCD5C476166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yh:*:*:*:*:*:*:*",
"matchCriteriaId": "8B6DB954-EDC8-4A81-8C26-9D3DBC68FC67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yj:*:*:*:*:*:*:*",
"matchCriteriaId": "552C1E7A-2FFA-49BC-BF09-F0DE9B0C7502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yk:*:*:*:*:*:*:*",
"matchCriteriaId": "869CEAF7-59D6-4651-8D89-0244D6C430A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yl:*:*:*:*:*:*:*",
"matchCriteriaId": "059FBAA6-3127-4DF9-99AD-AA3A16317B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ym:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0E376F-64E1-4632-9A8E-11DC99FB245F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yn:*:*:*:*:*:*:*",
"matchCriteriaId": "BF440B52-C6AE-4608-BE71-01B354D37BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yo:*:*:*:*:*:*:*",
"matchCriteriaId": "243BEF5E-F693-450E-B274-FD7CF34B6771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yp:*:*:*:*:*:*:*",
"matchCriteriaId": "E7918C59-1678-4F24-A7C2-68824D1B59A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yq:*:*:*:*:*:*:*",
"matchCriteriaId": "DE72804E-600D-47FA-B3BF-36BD3CF13A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yr:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD14B6D-CA11-41C1-9382-70CF1F5B4C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ys:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5B9BAF-59BA-4282-B387-489264D44429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yt:*:*:*:*:*:*:*",
"matchCriteriaId": "969A5BAA-19D5-4411-BABB-FE55DBA7C7D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yu:*:*:*:*:*:*:*",
"matchCriteriaId": "54B41182-7AA8-49D1-BAC3-EAF312E43553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yv:*:*:*:*:*:*:*",
"matchCriteriaId": "E11BBB83-147B-4FBF-B263-77FCCFB2D92D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yw:*:*:*:*:*:*:*",
"matchCriteriaId": "2E84677D-793D-44C5-80E9-FC29C3183278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yx:*:*:*:*:*:*:*",
"matchCriteriaId": "E70E5B1F-E72C-4DAB-B6FA-977EF04BFBDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yy:*:*:*:*:*:*:*",
"matchCriteriaId": "ECFA2358-6B79-472D-9092-FF99DC3DF042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2yz:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C26842-FF50-436F-8DB6-15A70082CD1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
"matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zb:*:*:*:*:*:*:*",
"matchCriteriaId": "9384B48D-0F62-4042-BE8F-9A8F5FE9A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zc:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A31301-AAB0-4744-98B2-695D88798D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zd:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB4BA74-BE9F-43D5-9D0F-78F4F2BB19B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2ze:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEB27CF-46B5-4780-964C-C31193614B74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zf:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1094F9-7222-4DE0-A368-7421ABA66E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zg:*:*:*:*:*:*:*",
"matchCriteriaId": "6C7EA2BB-A52A-438C-8EB5-CD283CACBACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zh:*:*:*:*:*:*:*",
"matchCriteriaId": "574FFD6F-D56C-41DB-A978-E501BA3CA5D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zi:*:*:*:*:*:*:*",
"matchCriteriaId": "41E5674D-D1D3-4597-8105-F787465E00A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zj:*:*:*:*:*:*:*",
"matchCriteriaId": "11790F38-3720-45CF-9FD4-A8E5867684D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zk:*:*:*:*:*:*:*",
"matchCriteriaId": "00462296-DF61-4438-818D-C240BFFCCD71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zl:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE2282B-6693-4E4B-8662-501EBC14CD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zm:*:*:*:*:*:*:*",
"matchCriteriaId": "9AD345EA-D5E8-420B-98D0-92674BEBEEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zn:*:*:*:*:*:*:*",
"matchCriteriaId": "56365432-1E57-4D35-B764-DDDA878B96ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zo:*:*:*:*:*:*:*",
"matchCriteriaId": "390755B3-30B7-4086-8FB2-A41614F747D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zp:*:*:*:*:*:*:*",
"matchCriteriaId": "A925BA5C-AB2F-4B73-BA93-55664A319CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2zq:*:*:*:*:*:*:*",
"matchCriteriaId": "94E748F5-FA9B-4627-AB30-5414A2952ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0668C45B-9D25-424B-B876-C1721BFFE5DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C2928F8-6C6B-4C3F-BBE7-EAE8A0C47E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)ja:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC51475-7819-4C46-AF3C-251520C3EEFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)ja5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5538B7E-6AB4-4DB5-920F-EC2BA61DF73A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)jk:*:*:*:*:*:*:*",
"matchCriteriaId": "C8011951-B642-4706-8936-74DCB59304C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)jk1:*:*:*:*:*:*:*",
"matchCriteriaId": "042B6178-F186-40F3-A1AB-51AEAFCB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "19940BFF-0888-4717-AC5F-87A85BE165A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)t8:*:*:*:*:*:*:*",
"matchCriteriaId": "35C4D3D1-5E63-4A1E-BF9B-588FFE5790B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xa4:*:*:*:*:*:*:*",
"matchCriteriaId": "D94D6CD6-3AF5-4CC6-991D-3D8C229A1C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xa5:*:*:*:*:*:*:*",
"matchCriteriaId": "60704633-BFAB-486F-A613-A806733E9AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xc1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5A2A58-D7B2-4018-BAAE-D6CB49A3A709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xc2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C268494-F83A-488D-AEE6-AF7D319B6F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xc3:*:*:*:*:*:*:*",
"matchCriteriaId": "484207D7-0AC2-48B6-B86F-182651B6BBB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xc4:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC53452-31E6-4C9D-88DF-4AD17609DBFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xe3:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF6C6D9-A2BD-469E-AA75-18C063A435D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(2\\)xe4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE48276-21BF-4275-8512-4C5401423064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40DD5508-B8BF-435C-B316-42FEDDDBA859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(3h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "114B5329-6A76-4BE9-AA57-3463D614D495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDC06EA9-D4D9-42EE-8A98-598356707894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)eo1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF2F9E9-AA00-4A78-A32C-14CAA1C171A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)ja:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEA47B2-B51E-4C9C-A9C7-DFC680B32986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)ja1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2530834-81C3-4524-A4F0-B4F77DBAEB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "68BCC003-3F88-4369-A387-6B8D0FDFBE32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD45AA0-EEE1-43FF-B04D-4063769D71AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "7873D1DB-80D0-4076-8716-7618D7161EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF292613-B9BC-4CF1-A6FA-4AFC077D8632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "208EF5CB-8131-443A-928B-391104DC1C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)t8:*:*:*:*:*:*:*",
"matchCriteriaId": "3115134B-46F9-40F0-9ABD-3F35EE635EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)tpc11a:*:*:*:*:*:*:*",
"matchCriteriaId": "0B810AFB-3555-4882-B12B-9DA52AD37AC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xd:*:*:*:*:*:*:*",
"matchCriteriaId": "23B1AF9D-106A-43CB-972C-5E85ADFC355D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xd1:*:*:*:*:*:*:*",
"matchCriteriaId": "25C6BBA6-8D45-4BA7-B88E-44D9ECE88009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xd2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D460AE-3B86-4178-A9D4-172AD4AF1DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xe4:*:*:*:*:*:*:*",
"matchCriteriaId": "552EB570-BFD6-4BBE-805B-41A9A5AE35B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xg1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DFEF95-E48F-4586-9D70-89C192FD21E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xg2:*:*:*:*:*:*:*",
"matchCriteriaId": "77E1EA17-0717-4715-9F2E-48264E18885B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xg4:*:*:*:*:*:*:*",
"matchCriteriaId": "DACA1E35-3681-4E2C-BAB2-DAD99F24F8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xg5:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB85916-14A8-4D16-8BE0-D99B8E5B020E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xh:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC5ED4F-1905-4EAA-8AFF-BC50B879725C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xk:*:*:*:*:*:*:*",
"matchCriteriaId": "F672CDF2-ACC2-485E-89C6-42E47974C8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xk1:*:*:*:*:*:*:*",
"matchCriteriaId": "09C47064-BDD5-4EE7-BAB1-E8FE21EB7DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xk3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC204B9A-1C01-4900-B515-5796B0B06E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xk4:*:*:*:*:*:*:*",
"matchCriteriaId": "79A06F5D-ADA4-44C6-84EA-7229428B7AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xq:*:*:*:*:*:*:*",
"matchCriteriaId": "67151B56-DD5F-4384-9651-FA927CE73D08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(4\\)xq1:*:*:*:*:*:*:*",
"matchCriteriaId": "111C62A4-9DF0-4317-9F95-0112BE24D727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CF0189B-964F-46EC-BE5F-8076CFE7AB8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5\\)b1:*:*:*:*:*:*:*",
"matchCriteriaId": "691E3441-AF70-4959-BBA0-60F5328F8FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53430E70-FBAD-42F7-8614-7AB04E566810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5a\\)b:*:*:*:*:*:*:*",
"matchCriteriaId": "B670057C-7A86-4F61-8FF5-88E6BFE2B5F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5a\\)b2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC9F410-782A-416C-9E10-AF43D5BD44FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5a\\)b5:*:*:*:*:*:*:*",
"matchCriteriaId": "27107AB2-87AB-4909-9F6D-352BA94F8032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4403BFFB-8A89-4512-8030-5DEDC0C0FF93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE38549C-107E-4350-90F2-BA928E3872AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7601422B-1C22-44D2-A398-1586814A9F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(5f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40B9FEE8-FFBB-46E6-A1EA-A243A0073853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D9B4FE3-7A03-430F-AE68-743559D74DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(6a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F5C4FD2-E4BC-447D-8B3B-0248BFBE9121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(6d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BBFB86-2745-4817-9516-50CB08AAA82D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(6e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F645CEE-083C-412E-BCEF-2761AC266CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(6f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B5CCD5B9-0771-47B3-A280-6566A489A5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)ja:*:*:*:*:*:*:*",
"matchCriteriaId": "56529125-65D8-4900-A741-0AE18852B7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)ja1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF14EE4-1D49-4E1B-9589-2F3A8BF3E3E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)jx:*:*:*:*:*:*:*",
"matchCriteriaId": "3029C050-D02D-4DA3-B8B9-901F808BBDD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEADF66-3434-41E0-9527-4D97F1836A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C82EB5-8397-4C0D-8074-7B55D83708B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)t8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6735142-065C-4AA2-B78A-FCD7CA8CB50F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)t9:*:*:*:*:*:*:*",
"matchCriteriaId": "337C0195-34F6-4683-A944-2F698A677476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)t10:*:*:*:*:*:*:*",
"matchCriteriaId": "75901574-5BDD-4388-96F9-A2B4E9970F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)t12:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBCC011-54AB-4E8E-BC20-68E6F274D323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)xi3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0A3B5B-4E6B-437A-B355-D9DCDF078201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)xi4:*:*:*:*:*:*:*",
"matchCriteriaId": "689D066C-972F-4868-A6A3-2F5522489D89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)xi7:*:*:*:*:*:*:*",
"matchCriteriaId": "63CA13FE-93EF-414A-A8D5-333D4A5B9320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)xr3:*:*:*:*:*:*:*",
"matchCriteriaId": "B19F9376-BE29-4F08-B86F-E1634FF750F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)xr4:*:*:*:*:*:*:*",
"matchCriteriaId": "68DC1732-CED8-4FA6-9A75-000BABBEA5C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7\\)xr6:*:*:*:*:*:*:*",
"matchCriteriaId": "570AF3F9-D3F5-44B1-82A1-3C7966A27BD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(7.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5719F49C-0BCC-40F9-825A-4C3C9D4D2239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)ja:*:*:*:*:*:*:*",
"matchCriteriaId": "4701FFB8-6361-4B0F-B413-2649A6FC650E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)ja1:*:*:*:*:*:*:*",
"matchCriteriaId": "80CC4D9F-F7C1-4887-BDC6-62F4BDFE5079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "21932884-D10B-4C2D-99C5-ED4DE3DA38E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)t7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4C56D7-435E-4AE3-BAE8-96A6EAB57488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)t8:*:*:*:*:*:*:*",
"matchCriteriaId": "C44A3B72-EFF5-460D-8EE0-13782AAFDB20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)t9:*:*:*:*:*:*:*",
"matchCriteriaId": "378FFEBE-3815-4293-943E-86771AB6D63D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)t11:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB99DAF-0BF1-43FE-8263-AF8F5EEA7D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)xu2:*:*:*:*:*:*:*",
"matchCriteriaId": "B78D2BD4-CD3F-40D2-8F0F-FC765A9B1ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)xy4:*:*:*:*:*:*:*",
"matchCriteriaId": "A66A1B2C-D653-4275-ADC5-6298A70C939D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)xy5:*:*:*:*:*:*:*",
"matchCriteriaId": "76DFDE5D-231C-4B79-85CF-2B2097E12437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)xy6:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6F2B19-7FF1-45E7-91B6-A427343099DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)ya1:*:*:*:*:*:*:*",
"matchCriteriaId": "64F0AD5B-4C2D-4C9D-8207-0A67F9AF995A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yd:*:*:*:*:*:*:*",
"matchCriteriaId": "B91192EA-0320-43D1-8D73-FAD57CC18259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yf:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC57A97-0A3C-466F-AA15-5D97AC528503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yg:*:*:*:*:*:*:*",
"matchCriteriaId": "581D9245-944E-4464-924B-6CB1E874FFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yg1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE205377-1B09-4498-8538-F2B7DF91E579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yg2:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBBB1FA-5FA9-4042-AE12-F39307C27F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yg3:*:*:*:*:*:*:*",
"matchCriteriaId": "8108DEF0-102A-452B-9B94-D5AAA3918322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yh:*:*:*:*:*:*:*",
"matchCriteriaId": "B4666469-0A0F-4D28-8A1E-39D82ED210CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yi:*:*:*:*:*:*:*",
"matchCriteriaId": "61130D36-B1EF-41F1-AF14-57475BE25FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yi1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD8A9BF-F084-447C-B28C-2736E8C3A83D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(8\\)yi3:*:*:*:*:*:*:*",
"matchCriteriaId": "A515A997-5922-4C07-9C68-0D071E811F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21837255-F23B-488A-A9FB-ED984020147D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(9a\\)bc:*:*:*:*:*:*:*",
"matchCriteriaId": "51F92965-6498-40EC-8AF7-D31466F973A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(9a\\)bc2:*:*:*:*:*:*:*",
"matchCriteriaId": "9417A9B3-CAD8-4E69-9871-484DED263683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(9a\\)bc6:*:*:*:*:*:*:*",
"matchCriteriaId": "39601936-034D-4F48-9F02-0F0E251E34F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(9a\\)bc7:*:*:*:*:*:*:*",
"matchCriteriaId": "F3761893-292D-41E8-9800-C888B235E6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(9d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57EE4026-2A06-4E63-924C-43E663EA47DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(9e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DAF8B6B9-3023-4C33-AFB1-C8C4E1504178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "697C9EFC-7B70-438F-A418-AEFA22841655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(10c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FF6B0F5-0E61-4ECC-B329-80ABCAED3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(10d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "19F6275E-146F-4B70-B14C-D857DDA13819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(10e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F590204-33CC-4A6A-9C37-380ADC15813A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EDCFFDE0-284E-4107-98DA-C30724E4BF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4F50FF-2A42-4BE6-84D8-C6C2A5938125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "B48ACEA8-6E12-40CF-868B-DE343BEBFE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)t5:*:*:*:*:*:*:*",
"matchCriteriaId": "71775098-8BA1-442F-9709-0BCE255DD773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)t6:*:*:*:*:*:*:*",
"matchCriteriaId": "8355DB7C-2E2C-4108-BD0F-361B0B898D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)t8:*:*:*:*:*:*:*",
"matchCriteriaId": "D80E065F-ABB5-4824-9C59-A53690B0CD1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)t9:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4E3DC5-0F83-42DE-9482-92DB413DCDE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)xl:*:*:*:*:*:*:*",
"matchCriteriaId": "C63FEE13-5E2A-4011-B720-63EFAFF55049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)xl3:*:*:*:*:*:*:*",
"matchCriteriaId": "81FACB05-B13D-494E-8AA3-5590391E6F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yf:*:*:*:*:*:*:*",
"matchCriteriaId": "84E27655-2889-4B2A-9C48-ADD48ED5B365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yf2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F58FC83-C321-4A9F-8EE2-1531B73E064C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yf3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7D8166-6522-437F-AEDE-2AC02913FC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yf4:*:*:*:*:*:*:*",
"matchCriteriaId": "B805F909-5650-4884-9990-F3776DF203AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yj:*:*:*:*:*:*:*",
"matchCriteriaId": "C705B7F5-2BE4-45F9-8B5F-9FAC900FF6D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yk:*:*:*:*:*:*:*",
"matchCriteriaId": "F5610D63-0E50-4AB3-A6F7-36BCF7F69EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yk1:*:*:*:*:*:*:*",
"matchCriteriaId": "17F5092A-473E-4356-9EFB-9E3EBFCD5F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yk2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF310185-68F5-48BB-8E11-E38E1961B380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yl:*:*:*:*:*:*:*",
"matchCriteriaId": "19E24302-D04B-45D1-AC6A-0CE45F9B9F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yn:*:*:*:*:*:*:*",
"matchCriteriaId": "723B58EA-9686-425C-99DD-FBECDF6E2225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yr:*:*:*:*:*:*:*",
"matchCriteriaId": "E3EA745A-8AFE-4461-AB53-1FC71E080BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)ys:*:*:*:*:*:*:*",
"matchCriteriaId": "E109B3D5-90BB-45B6-8265-B32465AC85E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)ys1:*:*:*:*:*:*:*",
"matchCriteriaId": "C441F423-86ED-49DF-8BFC-3CA988C9177A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(11\\)yw:*:*:*:*:*:*:*",
"matchCriteriaId": "68D39082-D9B4-4AD2-BA93-D688E098F037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4F0BFAB-D26C-4D17-B5AB-647780423E8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(12b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E59A3B6E-59F6-47B1-BC28-C0B171F1E1F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(12e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B3FBFC2-0628-4A56-A96C-904807E85B49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B69920A-6775-4D3B-81A8-F971875C43D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(13a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4093FE1B-3B95-4F25-AAF5-329FEBE0F0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(13a\\)bc:*:*:*:*:*:*:*",
"matchCriteriaId": "B9411EF8-54EF-49CB-BA09-3AE1133D3146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(13a\\)bc1:*:*:*:*:*:*:*",
"matchCriteriaId": "71AA815E-CD4A-44D5-A772-93CB340E7998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(13b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31AB99B6-84C5-426A-A037-5022FD00E6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "D32302AE-54E2-423A-A418-6C7EAE2CDF0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F616AE0-42B4-403B-B610-99DE15EE490D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "EFCEBBD5-FA7F-4478-8F00-AC6CA598CADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)t5:*:*:*:*:*:*:*",
"matchCriteriaId": "68A83281-667D-4D1A-9F76-CFF3E5AD560F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)ym4:*:*:*:*:*:*:*",
"matchCriteriaId": "40FD8309-111A-45BC-819A-99FE9E002ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yq:*:*:*:*:*:*:*",
"matchCriteriaId": "42C7F308-DB1C-4500-81E4-9E3325D58A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yq1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD9C9A9-9B90-479A-9D2D-8681056892AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yq3:*:*:*:*:*:*:*",
"matchCriteriaId": "19661048-2B60-437E-9D56-9189BFC4C8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yq4:*:*:*:*:*:*:*",
"matchCriteriaId": "FF870144-DFCD-4ADC-A695-3DF9266890EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yt:*:*:*:*:*:*:*",
"matchCriteriaId": "D389A57A-005E-40B1-8DFC-3347F67F19F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yt1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7CEBAF-65BB-4A89-8C3B-CEF1052D99E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yu:*:*:*:*:*:*:*",
"matchCriteriaId": "3B311DEA-F602-49DA-8208-353D2D33283F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(14\\)yu1:*:*:*:*:*:*:*",
"matchCriteriaId": "A14407B6-FEC1-4FD8-8359-CA3EC5477B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CD190476-DC7A-4033-9149-062D75704AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(15b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C4510B95-F9F7-4407-B00F-F91B352C99C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E236CDE4-3369-4CDF-B0F0-4888610CCFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3b:*:*:*:*:*:*:*",
"matchCriteriaId": "292F6F99-19B3-4106-A432-5DE916CCDD56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3bc:*:*:*:*:*:*:*",
"matchCriteriaId": "40183EF8-BD19-49AD-9E55-7FCCA635327F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3bw:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E40D5D-F46E-4098-A46A-1A52A343310D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3j:*:*:*:*:*:*:*",
"matchCriteriaId": "550709E5-9302-4FCB-A969-2DA54BCB2184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3ja:*:*:*:*:*:*:*",
"matchCriteriaId": "D73E5138-016A-48EC-A367-3D3285AAFED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3jea:*:*:*:*:*:*:*",
"matchCriteriaId": "C114F1A6-5DFE-408F-B83A-E8B9D4AF9791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3jeb:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD5C082-9730-466D-A4A8-E4EEE5F3730D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3jec:*:*:*:*:*:*:*",
"matchCriteriaId": "8CF419BD-8474-4F33-9CDD-587E341ABA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3jk:*:*:*:*:*:*:*",
"matchCriteriaId": "332B0446-4D8B-414B-B572-84B45D5643AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3jx:*:*:*:*:*:*:*",
"matchCriteriaId": "D40FB896-E20C-46B1-BF59-FBB42295F9C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C3B413-76F7-413B-A51F-29834F9DE722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3tpc:*:*:*:*:*:*:*",
"matchCriteriaId": "841CDC5F-8F0E-4AE7-A7A9-960E0A8C66B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xa:*:*:*:*:*:*:*",
"matchCriteriaId": "84C89CFF-64BB-4058-9C49-C6BF3E5D8DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xb:*:*:*:*:*:*:*",
"matchCriteriaId": "ACB3B5E3-BDEE-4F29-AB02-BBFC6088D77E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xc:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F12741-69FB-46DD-A670-8461492B338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xd:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC2D158-6174-4AE8-83DA-125B072B6980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xe:*:*:*:*:*:*:*",
"matchCriteriaId": "A5688D88-A550-43EB-8854-2E132EC71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xf:*:*:*:*:*:*:*",
"matchCriteriaId": "8218E2D3-4F1E-440F-A2B2-A68D4692BB17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xg:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE2132D-CF21-49F1-BC66-FA6CDB6D72BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xh:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E3044F-3CE8-4970-9A7F-FDF555F622A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xi:*:*:*:*:*:*:*",
"matchCriteriaId": "AA212293-7BAF-4AD9-BD30-E953CBA7CB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xj:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF3B2A9-027B-4141-B0FB-D31A2C918CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xk:*:*:*:*:*:*:*",
"matchCriteriaId": "1018E04C-5575-4D1A-B482-D1CDB9AD6A50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xl:*:*:*:*:*:*:*",
"matchCriteriaId": "68FC4904-1F4D-4E10-AF95-911B07827598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xm:*:*:*:*:*:*:*",
"matchCriteriaId": "AB57AAA9-4715-468F-A734-A12209A6069F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xn:*:*:*:*:*:*:*",
"matchCriteriaId": "480D480A-80A3-4113-A1A6-194A8DD47F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xq:*:*:*:*:*:*:*",
"matchCriteriaId": "86B9E611-3F06-424C-96EF-EE4997C70AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xr:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A5760A-9FFE-4941-B2BD-7DD54B1E1B37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xs:*:*:*:*:*:*:*",
"matchCriteriaId": "98FE195E-084B-4F4C-800D-850165DED48C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xt:*:*:*:*:*:*:*",
"matchCriteriaId": "1A310F30-F94D-4A70-94BD-6B94D7B5F5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xu:*:*:*:*:*:*:*",
"matchCriteriaId": "FB74F350-37F8-48DF-924E-415E51932163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xv:*:*:*:*:*:*:*",
"matchCriteriaId": "72732395-1B82-4E4F-9D63-D1CA0C6BD929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xw:*:*:*:*:*:*:*",
"matchCriteriaId": "E618BF54-56DC-40FC-A515-3BFB4366F823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xx:*:*:*:*:*:*:*",
"matchCriteriaId": "A1976E53-85A6-494F-B8AC-847E7988850C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xy:*:*:*:*:*:*:*",
"matchCriteriaId": "D90B78E1-3FC7-4CF6-B0BA-1D4CA0FAB57E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3xz:*:*:*:*:*:*:*",
"matchCriteriaId": "9A668D08-14C4-4438-A59C-CE60498BEF8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3ya:*:*:*:*:*:*:*",
"matchCriteriaId": "320C5597-68BE-4899-9EBB-9B4DEE8EA7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yb:*:*:*:*:*:*:*",
"matchCriteriaId": "56032FBD-FEE7-4B38-B35E-CD277B931DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yc:*:*:*:*:*:*:*",
"matchCriteriaId": "75CF930C-6871-4BCB-8605-B71F82455123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yd:*:*:*:*:*:*:*",
"matchCriteriaId": "520304A4-EB15-42A8-A402-8251A4D2076D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3ye:*:*:*:*:*:*:*",
"matchCriteriaId": "F80A9B6F-A5D8-403C-9018-0E627FBC9A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yf:*:*:*:*:*:*:*",
"matchCriteriaId": "C46B66D6-1BF1-4DCA-868F-BADE3CB96063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yg:*:*:*:*:*:*:*",
"matchCriteriaId": "CA88C064-898F-4C0D-A266-D7B3509C28A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yh:*:*:*:*:*:*:*",
"matchCriteriaId": "139B1182-61A3-4F3D-9E29-758F27917646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yi:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC3706F-B00A-405E-917E-7FD5217E0501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yj:*:*:*:*:*:*:*",
"matchCriteriaId": "1B46199E-0DF1-4B3F-A29E-1A2FC016F0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yk:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF4D0E3-8015-4D6F-8364-B6EEAAE67971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yl:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2BCA9F-5D56-4EF4-8675-7B76129B994B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3ym:*:*:*:*:*:*:*",
"matchCriteriaId": "2595DCBA-E6F2-4551-A804-4DBB137F076B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yn:*:*:*:*:*:*:*",
"matchCriteriaId": "09698AAF-F4D1-41EE-A960-38FAB645B5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yq:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6DF12B-2A20-4AC5-8EC5-729008D87736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yr:*:*:*:*:*:*:*",
"matchCriteriaId": "1B75FC35-2B4D-4CEE-BE71-D497DF787123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3ys:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF9D6B6-E51F-44FF-97E5-15E0C4E9C3D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yt:*:*:*:*:*:*:*",
"matchCriteriaId": "A25C42FA-37F4-4B7F-AFCA-D7F081F58CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yu:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AB8F07-AF43-4202-9908-F9A1DF6FFC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yw:*:*:*:*:*:*:*",
"matchCriteriaId": "F8711A47-ABD5-40ED-847A-8D1663E3D819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yx:*:*:*:*:*:*:*",
"matchCriteriaId": "2958873B-A0AB-4EAF-A5CF-8423739FAB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3yz:*:*:*:*:*:*:*",
"matchCriteriaId": "1938D118-C07F-4BEC-8030-947F099BFCB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "65B65738-134F-4C1A-916B-D6CD6365CB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5331586-8380-4F77-8735-17EC0D0E503A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93024CE7-DBA3-4C25-B7D4-4D2DA6AB880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)mr:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5769F6-8C69-4AC7-A3E3-75D275B2AC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)mr1:*:*:*:*:*:*:*",
"matchCriteriaId": "35536E91-A58D-40F7-A256-34128E64B920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "0F69329B-4D37-428E-B467-E3B9314A4D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "9615B275-5748-46CC-8A77-4A9550A39050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "421CD923-6282-4404-A642-C04E1F57F12F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD4411CB-5EE9-455C-AE90-1770320EFD86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)t4:*:*:*:*:*:*:*",
"matchCriteriaId": "593D1680-4883-43FE-A925-B87ED1D2E785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)xa:*:*:*:*:*:*:*",
"matchCriteriaId": "FADF72EC-43B4-4FC0-9BA0-7CC91D4745B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)xb:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDB772E-F9A9-4EBA-958F-CDFCB2DA6BFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(2\\)xb2:*:*:*:*:*:*:*",
"matchCriteriaId": "90769378-BBD1-48D0-921C-A79413B99CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C6DF704-8CC8-42C3-83F1-4D38734DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(3\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "E636DC68-59FE-4BA0-BCFC-4DA97EE17B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7E0D6801-E9A8-416B-830B-7682A9AF65BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E4B2F9E0-E5FF-42D7-8CEF-359FDDFB4059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "23265E4D-855C-4CCC-A875-DFCBA55B3CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(4\\)mr:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB86291-EB40-4CFD-A424-898EFB3D518B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(4\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "A10AADAC-4687-4308-8E4F-B7F9549556DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(4\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A747987-5218-4C1E-87C4-0675CD4F7A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B6483CB-7838-45F7-AE28-824AD71172A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04759B1E-8B40-460F-B33F-4E6332CFC31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(6\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "08AF3694-9686-444B-8D92-E41D262F74E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(6\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5595E7D-3CFD-4FF2-A6BE-59645058C54F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4235428-5E2E-4BCB-98B7-8844B19C7AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(7a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A1E17AB-F645-4636-9337-3158556E85A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86150D11-94D7-43F9-9D19-33778558255F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(9\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC43701-8A3A-42FB-B4F5-566DE59E542E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4ja:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2B390-A39F-4082-BBCB-712BDD95886D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4md:*:*:*:*:*:*:*",
"matchCriteriaId": "A2222EED-6CB2-4D18-8AF5-FAE55BC6213F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4mr:*:*:*:*:*:*:*",
"matchCriteriaId": "C7414D32-88A1-416E-A717-3F47B6D1BE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4sw:*:*:*:*:*:*:*",
"matchCriteriaId": "370DC543-AC01-4B91-88C7-60C323E35929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAD7398-D1B2-47FB-952D-8C3162D5A363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xa:*:*:*:*:*:*:*",
"matchCriteriaId": "99235FFB-4439-40B2-ADBD-B08E5DBBCCB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xb:*:*:*:*:*:*:*",
"matchCriteriaId": "C1797E4E-E15C-4148-9B3D-4FF6D1D815AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xc:*:*:*:*:*:*:*",
"matchCriteriaId": "544BD924-2CBD-4130-BBD3-5AD084C85FE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xd:*:*:*:*:*:*:*",
"matchCriteriaId": "6B78181E-E1D1-4C25-85DE-CA46BBF21765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xe:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F36C3D-E9A2-41A1-BE71-4D8B00D228E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xf:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1CD80F-E898-41CE-8A86-28C2F48B928A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xg:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3C3B97-7F1E-4B87-AD44-E4230BCDAB7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xj:*:*:*:*:*:*:*",
"matchCriteriaId": "BF610051-1638-4C1B-9864-11E34EFC4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xk:*:*:*:*:*:*:*",
"matchCriteriaId": "78260223-50C0-48F8-9A65-AE67489E602C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xl:*:*:*:*:*:*:*",
"matchCriteriaId": "18E39462-4CEE-4C29-8B60-50E05FCF3E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xm:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF16123-CCA0-4ECD-9B8C-AC1534C3F244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xn:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7454AF-7610-4CD3-BD2B-95A6C3283811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xp:*:*:*:*:*:*:*",
"matchCriteriaId": "AB633E6C-025C-4B31-ABE7-8318C813376B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xt:*:*:*:*:*:*:*",
"matchCriteriaId": "DFED1FFB-899D-4A48-9CCA-0B8737AE1408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xv:*:*:*:*:*:*:*",
"matchCriteriaId": "883FA166-2973-42BA-842D-28FBDBFEAC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xw:*:*:*:*:*:*:*",
"matchCriteriaId": "4362045B-7065-4FF9-A977-B3DA7894F831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A17AD004-E2E0-4AC1-87E8-69B9C4AEBC9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBE8937-E1BD-4601-AF1C-6DD20BB132AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D676C769-17D1-48B2-98F4-AC3BDF2C882B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBD3CB7-D88A-4868-A6AD-0717A8A989EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C79071BA-D3FB-4FDF-96A1-477BA88C3E6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2AEFCC-A2F6-45A6-A2EF-24F7906E44E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:0.4_1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A37C19D-B29E-44B3-8DEF-FA32D0B01F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44EFD22E-02C9-4B80-8934-A9AC8DD858CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B4D4A5-25EB-48FE-BDFD-A274CE802648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C11DD743-A21D-48F4-BD55-A8A4FA960F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A037F1-98AD-47CC-8D83-B42666E1B61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "973B0545-D595-4A82-A147-0AB28FE32E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63236405-1F33-43DD-ACF7-B6D9656E0987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B3A2EBB-0359-49A7-B7F9-56EE6FD85D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7891202C-62AF-4590-9E5F-3514FDA2B38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4F7002-A525-4A66-BE8B-E50ABBF144B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1156954-25AD-45BE-AE49-9705ECD5BDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED84E66-CFD9-4DF8-9679-13457D340D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:-:*:*:*:*:*:*",
"matchCriteriaId": "200000B9-E825-4986-B38F-5D45D34603F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "682CCB34-E6CD-42C5-A7A1-D5645BFAA189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "D830933B-BD2B-482A-982C-088AF2F3A953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "50CFCF96-C2E7-4039-AD7C-06DC79FA2C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "F3EE7C5E-3B50-474B-A63B-1649CB798109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.1:p10:*:*:*:*:*:*",
"matchCriteriaId": "465C3783-F2CD-4BD2-9DBC-161B4683EA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.1:p4:*:*:*:*:*:*",
"matchCriteriaId": "08E04379-047A-4E0D-B74F-73B5C582EE26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.1:p5:*:*:*:*:*:*",
"matchCriteriaId": "B8950112-B547-494B-BAC1-0B81F165034C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.1:p7:*:*:*:*:*:*",
"matchCriteriaId": "FD67FB47-726D-41A6-9D80-07848996FCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:-:*:*:*:*:*:*",
"matchCriteriaId": "5364B2C0-677F-4F24-A9CD-D194CCC5C185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "E4470322-D617-4901-A062-C5E7DF124ABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "30609E89-EA47-415F-BFF3-CC7065F0EA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "48403EA5-779A-47F3-9341-A9516F06E0F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "582B9BF3-5BF1-44A3-A580-62F2D44FDD34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD73CDB-94C5-4DBF-8B4C-DD3E4E399445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD85B1ED-1473-4C22-9E1E-53F07CF517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7752D43D-64AF-474F-BFBB-2625A29C1B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4416CBA-76B9-4051-B015-F1BE89517309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9118B602-3FB6-4701-AC09-763DD48334BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47E0A416-733A-4616-AE08-150D67FCEA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "803EFA9F-B7CB-4511-B1C1-381170CA9A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE246DE-641C-44A3-9FCC-5131655DBC1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1C3260-28D8-47C8-AB61-E2EA4ED2B1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96A6EE7E-C79C-4B25-AFF0-C6638CB3C99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6909B816-6778-48A8-A828-CA0AC5484388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B988FF88-E782-4581-9E24-CDE7E1734258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9C11B5-5D63-4D2B-AD9A-5E657A8E1D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F24BEDA8-2D1D-4AA1-8806-02838FB4C323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAAF0A4-F1B1-4597-B9C1-E7F277061BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AE95DD29-6E5F-475B-BCB3-6F756C62FA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "19A5A944-8CFC-40ED-96D1-842ECA7316B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BF38E2-7353-4A55-ABA3-84085BB5F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5C94F0-2390-4AF3-BE18-D00B10A67052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E18C6032-012A-4B09-8D16-680CA3080D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "134ED367-9610-485D-8935-3C46BFC073AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C150050C-6C08-4434-848D-EB71741DF29E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "08D41FAC-B0CD-48DE-AA43-27487FF9E424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9CC013-D4FB-4EC0-B405-6B79DF7C2F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "235B7E7D-3785-408A-AE53-7EB4F88F06C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "69A12556-5E7D-4832-A71A-66E6E9C2A710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "DA9B296A-126A-42E3-B3DD-158F895A48EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC75E5B-48A5-4C28-88B2-870C62DDA337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C3D2EFF1-78E4-4002-8904-9DA13D7D1DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "73E02E89-832D-44D9-B2EE-1C070E99AE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "3B55CD0D-0117-48F3-8643-4C191716AE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "62BA4C24-FD29-421C-8F01-1798764C53F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "726B962B-D8B6-419E-BC0D-3DD9821234F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "985C2754-56B1-4638-B51E-313F7B8BA65F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "746D0402-66BD-4225-B847-6762BC4DC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "E657F58A-440D-40CB-97BF-ACB72AB36A3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5E6A99-20FD-456C-A5E2-FEBA5DD672ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "7699FD2E-C211-4E7E-BCA5-B991FBA90EDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B921F-B152-49F3-9AAD-9421F5867F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "46381F67-EC99-4EA7-9599-BD4A25827E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "29AC849E-7D4E-4C00-8BD0-672F413A80B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "6996F1F1-5374-4BD2-B421-ABB15C7C0B49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "87E18AFD-5090-4C1F-A2EE-A32A28DB5182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "FC91B71A-2456-4410-9633-CF5870027D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "92555500-16EB-4F76-B2C7-61A00A1AC722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B03D22C9-94C6-4AC5-AAD0-15F06BCC5CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "541B4ED8-E970-4C67-B5AF-7DE5B7F754D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "1E55F8A8-1ABD-4760-9074-353BBAEE005B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "F873503F-C6E2-4AC2-859E-9431FE0FA0A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "39E849AC-B85A-4C4F-878B-E95A5F661E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4A2912-12AC-4DF1-8023-A0B7DBE9A866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.1.89:*:*:*:*:*:*:*",
"matchCriteriaId": "15004105-9A55-4592-96D6-3FF539EC7513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.1.132:*:*:*:*:*:*:*",
"matchCriteriaId": "6E07DB8F-0BCF-4378-9BB5-CC948E09D37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "146F7A77-A950-4CAD-BDA9-C239696F569D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7A6B55-2F3B-422E-B1F2-80B482FE89AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70DCE8FF-40C3-44F7-8185-0422ADDA051B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAC3A7C-2092-46D4-908B-CF03F4217112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "956B7F2F-DE46-492F-ACA3-BD5EE7EA14F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DE77B8D6-EF2A-4EC2-AF75-B6FA48747781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AAEC8651-9291-4CAE-AA49-C1CA4C7AE450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6F3945-21ED-44C6-86D2-B7755A87014E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C4919EB3-625C-4D83-8DCB-72BCF05DF2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A5DDB008-E88E-473C-B030-AF9B6F5E4E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D3E03-0ABE-4325-AD67-BA8EA16B6DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E48C9A9-B7E6-4314-BCEF-8013BBB4276E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEF4480-D50B-464C-AE39-A12455DBC99F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBFD0DB-0A18-4545-9B4B-697AAC11E9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "15928E10-7D41-45B2-87D6-8AA10190A8EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C18E13C4-F42D-4168-B25E-544E1549C46B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DB9B7C-3608-44E3-AE47-D231D1F7B8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C4947CDE-CB89-456B-8B5F-0E17B46BC893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECB42B3-70C6-4019-8B8B-8EB7A84B39AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF701E58-35E8-4DDE-B832-C5A23E61A3CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "3C122CC4-B8CB-4AB9-8571-6F3D302F56A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2498D898-D243-4D0C-9AEF-0138D19A68B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "3924060B-1EC1-4003-B306-E327634E7797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "D45B43DF-FD4C-4C37-9569-1CCE450B8987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "99879B2B-7FFB-4181-8928-13B7E17F36C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "83A3E250-5BC6-4AD3-A3DE-7F876FD90BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "B6126B84-9D78-48AF-B5A3-B89F9B1D42DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "43F9DBB0-8AF7-42CA-95DD-68A344E9D549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74D465-3256-4D87-8F47-C4D7CEA6E2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24A58614-0522-48B1-9DF2-20001A37A936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C37E17F7-A276-4A33-B454-751BF639EF9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97FBF069-C751-4F18-806A-DF8C809AE464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "66F7DACF-2AAB-4D9E-8F62-F2B10B39974D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE1FA10-5512-4147-8E5F-EAAAFE334B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "94433CD6-B625-494C-A85A-330D0774D198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1565B9E4-02DF-4725-9D31-189B4D3D840D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1303C9DC-CD79-40B8-AF0B-8F90FA942106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00530A0F-E726-4F52-BF0E-CE7203AE3A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "329B6CD3-7B84-4718-9436-5F8A1AAA60ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FB796B30-701B-4D5A-BF4B-C5CD81A48417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8FF20C-82B0-42D7-92AB-B4C45651B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E97F35A6-11F9-43D3-AD53-23351865F7C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C10A1DB7-A847-43FA-92E6-4B2941DBECAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEEF97A-83E8-4CEE-8913-2D25E0E8AF6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CE443A39-5E8B-4303-9BE9-C3D934F06A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A7258601-9481-4B43-A63D-825DB39ED51A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "24F31744-8A55-48A6-B934-18EBD9657FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9FD388-E804-41D1-B051-588C03ED83D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D6ECC079-EBD4-4E01-9CAC-A4FC84F79656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "249C1EEB-F267-44F2-B4D9-AEFA9E578FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E575B550-E957-4F68-A9FA-3EF4022028A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "256328E7-3F4E-49A3-9F66-6DAC1F7BE941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E3CFEB-CF89-4697-9D3C-C1D41F5B803B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "38F7C571-2713-402F-82CD-66B5C8A50319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D582D69B-65A9-4906-9FF3-1EC7AD2AF927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4E4BAD-E286-4F24-A786-B3DC281537B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "293E5303-3BC2-4A01-99EE-F519E17F2CF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.29:*:*:*:*:*:*:*",
"matchCriteriaId": "73D6DAAF-6D2C-4D33-9109-BC112170762F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "7337DB6A-72E4-4F7C-8AA5-8EC546B632AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.31:*:*:*:*:*:*:*",
"matchCriteriaId": "6C655702-571C-481B-807C-9FE390B52159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "48C775C8-DB4A-4D58-B573-2A8D612E26ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.33:*:*:*:*:*:*:*",
"matchCriteriaId": "61787316-0408-477D-937E-14596C215EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.34:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9628D9-86C8-4200-B605-1D00C7DF9257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.35:*:*:*:*:*:*:*",
"matchCriteriaId": "96BBA71E-5517-400E-A82E-ECE165C78583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.36:*:*:*:*:*:*:*",
"matchCriteriaId": "C70A57A6-6633-459A-8AB5-DC009D407108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.37:*:*:*:*:*:*:*",
"matchCriteriaId": "D2FCF983-1BD5-423D-A3A3-EAAA28BA4146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.38:*:*:*:*:*:*:*",
"matchCriteriaId": "04BF2B3C-7267-4C58-9CD8-270C27B5142F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.39:*:*:*:*:*:*:*",
"matchCriteriaId": "9152FDC9-A97F-455C-83EB-5070C7B32AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.40:*:*:*:*:*:*:*",
"matchCriteriaId": "340F5E67-8F70-4374-BF9A-0AA425A4A5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.41:*:*:*:*:*:*:*",
"matchCriteriaId": "430E39C3-0E40-42C6-9839-982610D97EEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.42:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F96C09-D870-4DE7-A8D1-803D7071126D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.43:*:*:*:*:*:*:*",
"matchCriteriaId": "CEED38F2-9FC3-44E5-A4A9-D5573C6CAE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.44:*:*:*:*:*:*:*",
"matchCriteriaId": "1DAA6363-569D-4234-B784-A357C59C2ED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.45:*:*:*:*:*:*:*",
"matchCriteriaId": "7463B1BB-551E-4D0D-8FB0-6BE2D61DFA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.46:*:*:*:*:*:*:*",
"matchCriteriaId": "B72CB2A8-18C3-4890-B03A-3FCD8638F857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.47:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B60B7E-619E-4844-BBAB-AB8F9D8CF430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.48:*:*:*:*:*:*:*",
"matchCriteriaId": "40D99B33-99AC-4AD9-A599-270CC82744D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.49:*:*:*:*:*:*:*",
"matchCriteriaId": "3983BAF0-C2E1-440B-9A03-880DE197CAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.50:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAAF6CF-148D-4328-9C08-5A18CEF6B71F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "A0EF7B9C-46AF-4AD3-B940-9C631ED7A704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.3.99:*:*:*:*:*:*:*",
"matchCriteriaId": "4817429F-B24F-47E3-BB3B-7EF9036D5F93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "361D407D-A4BE-491D-BC8E-32E78DC4A8F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "A3CD7983-4EB2-4D17-9332-493ECBADC284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "550DFE6E-DCE6-4649-8746-522996021DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E17BB496-749A-40C8-BAA9-6CFBBE308065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0C30F255-1297-46EA-9FBC-05564792FF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.33.2:*:*:*:*:*:*:*",
"matchCriteriaId": "934CBC22-864C-468F-B267-3CDE4449DA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.33.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC432E3-7214-4B61-A666-2DAF5CCAEC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.33.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7682650A-8332-484D-874F-2B67246880B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.33.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFF499A-6602-4BD3-90B5-E6C4AC888812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.34:*:*:*:*:*:*:*",
"matchCriteriaId": "0C406D55-D6CF-443B-B5DB-FC69FBEA01D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.34.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C53EDB2-923D-4860-8251-9A07C9F8FDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.34.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2A5D6B-7011-40AE-8A94-02B062B19010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "9E460A86-FD22-4023-A0D7-0D2F43131635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.35.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFCA2ED-2384-4DB7-9634-AEAEDFF57817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F04081-D672-488E-A91D-5088DD04AA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB59EF-74EF-462E-BC84-89201F734380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0755A136-3DE3-4B61-B5EF-F6282AACD38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1531AD3-2525-4F6E-B77D-FE8863CBD3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81D950C3-0DDC-4549-99F8-1E206768219A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C7E2A5B-6CF3-4748-BE4F-F63A4E59CB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "195A133A-26C9-401E-913F-285BA220D1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D68E21-6C58-46A7-96F2-9A79DD880803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1E975B63-3D9C-4FA9-A6D0-C9865FDA7AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "38D11B12-AFD7-4055-A366-D932CA1BA8C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC990132-9DF2-4D23-B9DA-0819809A3CAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA51D40-E72C-40A4-B238-70F6806FA1B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1B7D68-E41E-4A5A-9606-F14F057B39E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7799A9CE-1948-4D71-BADB-A4A7ECAFF5FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "70BCB10C-FD72-4F18-84C9-AE0603402426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "54A74CAB-2BD1-48BC-BCEB-983E72B3C56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CF742FF1-5504-41BB-8FAA-D71B83C791B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "901C6D04-3226-4654-9A41-0325B48A2F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "072A77AD-BB27-4C24-91A0-A12D6E741593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF900D1D-E351-4407-8269-80E5403432B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "44915F9F-88DF-4304-8F66-58A869654BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC2D90D-2115-406C-B609-870B241F00B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EF681CC1-B3EC-467A-A10D-10840D3D4575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "8660C030-328E-4221-847E-AC4BDA08CE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE83E4E-DBA6-47EB-80FF-9A41A2978DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B58DE3A3-2BE0-45E3-8EFD-5A4439EAD6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.26:*:*:*:*:*:*:*",
"matchCriteriaId": "47AEC277-F9A4-412F-B2EA-C1AEA336A46C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "7234AF29-BCDA-4728-A141-C169EE59CEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D9064F-466F-4D66-AD5E-8BC2D31CD80D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.29:*:*:*:*:*:*:*",
"matchCriteriaId": "374851C5-C61D-4964-8B4A-473B0A008F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD55C81-3687-46BF-880E-58D7E005A185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "2953267F-16BF-404F-83F1-73E0908979B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "9D953B61-3457-4A0E-A668-BA4937B79784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "5F5F3607-C0DD-494C-AB6E-46E383A6B17D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "19138F52-25EA-42B6-89DC-692A8AF0A720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2EBADC-0817-4E38-9F49-8446D8A20CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.36:*:*:*:*:*:*:*",
"matchCriteriaId": "340368E7-0005-4F8A-8AF1-C20A1198288C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.37:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC860DD-57DF-4474-AE2B-9AADB9060175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.38:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1D576A-0763-4611-B3CF-CD8514F18783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.39:*:*:*:*:*:*:*",
"matchCriteriaId": "4A61F3C5-EA3A-4AA2-8F4E-02E07864801F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.40:*:*:*:*:*:*:*",
"matchCriteriaId": "6F570226-CA89-46F4-8C68-9A59BC0602A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.41:*:*:*:*:*:*:*",
"matchCriteriaId": "162A88DA-E2EA-4E92-B174-9AD86BE8D983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.42:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE19B6B-9537-4C76-80B2-98DAF2C15B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.43:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE5C4F5-C64D-4714-B02E-689B435E3E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4F20D3-77E7-4FC2-AF18-6A5E3AE08615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.45:*:*:*:*:*:*:*",
"matchCriteriaId": "164F4483-9F28-491A-8F99-4242C9B9CBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.46:*:*:*:*:*:*:*",
"matchCriteriaId": "34803A7D-45C4-4DBE-BF18-19CE9DE62A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.47:*:*:*:*:*:*:*",
"matchCriteriaId": "1178D6EE-A462-4CC1-B430-9A44C75D2336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.48:*:*:*:*:*:*:*",
"matchCriteriaId": "4360530E-6E07-48F9-B8F8-B36622331052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.49:*:*:*:*:*:*:*",
"matchCriteriaId": "17508D09-AE14-4458-93A2-E2764452EA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.50:*:*:*:*:*:*:*",
"matchCriteriaId": "05F2CD4A-CCA9-4743-86C4-7675D2487E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "75C1504C-03C5-49E4-8192-E1E698CF07A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "DB7CB4B0-1CF5-4AA7-A977-9C24AD6C486D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3172A-E663-42F6-90E7-51C3850AF9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "16F6692C-494F-44ED-97C6-A6CD05334DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "3B61C93E-84FE-46CE-A7DD-ACFEFB96BB62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "5E79FB38-5AE5-4ACD-B4F5-F533C0E1D503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "77231F8B-137F-4FAE-BCD9-658F32943CBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "552ED77A-F09A-4923-A907-8E0DF8445363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.59:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD8EDD0-7817-4A5E-AE97-DA1941E859BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.60:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF940EA-676A-42C8-A6E0-7F53C8A34340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC8FDE8-DB5A-4B2D-810D-73E91194E00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.62:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF7304E-AAA9-4BC3-AEF0-C9509E95ECA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.63:*:*:*:*:*:*:*",
"matchCriteriaId": "29DCCFB1-054F-4BF0-92F1-78A2063415D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.64:*:*:*:*:*:*:*",
"matchCriteriaId": "D3D3222C-7469-42F6-984D-3223BCD8080E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.65:*:*:*:*:*:*:*",
"matchCriteriaId": "697B7069-D08D-41BD-8285-A1ABA0E1142F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.66:*:*:*:*:*:*:*",
"matchCriteriaId": "72173CFB-BAB6-456C-B5F2-3AA31D799E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.67:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD08A67-195F-431B-98A5-42B2966055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.68:*:*:*:*:*:*:*",
"matchCriteriaId": "658C7317-D50B-475A-9E0E-E68AECD49B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.5.69:*:*:*:*:*:*:*",
"matchCriteriaId": "1270F454-8E05-413C-BAF4-35D062CA5803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "455E647F-73DD-400A-AA19-3D93FE2E57AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEBD63E-6194-4CB4-A1CE-E4FBB6F0A6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B812DFE2-6FFA-4D31-839C-0CCB2B1310EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD39A7A-9172-4B85-B8FE-CEB94207A897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35F5C369-6BFB-445F-AA8B-6F6FA7C33EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "81DE32C2-5B07-4812-9F88-000F5FB000C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "02EED3D5-8F89-4B7F-A34B-52274B1A754F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F87AA89-F377-4BEB-B69F-809F5DA6176C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C27AF62E-A026-43E9-89E6-CD807CE9DF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "79C2AE0E-DAE8-4443-B33F-6ABA9019AA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D343B121-C007-49F8-9DE8-AA05CE58FF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7936B7EE-9CD1-4698-AD67-C619D0171A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A2AA2D-5183-4C49-A59D-AEB7D9B5A69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3A0370A2-0A23-4E34-A2AC-8D87D051B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5738D628-0B2D-4F56-9427-2009BFCB6C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7BBB5F-44F7-467F-B934-33ABF744A107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.22:*:*:*:*:*:*:*",
"matchCriteriaId": "0478831E-87B2-441F-AEC2-403A35FED1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B36F432D-FED1-4B8D-A458-BEDEEF306AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
"matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF35478-B292-4A00-B985-CEEDE8B212C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6E85846A-61BE-4896-B4A6-42A7E1DBA515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D6E3B925-031D-4F6D-915A-A16F0FFA878C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFCEA98-C708-4E1E-B189-E6F96D28F07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B753112-CCDE-4870-AA97-4AAA2946421A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79B3AFE7-F4FF-4144-9046-E5926E305A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7616E197-ACCA-4191-A513-FD48417C7F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ED1AA7FC-F5B9-406C-ABE4-0BE5E9889619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE2F94D-E8E0-4BB7-A910-378012580025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*",
"matchCriteriaId": "66F5AE3B-B701-4579-B44A-0F7A4267852E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBB1A21-3826-4BC5-A243-AF8F8D1D4728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "34E60197-56C3-485C-9609-B1C4A0E0FCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86E452E4-45A9-4469-BF69-F40B6598F0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5751AC4-A60F-42C6-88E5-FC8CFEE6F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF886A6-7E73-47AD-B6A5-A9EC5BEDCD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*",
"matchCriteriaId": "48777A01-8F36-4752-8F7A-1D1686C69A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*",
"matchCriteriaId": "42DA6A18-5AA1-4920-94C6-8D0BB73C5352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*",
"matchCriteriaId": "992EA5DE-5A5B-4782-8B5A-BDD8D6FB1E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E51F0211-2D3E-4260-AD63-E83AE4EC4AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4E1245-C6BB-462C-9E27-C608595DAE3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*",
"matchCriteriaId": "747F1324-AEFA-496F-9447-12CD13114F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*",
"matchCriteriaId": "795C3B17-687E-4F33-AA99-8FEC16F14693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*",
"matchCriteriaId": "190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6B81A4DD-2ADE-4455-B517-5E4E0532D5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD589CC-666B-4FAA-BCF0-91C484BDDB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD622EE-A840-42E1-B6BF-4AA27D039B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*",
"matchCriteriaId": "900D6742-DE0F-45C5-A812-BF84088CB02A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*",
"matchCriteriaId": "225CA94C-8C84-4FA6-95D0-160A0016FBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*",
"matchCriteriaId": "D88ED3C4-64C5-44B2-9F23-E16087046C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*",
"matchCriteriaId": "03FB31E5-190C-489A-AB30-910D2CC854F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4A781A-4A41-466F-8426-10B40CF8BA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*",
"matchCriteriaId": "9ED29B3F-456B-4767-8E59-8C19A3B7E1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F6316369-B54A-4E59-A022-E0610353B284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*",
"matchCriteriaId": "073C3CE0-E12D-4545-8460-5A1514271D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*",
"matchCriteriaId": "670FAA25-A86F-4E04-A3A0-0B3FF6CF9C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB33DEA-13C7-4B36-AB8A-ED680679A071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*",
"matchCriteriaId": "86DD0FCC-BB12-410D-8C82-AB99C7C5311E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*",
"matchCriteriaId": "83700989-8820-48DA-A9FE-6A77DF1E8439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9F4CEC-7781-468B-B460-4F487B7C6601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*",
"matchCriteriaId": "67C75A62-8807-4821-9362-1E0D63C0A1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*",
"matchCriteriaId": "894D4812-D62F-489E-8D0E-5E9468CE8EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F92E01-4F08-4364-9E87-FFBC095E32E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.32:*:*:*:*:*:*:*",
"matchCriteriaId": "F9960640-F02D-4E81-A34B-1893D8FD7F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.33:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D00DAD-4F2D-45C7-B87C-85118D9DD855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.34:*:*:*:*:*:*:*",
"matchCriteriaId": "0C398D26-7132-4A6E-9003-77246644451B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.35:*:*:*:*:*:*:*",
"matchCriteriaId": "5EED2DA2-2516-42E9-8A33-0FA64BF51DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.36:*:*:*:*:*:*:*",
"matchCriteriaId": "FF425F00-41BA-4F59-A0DE-6362A1E9A142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.37:*:*:*:*:*:*:*",
"matchCriteriaId": "33577E79-1B6E-406D-A49B-2CEF1754F5D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.38:*:*:*:*:*:*:*",
"matchCriteriaId": "8B21D90E-5172-485E-87AC-F1681604AD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.39:*:*:*:*:*:*:*",
"matchCriteriaId": "C41F6822-92BF-43F5-8B3E-8BAF9E9A320D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.40:*:*:*:*:*:*:*",
"matchCriteriaId": "641EECFD-A985-4026-A53A-10FBE47EAD91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.41:*:*:*:*:*:*:*",
"matchCriteriaId": "47595F81-2083-4236-A0B0-E2B98DD78402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.43:*:*:*:*:*:*:*",
"matchCriteriaId": "0CCA5C83-5293-4107-8E6A-85F82ECF2C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.44:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D0AADC-BC34-40FB-BD69-37981DC8E971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.45:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA7EAC4-7696-41CE-8EE9-3E39DE226BD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.46:*:*:*:*:*:*:*",
"matchCriteriaId": "12547B6B-78F1-4426-81CE-5F208794658C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.47:*:*:*:*:*:*:*",
"matchCriteriaId": "38429E64-276B-46D4-AACD-05349D6F6615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.48:*:*:*:*:*:*:*",
"matchCriteriaId": "E89640F8-313B-4A36-A591-36645D1EF838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.49:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0271F0-41F2-4096-8C91-DAD1A81AF855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.50:*:*:*:*:*:*:*",
"matchCriteriaId": "7A40DCBB-B41B-468E-A918-6EA3F9A125E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.51:*:*:*:*:*:*:*",
"matchCriteriaId": "921B6A54-85E3-4867-8EDF-93EB86BAFBD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.52:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A2C6F1-ED7E-4E51-BE72-BD744D554EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.53:*:*:*:*:*:*:*",
"matchCriteriaId": "2B004CF1-0ACC-441C-9F61-9B20504F4ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E86E13B-EC92-47F3-94A9-DB515313011D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB3068F-2F64-4BBC-BA3C-FB56A2FBED50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6555D45B-D3B3-4455-AB1E-E513F9FB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA5E262-7825-496F-AA72-0AD6DE6F3C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "56C6C01B-4CED-4F37-A415-0603496C27DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9E62F6FA-6C96-4AEE-8547-8C2FE1FAD998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3ACE7A-A600-4ABB-B988-5D59D626DC0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F839622-3DE1-4A16-8BD2-5FA2CBF014D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DC47887B-5608-47BE-85EE-563864461915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AF39E62B-EAB4-44B0-A421-2A71B7DD8341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "809264F1-763D-4A8F-B206-222332DD8732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A66ED53E-3139-4972-B027-D614BFFB8628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*",
"matchCriteriaId": "85A3AB7A-1959-4A57-B83D-B2753C43649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FB7FA3-727D-4BB9-937C-F4F5DA97FFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4A60B265-5508-4EE0-980A-44BB0966FD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A252C50-D63A-4FC0-A51E-A63A939D6AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D08CBC56-C820-4513-ABEC-1ABB3EFC3A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "338BB401-8831-4094-9186-2B3CFA5903D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E32E6BA-AFEF-44A8-B230-87DD043BB222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E575B-BD1A-4E50-8D6F-131D5E08058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20F6269B-5F6B-4413-B14D-7AE5442E4CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*",
"matchCriteriaId": "189D1246-F975-4411-A58B-343ED90485FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B914F7F-C6BD-4527-B1E9-7FD1E337A18C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.8:*:*:*:*:*:*:*",
"matchCriteriaId": "82EC9FCA-D17D-4CB9-B925-E8F8B68F8FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "179147E4-5247-451D-9409-545D661BC158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6554469E-F6AE-4EB0-880E-CBFD196FEE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F99CFC1-DCCE-47B9-98EF-84AEDAECE02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C20367B0-F722-4442-8B59-ABB0FEDB8CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*",
"matchCriteriaId": "86A98A70-51E3-4556-8DC4-DD09CF370D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C6940324-0383-4510-BA55-770E0A6B80B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D3A5FD5-4C42-4B00-8473-D5650FAED9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "480F035A-A59D-4113-A246-DF108BB2F591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "30D39E29-B2A0-4075-84AF-994C27AB0A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "19879317-B067-45DA-B497-21EBDDDC2521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D220C745-28AD-4D04-B2D2-A090D229206E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC5B3A6-6CD5-448D-B910-3BAD15FDC3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AF8895-7BF8-458E-B2BB-68699AABC023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CA768A9D-6C63-405E-9D14-5D68F8E93A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FF495E58-DA6C-402D-B381-4929CB8A502B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AA794BE8-1A22-4BF8-AB79-53E7BCE60D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A591301C-C30F-44AC-90F0-709A18AA96E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D2606B-00A6-4FA3-A00D-B1E8A80B947C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.14:*:*:*:*:*:*:*",
"matchCriteriaId": "610A93BB-70E3-4BF1-83E8-8A7388477F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*",
"matchCriteriaId": "821BD11F-3C6A-4424-BC9B-DFD786248B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "50B422D1-6C6E-4359-A169-3EED78A1CF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD2E9DC-2876-4515-BCE6-DDD0CC6A5708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F19064-CFBF-4B3C-A0A1-CE62265CD592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3F0CEC-B8FA-47E3-BA3E-182F43D3DA86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AB759752-DC19-4750-838B-056063EFDC5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "615BDD1D-36AA-4976-909B-F0F66BF1090C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE8A26D6-1BDA-45F0-8F7C-F95986050E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F320FA9F-C13D-4AA3-B838-A0E5D63E6A29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B179CF1D-084D-4B21-956F-E55AC6BDE026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1B4877-286A-44B5-9C5C-0403F75B2BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*",
"matchCriteriaId": "432CA976-6EFA-4D34-B5EA-CD772D067F93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6E476195-657E-416E-BC16-44A18B06A133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF566DA-0F04-48DA-AA40-565979C55328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6A3A30-FEA4-40B6-98A9-1840BB4E8CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5140380C-71BD-464F-AE53-1814C2653056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B18EC0A7-8616-4039-B98B-E1216E035B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22FB141B-FA2A-435D-8937-83FC0669CB20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C59131C8-F66A-4380-9F6E-3FC14C7C8562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5421616-4BF5-4269-8996-C3D2BA6AE2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*",
"matchCriteriaId": "23FC6CE2-8717-4558-A309-A441D322F00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*",
"matchCriteriaId": "311BE336-7BB2-47C0-AED5-3DEA706C206F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5AAC2E9D-0E82-4866-9046-ADD448418198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*",
"matchCriteriaId": "67F2047A-5F17-4B59-9075-41A5DC5C1CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*",
"matchCriteriaId": "9A12DE15-E192-4B90-ADB7-A886B3746DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*",
"matchCriteriaId": "FF6588E7-F4FA-40F5-8945-FC7B6094376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:midnightbsd:midnightbsd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11F7D4E2-850E-4FAC-B447-608F1D41B686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7751B50-9C8D-45E9-93C1-FD4B27A1427B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECF9E5F-AF38-42B9-8B49-6C254394CDFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.99.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C5D200-B40F-458D-8216-A3C22B21B46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41D2806B-D7B2-4982-B759-8D60866A36DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAE2873-0028-4744-B64E-8E2EA30447F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "783973F9-2A6E-4DDF-A64C-7794FFD0B7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16C117F3-3684-4683-9F9E-CEDD5B88F9CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12313A0-1EAF-4652-9AB1-799171CFFEA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustedbsd:trustedbsd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30A1BB80-2569-4800-9668-ACE3978877B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*",
"matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5494A20A-5927-4249-942C-189292E5F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_blade_switch_3020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1F6E8C-07CB-4612-9CEA-5BB1D4C691B4",
"versionEndExcluding": "12.2\\(50\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_blade_switch_3020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EBA036-A69E-40FE-B8A2-6D99C0AB9F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_blade_switch_3120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52B522E0-47BC-4885-9C27-D9B5F603880B",
"versionEndExcluding": "12.2\\(50\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_blade_switch_3120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDE0913-7E59-4741-B0D9-EC6C90C5E21C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catalyst_blade_switch_3120x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD283F6-CB69-4939-80F5-9BBAD7B7823E",
"versionEndExcluding": "12.2\\(50\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_blade_switch_3120x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "808DEBC5-0249-491C-9607-9263F781BCDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:*",
"matchCriteriaId": "722A52CF-4C6E-44D3-90C4-D2F72A40EF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4F864AD7-53A2-4225-870F-062876CE45DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de cola de conexi\u00f3n) a trav\u00e9s de m\u00faltiples vectores que manipulan informaci\u00f3n en la tabla de estados del TCP, como lo demuestra sockstress."
}
],
"evaluatorComment": "Please see also:\nhttp://blog.robertlee.name/2008/10/more-detailed-response-to-gordons-post.html\n\nand\n\nhttp://www.curbrisk.com/security-blog/robert-e-lee-discusses-tcp-denial-service-vulnerability-sc-magazine.html\n\n\n\n\n\n\n\n\n\n",
"evaluatorImpact": "The impact of this vulnerability has yet to be determined. The full list of affected platforms is subject to change. The NVD will continue to monitor this vulnerability and adjust the configurations as needed.",
"id": "CVE-2008-4609",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-20T17:59:26.163",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.outpost24.com/news/news-2008-10-02.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.outpost24.com/news/news-2008-10-02.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "The attacks reported by Outpost24 AB target the design limitations of the TCP protocol. Due to upstreams decision not to release updates, Red Hat do not plan to release updates to resolve these issues however, the effects of these attacks can be reduced via the mitigation methods as written in http://kbase.redhat.com/faq/docs/DOC-18730.",
"lastModified": "2009-09-08T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-04 23:44
Modified
2025-04-09 00:30
Severity ?
Summary
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB279593-17D1-4A65-BF54-969B38B74B23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80F5B731-D5A7-4694-9B27-CEE1DCC810EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D5DB7BE-FC71-4ADE-8B9F-7EA401C8CA88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E2571E-D9EB-43CD-82DD-8C813FF8D5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "36F4618C-1408-4097-B97D-5F32DE6D01DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F558C40-D0DA-4700-95DA-DF1322C020E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "64F8F30B-E4B8-4745-AFFA-8FD620E61994",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBE8937-E1BD-4601-AF1C-6DD20BB132AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D676C769-17D1-48B2-98F4-AC3BDF2C882B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBD3CB7-D88A-4868-A6AD-0717A8A989EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C79071BA-D3FB-4FDF-96A1-477BA88C3E6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"matchCriteriaId": "6F4AC452-6042-409D-8673-ACAD108EE3B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*",
"matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"matchCriteriaId": "9BCD9C12-EDAB-473F-9CC5-04F06B413720",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"matchCriteriaId": "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*",
"matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"matchCriteriaId": "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"matchCriteriaId": "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*",
"matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"matchCriteriaId": "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"matchCriteriaId": "AFDA151E-E614-4A24-A34D-B6D5309110CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*",
"matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p7:*:*:*:*:*:*",
"matchCriteriaId": "B19BEAB3-8BED-422F-B228-240269CB0704",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "A8ED2959-64AA-487E-AA11-72595A6FAA04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*",
"matchCriteriaId": "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "860BABDE-4266-4476-96F9-397DAD23C841",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*",
"matchCriteriaId": "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*",
"matchCriteriaId": "6E21E50A-A368-4487-A791-87366CC5C86E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*",
"matchCriteriaId": "43E84296-9B5C-4623-A2C4-431D76FC2765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9CA0AC-29ED-4C86-AB6C-DCAE28FC1BB5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*",
"matchCriteriaId": "E18328E2-3CB5-4D36-8EA3-77DD909B46A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*",
"matchCriteriaId": "EF73D76B-FBB8-4D10-8393-9FAF53392A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*",
"matchCriteriaId": "F177AE1C-58C2-4575-807C-ABFFC5119FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11_p20_release:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EFFC9A-016A-496B-A109-919189A9C808",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11_release:*:*:*:*:*:*:*",
"matchCriteriaId": "73E6E5C5-F80A-423D-BD93-BA837E808A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "15C4D826-A419-45F5-B91C-1445DB480916",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "8E4BC012-ADE4-468F-9A25-261CD8055694",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*",
"matchCriteriaId": "0D6428EB-5E1A-41CB-979C-4C9402251D8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "2DCA9879-C9F5-475A-8EC9-04D151001C8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "0A94132F-4C47-49CC-B03C-8756613E9A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*",
"matchCriteriaId": "3F629879-66F0-427B-86D8-D740E0E3F6E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "C89129C5-A1DB-4018-B43A-C60C8E650080",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "60F7B4A9-4036-4061-8F3D-BDC3F1282EC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5_release:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA9754D-773C-432E-8E74-52FDC83FF279",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5_stable:*:*:*:*:*:*:*",
"matchCriteriaId": "E8812D60-F669-4EA3-AF4E-6329EF625E38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:release:*:*:*:*:*:*",
"matchCriteriaId": "CCE4F2E6-2286-4D87-ADD7-7E999B4E5620",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*",
"matchCriteriaId": "C07C3BEF-8D6A-4F23-96DE-AFE4369D08EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0_p5_release:*:*:*:*:*:*:*",
"matchCriteriaId": "67FDB43C-84D1-4B45-BFB9-340F3687A22F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4416CBA-76B9-4051-B015-F1BE89517309",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:release:*:*:*:*:*:*",
"matchCriteriaId": "8C64EE9C-18E1-49C6-96DE-7E6F1607C0D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:release_p10:*:*:*:*:*:*",
"matchCriteriaId": "B36B3805-8A85-4357-ABC1-AB22C61E3381",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "231B70A8-890A-4790-A33A-64228656BF0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9118B602-3FB6-4701-AC09-763DD48334BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "589B62B4-FAA3-4F58-8104-EF84FEAFFB65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "72C2BE9D-91E1-48E9-9326-39CF583A57E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "42231BCC-2B90-4196-A1C2-408A353C1BEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "F06B831E-D8F2-4380-B279-559CE103210F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACC9072-4A33-4F1F-B790-2F9D5A52F71B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECF9E5F-AF38-42B9-8B49-6C254394CDFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E59D3682-22E1-40C4-AC65-079005FB6194",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3D95D05C-4FE1-4408-B8B8-5C5932800385",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "FCB9E9F8-7C6B-4BC7-A593-A11B9D6F0B35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F4B6E29-B74F-45FF-AEB1-A118753F8E3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAE2873-0028-4744-B64E-8E2EA30447F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "783973F9-2A6E-4DDF-A64C-7794FFD0B7B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16C117F3-3684-4683-9F9E-CEDD5B88F9CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cosmicperl:directory_pro:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D185E-D235-4731-A092-B667DC6FCBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:darwin:darwin:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80D58C3E-4F5D-42A0-95AA-25E0EAEBFCF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:darwin:darwin:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4268605-39FE-49E0-ABC9-27DEA359779E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:navision:financials_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B70D3E5-924C-4AB7-ABF7-6273DE325007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka \"Algorithm X2\"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting."
},
{
"lang": "es",
"value": "Cierto algoritmo generador de n\u00fameros pseudo-aleatorios(PRNG) que usa XOR y alterna en saltos de 2-bit (tambi\u00e9n conocido com o\"algoritmo X2\"), usado en OpenBSD de la v2.6 a la 3.4, Mac OS X de la v10 a a 10.5.1, FreeBSD 4.4 a la 7.0 y DragonFlyBSD 1.0 a la 1.10.1, permite a atacantes remotos adivinar datos sensibles como los IDs de una fragmentaci\u00f3n IP observando una secuencia generada previamente. NOTA: este fallo puede ser aprovechado por ataques como la inyecci\u00f3n de paquetes TCP y OS fingerprinting."
}
],
"id": "CVE-2008-1147",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-03-04T23:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/bugtraq/2008/Feb/0052.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/bugtraq/2008/Feb/0063.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28819"
},
{
"source": "cve@mitre.org",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype="
},
{
"source": "cve@mitre.org",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27647"
},
{
"source": "cve@mitre.org",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2008/Feb/0052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/bugtraq/2008/Feb/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41155"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-21 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2014-5384 is used for the NULL pointer dereference.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA79CE41-D873-4A4A-A20C-83EB8772E5FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2014-5384 is used for the NULL pointer dereference."
},
{
"lang": "es",
"value": "El m\u00f3dulo HZ en la implementaci\u00f3n iconv en FreeBSD 10.0 anterior a p6 y NetBSD permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (referencia a puntero nulo) a trav\u00e9s de un argumento manipulado en la funci\u00f3n iconv_open. NOTA: este problema ha sido dividido (SPLIT) por ADT2 debido a diferentes tipos de vulnerabilidad. CVE-2014-5384 se utiliza para la referencia a puntero nulo."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\" target=\"_blank\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2014-3951",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-21T22:55:03.627",
"references": [
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030458"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page."
}
],
"id": "CVE-2005-4691",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"source": "cve@mitre.org",
"url": "http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20731"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15263"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-17 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28125403-1E0F-44F0-BAA6-E05392544DF6",
"versionEndIncluding": "2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories."
}
],
"id": "CVE-2001-1145",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-17T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/8715.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata28.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5466"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/8715.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3205"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:release_p2:*:*:*:*:*:*",
"matchCriteriaId": "5206BC9B-F7CC-4AF2-866F-46F094616219",
"versionEndIncluding": "4.8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:release_p1:*:*:*:*:*:*",
"matchCriteriaId": "79F06925-8A46-4721-B509-53E8145CF2A5",
"versionEndIncluding": "5.1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory."
}
],
"id": "CVE-2003-1289",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/9504"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1007460"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/2406"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/9504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1007460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/2406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12892"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E12586C9-B199-4E06-B831-97648F1244A5",
"versionEndIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F617D2-2369-4E7A-9211-26D27AE3EBBD",
"versionEndIncluding": "1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769A783B-D80A-4AFF-9676-B0A0457C77B3",
"versionEndIncluding": "2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment\u0027s reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges."
},
{
"lang": "es",
"value": "La llamada de sistema shmat en el interfaz de Memoria Compartida de Sistema V de FreeBSD 5.2 y anteriores, NetBSD 1.3 y anteriores, y OpenBSD 2.6 y anteriores, no decrementa adecuadamente un contador de referencias de segmentos de memoria compartidos cuando al funci\u00f3n vm_map_find falla, lo que podr\u00eda permitir a usuarios locales ganar acceso de lectura y escritura a una porci\u00f3n de memoria del kernel y ganar privilegios."
}
],
"id": "CVE-2004-0114",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107608375207601\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/errata33.html#sysvshm"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3836"
},
{
"source": "cve@mitre.org",
"url": "http://www.pine.nl/press/pine-cert-20040201.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9586"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107608375207601\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata33.html#sysvshm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pine.nl/press/pine-cert-20040201.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15061"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-08 21:30
Modified
2025-04-11 00:51
Severity ?
Summary
Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver (src/sys/dev/pci/azalia.c) or (2) the hdaudio_afg_query_devinfo function in the hdaudio audio driver (src/sys/dev/pci/hdaudio/hdaudio_afg.c).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver (src/sys/dev/pci/azalia.c) or (2) the hdaudio_afg_query_devinfo function in the hdaudio audio driver (src/sys/dev/pci/hdaudio/hdaudio_afg.c)."
},
{
"lang": "es",
"value": "Error de presencia de signo entero en NetBSD v4.0, v5.0, y NetBSD-current anterior a 2010-01-21, permite a usuarios locales provocar una denegaci\u00f3n de servicio (kernel panic) a trav\u00e9s de una mezcla negativa de n\u00fameros indexados que son pasados a (1) la funci\u00f3n azalia_query_devinfo en el controlador de audio azalia (src/sys/dev/pci/azalia.c) o (2) la funci\u00f3n hdaudio_afg_query_devinfo en el controlador de audio (src/sys/dev/pci/hdaudio/hdaudio_afg.c)."
}
],
"id": "CVE-2010-0561",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-08T21:30:00.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-003.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/62081"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/62082"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38284"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38057"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-003.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/62081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/62082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023539"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-19 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/99176 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99176 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Mailing List, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F25F328-22FC-4189-B04E-965F2864B051",
"versionEndIncluding": "7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw exists in NetBSD\u0027s implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions."
},
{
"lang": "es",
"value": "Existe un error en la implementaci\u00f3n de NetBSD de la p\u00e1gina stack guard que permite que los atacantes la omitan, lo que resulta en la ejecuci\u00f3n de c\u00f3digo arbitrario mediante el uso de ciertos binarios setuid. Esto afecta a NetBSD 7.1 y posiblemente a versiones anteriores."
}
],
"id": "CVE-2017-1000374",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-19T16:29:00.530",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99176"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rogue:rogue:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5329D8BB-9734-4FAC-9D45-05EF8D36E596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain \"games\" group privileges via malformed entries in a game save file."
}
],
"id": "CVE-2002-1192",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103342413220529\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/7181"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/7252"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6098"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5837"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103342413220529\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/7181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/7252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10261"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-04 23:44
Modified
2025-04-09 00:30
Severity ?
Summary
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB279593-17D1-4A65-BF54-969B38B74B23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80F5B731-D5A7-4694-9B27-CEE1DCC810EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D5DB7BE-FC71-4ADE-8B9F-7EA401C8CA88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E2571E-D9EB-43CD-82DD-8C813FF8D5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "36F4618C-1408-4097-B97D-5F32DE6D01DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F558C40-D0DA-4700-95DA-DF1322C020E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "64F8F30B-E4B8-4745-AFFA-8FD620E61994",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A132487-E89F-4D0D-8366-14AFC904811F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD231103-D7C7-4697-BE90-D67558D6115C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BCADAAA0-C885-466C-A122-A94E73EAF817",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "448DB1C7-7B0C-4076-9B9F-1CDCD5EB6930",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE429EF-24D4-453A-8B43-8CCEF5D72773",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC9692A-CE81-446D-B136-449662C4B9A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "504D78AB-5374-48C9-B357-DB6BD2267D2D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3029892E-1375-4F40-83D3-A51BDC4E9840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "81F8DA6D-2258-4138-8FB2-90BE3C68B230",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBE8937-E1BD-4601-AF1C-6DD20BB132AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D676C769-17D1-48B2-98F4-AC3BDF2C882B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBD3CB7-D88A-4868-A6AD-0717A8A989EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:dragonflybsd:dragonflybsd:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C79071BA-D3FB-4FDF-96A1-477BA88C3E6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"matchCriteriaId": "6F4AC452-6042-409D-8673-ACAD108EE3B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*",
"matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"matchCriteriaId": "9BCD9C12-EDAB-473F-9CC5-04F06B413720",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"matchCriteriaId": "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*",
"matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"matchCriteriaId": "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"matchCriteriaId": "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*",
"matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"matchCriteriaId": "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"matchCriteriaId": "AFDA151E-E614-4A24-A34D-B6D5309110CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*",
"matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p7:*:*:*:*:*:*",
"matchCriteriaId": "B19BEAB3-8BED-422F-B228-240269CB0704",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "A8ED2959-64AA-487E-AA11-72595A6FAA04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*",
"matchCriteriaId": "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "860BABDE-4266-4476-96F9-397DAD23C841",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*",
"matchCriteriaId": "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*",
"matchCriteriaId": "6E21E50A-A368-4487-A791-87366CC5C86E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*",
"matchCriteriaId": "43E84296-9B5C-4623-A2C4-431D76FC2765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10_prerelease:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9CA0AC-29ED-4C86-AB6C-DCAE28FC1BB5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*",
"matchCriteriaId": "E18328E2-3CB5-4D36-8EA3-77DD909B46A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*",
"matchCriteriaId": "EF73D76B-FBB8-4D10-8393-9FAF53392A4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*",
"matchCriteriaId": "F177AE1C-58C2-4575-807C-ABFFC5119FA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11_p20_release:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EFFC9A-016A-496B-A109-919189A9C808",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11_release:*:*:*:*:*:*:*",
"matchCriteriaId": "73E6E5C5-F80A-423D-BD93-BA837E808A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "15C4D826-A419-45F5-B91C-1445DB480916",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "8E4BC012-ADE4-468F-9A25-261CD8055694",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*",
"matchCriteriaId": "0D6428EB-5E1A-41CB-979C-4C9402251D8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "2DCA9879-C9F5-475A-8EC9-04D151001C8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "0A94132F-4C47-49CC-B03C-8756613E9A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*",
"matchCriteriaId": "3F629879-66F0-427B-86D8-D740E0E3F6E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "C89129C5-A1DB-4018-B43A-C60C8E650080",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "60F7B4A9-4036-4061-8F3D-BDC3F1282EC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5_release:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA9754D-773C-432E-8E74-52FDC83FF279",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5_stable:*:*:*:*:*:*:*",
"matchCriteriaId": "E8812D60-F669-4EA3-AF4E-6329EF625E38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:release:*:*:*:*:*:*",
"matchCriteriaId": "CCE4F2E6-2286-4D87-ADD7-7E999B4E5620",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*",
"matchCriteriaId": "C07C3BEF-8D6A-4F23-96DE-AFE4369D08EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0_p5_release:*:*:*:*:*:*:*",
"matchCriteriaId": "67FDB43C-84D1-4B45-BFB9-340F3687A22F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4416CBA-76B9-4051-B015-F1BE89517309",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:release:*:*:*:*:*:*",
"matchCriteriaId": "8C64EE9C-18E1-49C6-96DE-7E6F1607C0D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:release_p10:*:*:*:*:*:*",
"matchCriteriaId": "B36B3805-8A85-4357-ABC1-AB22C61E3381",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "231B70A8-890A-4790-A33A-64228656BF0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9118B602-3FB6-4701-AC09-763DD48334BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "589B62B4-FAA3-4F58-8104-EF84FEAFFB65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F702C46F-CA02-4FA2-B7D6-C61C2C095679",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.3_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "72C2BE9D-91E1-48E9-9326-39CF583A57E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "42231BCC-2B90-4196-A1C2-408A353C1BEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "F06B831E-D8F2-4380-B279-559CE103210F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:7.0_releng:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACC9072-4A33-4F1F-B790-2F9D5A52F71B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECF9E5F-AF38-42B9-8B49-6C254394CDFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9432E9-AACA-4242-BDAB-8792ACF72C12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29C02C6B-AAFD-4594-94A4-F26BA3648CB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57C533D7-771E-4E33-A4FE-764C0B73F920",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E59D3682-22E1-40C4-AC65-079005FB6194",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3D95D05C-4FE1-4408-B8B8-5C5932800385",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "FCB9E9F8-7C6B-4BC7-A593-A11B9D6F0B35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F4B6E29-B74F-45FF-AEB1-A118753F8E3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAE2873-0028-4744-B64E-8E2EA30447F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "783973F9-2A6E-4DDF-A64C-7794FFD0B7B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16C117F3-3684-4683-9F9E-CEDD5B88F9CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cosmicperl:directory_pro:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D185E-D235-4731-A092-B667DC6FCBA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:darwin:darwin:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80D58C3E-4F5D-42A0-95AA-25E0EAEBFCF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:darwin:darwin:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4268605-39FE-49E0-ABC9-27DEA359779E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:navision:financials_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B70D3E5-924C-4AB7-ABF7-6273DE325007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka \"Algorithm A0\"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting."
},
{
"lang": "es",
"value": "Cierto algoritmo generador de n\u00fameros pseudo-aleatorios(PRNG) que usa ADD con 0 saltos aleatorios(tambi\u00e9n conocido como \"algoritmo A0\"), usado en OpenBSD de la v3.5 a la 4.2 y NetBSD v1.6.2 a la 4.0, permite a atacantes remotos adivinar datos sensibles como (1)los IDs de una transacci\u00f3n DNS, (2)IDs de una fragmentaci\u00f3n IP observando una secuencias generadas previamente. NOTA: este fallo puede ser aprovechado por ataques como el envenenamiento de la cach\u00e9s DNS, la inyecci\u00f3n de paquetes TCP y OS fingerprinting."
}
],
"id": "CVE-2008-1148",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-03-04T23:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28819"
},
{
"source": "cve@mitre.org",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27647"
},
{
"source": "cve@mitre.org",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41157"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-25 02:15
Modified
2024-11-21 06:32
Severity ?
Summary
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Vendor Advisory | |
| cve@mitre.org | https://arxiv.org/pdf/2112.09604.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://arxiv.org/pdf/2112.09604.pdf | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0992771-F022-4195-A4DF-4323FF07B04F",
"versionEndIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG."
},
{
"lang": "es",
"value": "En NetBSD versiones hasta 9.2, el algoritmo de generaci\u00f3n de ID de fragmentos IPv6 emplea un PRNG criptogr\u00e1fico d\u00e9bil"
}
],
"id": "CVE-2021-45484",
"lastModified": "2024-11-21T06:32:18.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-25T02:15:06.620",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-338"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-12-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Land IP denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios | 7000 | |
| gnu | inet | 5.01 | |
| microsoft | winsock | 2.0 | |
| hp | hp-ux | 9.00 | |
| hp | hp-ux | 9.01 | |
| hp | hp-ux | 9.03 | |
| hp | hp-ux | 9.04 | |
| hp | hp-ux | 9.05 | |
| hp | hp-ux | 9.07 | |
| hp | hp-ux | 10.00 | |
| hp | hp-ux | 10.01 | |
| hp | hp-ux | 10.10 | |
| hp | hp-ux | 10.16 | |
| hp | hp-ux | 10.20 | |
| hp | hp-ux | 10.24 | |
| hp | hp-ux | 10.30 | |
| hp | hp-ux | 11.00 | |
| microsoft | windows_95 | * | |
| microsoft | windows_nt | 4.0 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| sun | sunos | 4.1.3u1 | |
| sun | sunos | 4.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:7000:*:*:*:*:*:*:*",
"matchCriteriaId": "008881AE-153D-4691-9500-900071302ECD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:inet:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "679EB37A-DC20-4EB0-BF1E-664BF53AC054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:winsock:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2F784E-2B6A-4BF7-9A16-77031AFD6272",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6E436D06-FA3A-43F6-AF84-2E9C2F42E3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB1B6DC-4FF9-40DC-BAD5-91A04E79981E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FA635E-C0FE-495C-A2BB-D9C30A95FD00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "E178238D-E17A-48C9-8922-AC92474BDF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.05:*:*:*:*:*:*:*",
"matchCriteriaId": "560C17E1-6154-4291-A838-5E76139B9FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:9.07:*:*:*:*:*:*:*",
"matchCriteriaId": "035890F7-BF48-4669-812A-1DCBD91A8F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "38E41C26-A086-4C9C-83D8-CB910F4B67F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "09070FE3-EF6B-41F6-89D8-3C9E31F3A6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82F7322B-8022-4D0B-ADB3-D0F5B6F20309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1BA107-F2D3-4F13-82EC-4576C429E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Land IP denial of service."
}
],
"id": "CVE-1999-0016",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-12-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170815-0001/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-29 01:28
Modified
2025-04-09 00:30
Severity ?
Summary
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment"
},
{
"lang": "es",
"value": "** IMPUGNADA ** ld.so en FreeBSD, NetBSD, u posiblemente otras distribuciones BSD no borran ciertas variables de entorno perjudiciales, lo cual permite a usuarios locales obtener privilegios pasando cierta variables de entorno a procesos de carga. NOTA: este asunto ha sido impugnado por una tercera parte, afirmando que es responsabilidad de la aplicaci\u00f3n limpiar adecuadamente el entorno."
}
],
"id": "CVE-2006-6165",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2006-11-29T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452371/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/452428/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452371/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/452428/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-23 20:06
Modified
2025-04-03 01:03
Severity ?
Summary
The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket."
},
{
"lang": "es",
"value": "La funci\u00f3n ip6_savecontrol en NetBSD v2.0 hasta v3.0, bajo ciertas configuraciones, no permite comprobar si el sockets IPv4-mapped ha sido usado antes del proceso de opciones del socket IPv6, lo que permite a atacantes locales causar una denegaci\u00f3n de servicio (ca\u00edda) por creaci\u00f3n de un socket IPv4-mapped IPv6 con opci\u00f3n SO_TIMESTAMP activada, para luego enviar un paquete IPv4 a trav\u00e9s del socket."
}
],
"id": "CVE-2006-3202",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-23T20:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016250"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27139"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges."
}
],
"evaluatorSolution": "this vulnerbaility is addressed in the following product versions:\r\nNetBSD, NetBSD, 2.0.3, and higher",
"id": "CVE-2005-4776",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-008.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/09/13/0024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-008.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/09/13/0024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/20757"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-09 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00564BAA-066A-4627-B6A8-78724E55D363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8E6EE58-9C2B-457A-BD0D-EED71A1E4186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84241D91-1490-485B-AA07-8335CE458275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "730917F8-E1F4-4836-B05A-16B2BA5774DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers."
},
{
"lang": "es",
"value": "Multiples vulnerabilidades de consumos de pila en el Kernel de NetBSD v4.0, v5.0 con anterioridad a v5.0.3 y v5.1 con anterioridad a v5.1.1, IPsec cuando est\u00e1 activada, permite a atacantes remotos provocar una denegaci\u00f3n de servicio ( corrupci\u00f3n de memoria y kernel panic ) o posiblemente tener un impacto no especificado a trav\u00e9s de paquetes manipulados en ( 1 )IPv4 o ( 2 )IPv6 con cabeceras anidadas IPComp."
}
],
"id": "CVE-2011-1547",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-09T19:55:03.553",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/668220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/668220"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| niels | provos_systrace | 1.1 | |
| niels | provos_systrace | 1.2 | |
| niels | provos_systrace | 1.3 | |
| niels | provos_systrace | 1.4 | |
| niels | provos_systrace | 1.5 | |
| vladimir_kotal | systrace_port_for_freebsd | 2004-03-09 | |
| vladimir_kotal | systrace_port_for_freebsd | 2004-06-02 | |
| netbsd | netbsd | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:niels:provos_systrace:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88D46C75-8F8E-4F71-AA02-E0C62CB78B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:niels:provos_systrace:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC55D51-6C9E-4DB5-AA99-F7B57D8EA835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:niels:provos_systrace:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BB619025-39E9-4D41-8EE7-E99A4160BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:niels:provos_systrace:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "69B3A079-3F0D-46A8-AE39-81FDBE5DAAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:niels:provos_systrace:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "682EFA1D-A5A1-49C7-9A14-0D84A0E63B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vladimir_kotal:systrace_port_for_freebsd:2004-03-09:*:*:*:*:*:*:*",
"matchCriteriaId": "CC310EF4-A650-4F8E-A79D-DF66CFE32D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vladimir_kotal:systrace_port_for_freebsd:2004-06-02:*:*:*:*:*:*:*",
"matchCriteriaId": "F02F4CD3-0893-4447-A79C-3E4254860BBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges."
}
],
"id": "CVE-2004-2012",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-007.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108432258920570\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11585"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/10320"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-007.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108432258920570\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/10320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16110"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-24 01:04
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "582B9BF3-5BF1-44A3-A580-62F2D44FDD34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD85B1ED-1473-4C22-9E1E-53F07CF517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7752D43D-64AF-474F-BFBB-2625A29C1B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2C79D5-D27F-4B08-A8DF-3E3AAF4E16A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4416CBA-76B9-4051-B015-F1BE89517309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "783973F9-2A6E-4DDF-A64C-7794FFD0B7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el controlador sppp en FreeBSD 4.11 hasta 6.1, NetBSD 2.0 hasta 4.0 beta anterior al 23/08/2006, y OpenBSD 3.8 y 3.9 anterior al 02/09/2006 permite a atacanets remotos provocar una denegaci\u00f3n de servicio (panic), obtener informaci\u00f3n sensible, y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante paquetes LCP (Link Control Protocol) modificados con una longitud de opciones que excede la longitud total, lo que provoca un desbordamiento en (1) pppoe y (2) ippp. NOTA: este problema fue inicial e incorrectamente reportado para el controlador ppp."
}
],
"id": "CVE-2006-4304",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-24T01:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21587"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21731"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc"
},
{
"source": "cve@mitre.org",
"url": "http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016745"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata.html#sppp"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata38.html#sppp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19684"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata.html#sppp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata38.html#sppp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28562"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-11 01:10
Modified
2025-04-09 00:30
Severity ?
Summary
The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kame:kame:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0594C59E-DF58-437D-9DD4-E8CF82DDB3CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9875E709-11BA-4B8F-A2FC-26844DD4D563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value."
},
{
"lang": "es",
"value": "La Funci\u00f3n mld_input en sys/netinet6/mld6.c in the kernel en NetBSD 4.0, FreeBSD, y KAME, cuando INET6 est\u00e1 habilitado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (Error de divisi\u00f3n entre 0 y ca\u00edda) a trav\u00e9s de una petici\u00f3n ICMPv6 Multicast Listener Discovery (MLD) mal formada con un determinado valor de \"Maximum Response Delay\"."
}
],
"id": "CVE-2008-2464",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-11T01:10:39.570",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://cert.fi/haavoittuvuudet/2008/advisory-netbsd.html"
},
{
"source": "cret@cert.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c"
},
{
"source": "cret@cert.org",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.46\u0026r2=1.47\u0026f=h"
},
{
"source": "cret@cert.org",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-011.txt.asc"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1020822"
},
{
"source": "cret@cert.org",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c"
},
{
"source": "cret@cert.org",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.34%3Br2=1.35%3Bf=h"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/817940"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/31026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://cert.fi/haavoittuvuudet/2008/advisory-netbsd.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.46\u0026r2=1.47\u0026f=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-011.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.34%3Br2=1.35%3Bf=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/817940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31026"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5071CA39-65B3-4AFB-8898-21819E57A084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2ED81B-8DA2-46D0-AE24-C61BF8E78AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D18C95A3-15E3-41B8-AC28-ACEA57021E24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFC6B75-9057-4E58-A4D4-8AEC12AE62E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28BD9F91-2384-4557-9648-25FC00D04677",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials."
}
],
"id": "CVE-2005-4741",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-013.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0157.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/31/0001.html"
},
{
"source": "cve@mitre.org",
"url": "http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.osvdb.org/20759"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-013.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0157.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/31/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.osvdb.org/20759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15290"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-17 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the \"noexec\" flag set."
}
],
"id": "CVE-1999-0422",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*",
"matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*",
"matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "21B69535-4FB6-4FAD-AAA6-C790FF82EFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F89124-E194-4C7A-B06D-8535B4066AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid."
}
],
"id": "CVE-2002-2092",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/19475"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/3891"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/3891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7945"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-25 02:15
Modified
2024-11-21 06:32
Severity ?
Summary
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Vendor Advisory | |
| cve@mitre.org | https://arxiv.org/pdf/2112.09604.pdf | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://arxiv.org/pdf/2112.09604.pdf | Technical Description, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0992771-F022-4195-A4DF-4323FF07B04F",
"versionEndIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG."
},
{
"lang": "es",
"value": "En NetBSD versiones hasta 9.2, el algoritmo de generaci\u00f3n de etiquetas de flujo IPv6 emplea un PRNG criptogr\u00e1fico d\u00e9bil"
}
],
"id": "CVE-2021-45489",
"lastModified": "2024-11-21T06:32:19.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-25T02:15:06.847",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-338"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges."
}
],
"id": "CVE-2000-0997",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1752"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5337"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-02-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
NetBSD netstat command allows local users to access kernel memory.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetBSD netstat command allows local users to access kernel memory."
}
],
"id": "CVE-1999-0367",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7571"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-02-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:david_madore:ftpd-bsd:0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69797605-EFF0-4CFA-8B45-6A93ABE4304A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges."
}
],
"id": "CVE-2001-0053",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-02-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/advisories/ftpd_replydirname.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2124"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openbsd.org/advisories/ftpd_replydirname.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5776"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-17 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | 10.8.5 | |
| apple | mac_os_x | 10.9.5 | |
| apple | mac_os_x | 10.10.0 | |
| apple | mac_os_x | 10.10.1 | |
| netbsd | netbsd | 5.1 | |
| netbsd | netbsd | 5.1.1 | |
| netbsd | netbsd | 5.1.2 | |
| netbsd | netbsd | 5.1.3 | |
| netbsd | netbsd | 5.1.4 | |
| netbsd | netbsd | 5.2 | |
| netbsd | netbsd | 5.2.1 | |
| netbsd | netbsd | 5.2.2 | |
| netbsd | netbsd | 6.0 | |
| netbsd | netbsd | 6.0.1 | |
| netbsd | netbsd | 6.0.2 | |
| netbsd | netbsd | 6.0.3 | |
| netbsd | netbsd | 6.0.4 | |
| netbsd | netbsd | 6.0.5 | |
| netbsd | netbsd | 6.0.6 | |
| netbsd | netbsd | 6.1 | |
| netbsd | netbsd | 6.1.1 | |
| netbsd | netbsd | 6.1.2 | |
| netbsd | netbsd | 6.1.3 | |
| netbsd | netbsd | 6.1.4 | |
| netbsd | netbsd | 6.1.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D30B4B-DA63-40B0-B0C9-F3992CF25706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06A4AE53-A477-4386-887C-4B7408575C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A2286E-9D1C-4B56-8B40-150201B818AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "730917F8-E1F4-4836-B05A-16B2BA5774DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38D69127-E5B0-4BC6-8E0A-A5F16D19B06B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C76E9006-A1DA-4902-94C9-AE7071E5A6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D861332D-5976-4544-91C6-4016BAC4648E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D29E76-7A2D-4BC5-AF4E-99A9C31A14D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3407906D-EF23-4812-A597-F0E863DE17B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D17EDB-45BF-4922-8D46-8C340D3F8D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "269E87C2-7474-43F0-870E-C5ADCB73ABFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23BD3A0-E5AD-4893-AAAF-E2858B4128CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1510AD8C-14AC-4649-AE37-5310575B3E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44D36CD7-FE10-4A72-8364-DE3EFD49AB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24469F6E-FC82-416A-9639-8FC37BE9745F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E28965-1C24-43CC-AFAA-5716D8F6CC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "368CB806-F671-481F-A9BE-DC320F82E5B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E45F6-2EE9-4E97-B502-F48F2DDC5F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69CAE756-335E-4E02-83F9-B274D416775C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3784838-1A43-4C46-A730-4CB88594A449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F555CE26-6E23-4E7A-A138-6F675EA9BEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69071B74-471C-42C0-AF2D-2D278D355250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C501514-768D-4AC0-8797-152763F24F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "79D2486C-5C39-40C7-B87B-969800F730C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect."
},
{
"lang": "es",
"value": "La funci\u00f3n fetch_url ubicada en usr.bin/ftp/fetch.c en thftp, usada en NetBSD 5.1 en 5.1.4, 5.2 hasta 5.2.2, 6.0 hasta 6.0.6 y 6.1 hasta 6.1.5 permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un car\u00e1cter \u0027|\u0027 (tuber\u00eda) al final de una redirecci\u00f3n HTTP."
}
],
"id": "CVE-2014-8517",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-17T16:59:05.213",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-013.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00029.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q4/459"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/oss-sec/2014/q4/464"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62028"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62260"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/HT204244"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-05"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/43112/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-013.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q4/459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q4/464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/HT204244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/43112/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "249FA642-3732-4654-88CB-3F1D19A5860A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port."
},
{
"lang": "es",
"value": "OpenBSD 3.4 y NetBSD 1.6 y 1.6.1 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (caida) enviand un paquete IPv6 con una MTU peque\u00f1a a un puerto en escucha y a continuaci\u00f3n un conectar TCP a ese puerto."
}
],
"id": "CVE-2004-0257",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-002.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016704.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107604603226564\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.guninski.com/obsdmtu.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3825"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9577"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-002.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016704.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107604603226564\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.guninski.com/obsdmtu.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15044"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-03-23 11:06
Modified
2025-04-03 01:03
Severity ?
Summary
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.8 | |
| freebsd | freebsd | 4.9 | |
| freebsd | freebsd | 4.9 | |
| freebsd | freebsd | 4.9 | |
| freebsd | freebsd | 4.10 | |
| freebsd | freebsd | 4.10 | |
| freebsd | freebsd | 4.10 | |
| freebsd | freebsd | 4.10 | |
| freebsd | freebsd | 4.11 | |
| freebsd | freebsd | 4.11 | |
| freebsd | freebsd | 4.11 | |
| freebsd | freebsd | 5.0 | |
| freebsd | freebsd | 5.0 | |
| freebsd | freebsd | 5.0 | |
| freebsd | freebsd | 5.0 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.1 | |
| freebsd | freebsd | 5.2 | |
| freebsd | freebsd | 5.2.1 | |
| freebsd | freebsd | 5.2.1 | |
| freebsd | freebsd | 5.3 | |
| freebsd | freebsd | 5.3 | |
| freebsd | freebsd | 5.3 | |
| freebsd | freebsd | 5.3 | |
| freebsd | freebsd | 5.4 | |
| freebsd | freebsd | 5.4 | |
| freebsd | freebsd | 5.4 | |
| freebsd | freebsd | 5.4 | |
| freebsd | freebsd | 6.0 | |
| freebsd | freebsd | 6.0 | |
| netbsd | netbsd | 2.0 | |
| netbsd | netbsd | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "09BFA20B-2F31-4246-8F74-63DF1DB884EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p7:*:*:*:*:*:*",
"matchCriteriaId": "B19BEAB3-8BED-422F-B228-240269CB0704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "4AE93D3D-34B4-47B7-A784-61F4479FF5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*",
"matchCriteriaId": "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*",
"matchCriteriaId": "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*",
"matchCriteriaId": "6E21E50A-A368-4487-A791-87366CC5C86E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*",
"matchCriteriaId": "43E84296-9B5C-4623-A2C4-431D76FC2765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*",
"matchCriteriaId": "E18328E2-3CB5-4D36-8EA3-77DD909B46A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*",
"matchCriteriaId": "EF73D76B-FBB8-4D10-8393-9FAF53392A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*",
"matchCriteriaId": "F177AE1C-58C2-4575-807C-ABFFC5119FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "15C4D826-A419-45F5-B91C-1445DB480916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "8E4BC012-ADE4-468F-9A25-261CD8055694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*",
"matchCriteriaId": "0D6428EB-5E1A-41CB-979C-4C9402251D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "2DCA9879-C9F5-475A-8EC9-04D151001C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "0A94132F-4C47-49CC-B03C-8756613E9A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "46A60ED5-1D92-4B40-956F-D1801CAB9039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*",
"matchCriteriaId": "3F629879-66F0-427B-86D8-D740E0E3F6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "C89129C5-A1DB-4018-B43A-C60C8E650080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "60F7B4A9-4036-4061-8F3D-BDC3F1282EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:release:*:*:*:*:*:*",
"matchCriteriaId": "CCE4F2E6-2286-4D87-ADD7-7E999B4E5620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:6.0:stable:*:*:*:*:*:*",
"matchCriteriaId": "C07C3BEF-8D6A-4F23-96DE-AFE4369D08EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CABFAA-594C-45D7-A0C7-795872A0C68A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A \"programming error\" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks."
}
],
"id": "CVE-2006-0905",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-03-23T11:06:00.000",
"references": [
{
"source": "secteam@freebsd.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc"
},
{
"source": "secteam@freebsd.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc"
},
{
"source": "secteam@freebsd.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19366"
},
{
"source": "secteam@freebsd.org",
"url": "http://securitytracker.com/id?1015809"
},
{
"source": "secteam@freebsd.org",
"url": "http://www.osvdb.org/24068"
},
{
"source": "secteam@freebsd.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17191"
},
{
"source": "secteam@freebsd.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25398"
}
],
"sourceIdentifier": "secteam@freebsd.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2001-0268 (GCVE-0-2001-0268)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:14:07.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2001-SCO.35",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html"
},
{
"name": "NetBSD-SA:2001-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html"
},
{
"name": "VU#358960",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/358960"
},
{
"name": "user-ldt-validation(6222)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6222"
},
{
"name": "2739",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2739"
},
{
"name": "20010302 The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata.html#userldt"
},
{
"name": "20010219 Re: your mail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html"
},
{
"name": "6141",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2001-SCO.35",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html"
},
{
"name": "NetBSD-SA:2001-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html"
},
{
"name": "VU#358960",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/358960"
},
{
"name": "user-ldt-validation(6222)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6222"
},
{
"name": "2739",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2739"
},
{
"name": "20010302 The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata.html#userldt"
},
{
"name": "20010219 Re: your mail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html"
},
{
"name": "6141",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6141"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2001-SCO.35",
"refsource": "CALDERA",
"url": "http://archives.neohapsis.com/archives/linux/caldera/2001-q4/0014.html"
},
{
"name": "NetBSD-SA:2001-002",
"refsource": "NETBSD",
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q1/0093.html"
},
{
"name": "VU#358960",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/358960"
},
{
"name": "user-ldt-validation(6222)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6222"
},
{
"name": "2739",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2739"
},
{
"name": "20010302 The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory.",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata.html#userldt"
},
{
"name": "20010219 Re: your mail",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html"
},
{
"name": "6141",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6141"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0268",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-04-04T00:00:00",
"dateUpdated": "2024-08-08T04:14:07.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6655 (GCVE-0-2006-6655)
Vulnerability from cvelistv5
Published
2006-12-20 02:00
Modified
2024-09-16 18:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017293",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-20T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017293",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by attempting to access /emul/linux/proc/0/stat on a procfs filesystem that was mounted with mount_procfs -o linux, which results in a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017293",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6655",
"datePublished": "2006-12-20T02:00:00Z",
"dateReserved": "2006-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T18:43:40.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4733 (GCVE-0-2005-4733)
Vulnerability from cvelistv5
Published
2006-03-19 23:00
Modified
2024-09-17 01:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:28.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2005-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-003.txt.asc"
},
{
"name": "20755",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20755"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/01/12/0059.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-03-19T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2005-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-003.txt.asc"
},
{
"name": "20755",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20755"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/01/12/0059.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow local users to cause a denial of service (infinite loop and system hang) by calling the F_CLOSEM fcntl with a parameter value of 0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2005-003",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-003.txt.asc"
},
{
"name": "20755",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20755"
},
{
"name": "http://mail-index.netbsd.org/source-changes/2005/01/12/0059.html",
"refsource": "CONFIRM",
"url": "http://mail-index.netbsd.org/source-changes/2005/01/12/0059.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4733",
"datePublished": "2006-03-19T23:00:00Z",
"dateReserved": "2006-03-19T00:00:00Z",
"dateUpdated": "2024-09-17T01:56:32.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6013 (GCVE-0-2006-6013)
Vulnerability from cvelistv5
Published
2006-11-21 23:00
Modified
2024-08-07 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf->len in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:12:31.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061116 Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451861/100/0/threaded"
},
{
"name": "1017344",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017344"
},
{
"name": "20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0261.html"
},
{
"name": "20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451637/100/0/threaded"
},
{
"name": "[tech-security] 20061116 Re: [Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/tech-security/2006/11/16/0001.html"
},
{
"name": "FreeBSD-SA-06:25",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:25.kmem.asc"
},
{
"name": "freebsd-fwdev-integer-overflow(30347)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30347"
},
{
"name": "20061121 Clarifying integer overflows vs. signedness errors",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452264/100/0/threaded"
},
{
"name": "20061122 Re: Clarifying integer overflows vs. signedness errors",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452331/100/0/threaded"
},
{
"name": "20061120 RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452124/100/0/threaded"
},
{
"name": "[tech-security] 20061214 NetBSD Security Note 20061214-1: Kernel memory leakage in firewire interface",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/tech-security/2006/12/14/0002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dragonflybsd.org/cvsweb/src/sys/bus/firewire/fwdev.c"
},
{
"name": "21089",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21089"
},
{
"name": "22917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22917"
},
{
"name": "20061115 TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451698/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/ieee1394/fwdev.c"
},
{
"name": "20061115 DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451677/100/0/threaded"
},
{
"name": "20061115 FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451629/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kernelhacking.com/bsdadv1.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf-\u003elen in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061116 Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451861/100/0/threaded"
},
{
"name": "1017344",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017344"
},
{
"name": "20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0261.html"
},
{
"name": "20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451637/100/0/threaded"
},
{
"name": "[tech-security] 20061116 Re: [Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/tech-security/2006/11/16/0001.html"
},
{
"name": "FreeBSD-SA-06:25",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:25.kmem.asc"
},
{
"name": "freebsd-fwdev-integer-overflow(30347)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30347"
},
{
"name": "20061121 Clarifying integer overflows vs. signedness errors",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452264/100/0/threaded"
},
{
"name": "20061122 Re: Clarifying integer overflows vs. signedness errors",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452331/100/0/threaded"
},
{
"name": "20061120 RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452124/100/0/threaded"
},
{
"name": "[tech-security] 20061214 NetBSD Security Note 20061214-1: Kernel memory leakage in firewire interface",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/tech-security/2006/12/14/0002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dragonflybsd.org/cvsweb/src/sys/bus/firewire/fwdev.c"
},
{
"name": "21089",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21089"
},
{
"name": "22917",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22917"
},
{
"name": "20061115 TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451698/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/ieee1394/fwdev.c"
},
{
"name": "20061115 DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451677/100/0/threaded"
},
{
"name": "20061115 FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451629/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kernelhacking.com/bsdadv1.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf-\u003elen in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061116 Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451861/100/0/threaded"
},
{
"name": "1017344",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017344"
},
{
"name": "20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0261.html"
},
{
"name": "20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451637/100/0/threaded"
},
{
"name": "[tech-security] 20061116 Re: [Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/tech-security/2006/11/16/0001.html"
},
{
"name": "FreeBSD-SA-06:25",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:25.kmem.asc"
},
{
"name": "freebsd-fwdev-integer-overflow(30347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30347"
},
{
"name": "20061121 Clarifying integer overflows vs. signedness errors",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452264/100/0/threaded"
},
{
"name": "20061122 Re: Clarifying integer overflows vs. signedness errors",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452331/100/0/threaded"
},
{
"name": "20061120 RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452124/100/0/threaded"
},
{
"name": "[tech-security] 20061214 NetBSD Security Note 20061214-1: Kernel memory leakage in firewire interface",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/tech-security/2006/12/14/0002.html"
},
{
"name": "http://www.dragonflybsd.org/cvsweb/src/sys/bus/firewire/fwdev.c",
"refsource": "MISC",
"url": "http://www.dragonflybsd.org/cvsweb/src/sys/bus/firewire/fwdev.c"
},
{
"name": "21089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21089"
},
{
"name": "22917",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22917"
},
{
"name": "20061115 TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451698/100/0/threaded"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/ieee1394/fwdev.c",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/ieee1394/fwdev.c"
},
{
"name": "20061115 DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451677/100/0/threaded"
},
{
"name": "20061115 FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451629/100/0/threaded"
},
{
"name": "http://www.kernelhacking.com/bsdadv1.txt",
"refsource": "MISC",
"url": "http://www.kernelhacking.com/bsdadv1.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6013",
"datePublished": "2006-11-21T23:00:00",
"dateReserved": "2006-11-21T00:00:00",
"dateUpdated": "2024-08-07T20:12:31.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2483 (GCVE-0-2009-2483)
Vulnerability from cvelistv5
Published
2009-07-16 16:00
Modified
2024-08-07 05:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:14.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35556"
},
{
"name": "35466",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35466"
},
{
"name": "netbsd-xml-dos(51311)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51311"
},
{
"name": "NetBSD-SA2009-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc"
},
{
"name": "55285",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55285"
},
{
"name": "1022431",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35556"
},
{
"name": "35466",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35466"
},
{
"name": "netbsd-xml-dos(51311)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51311"
},
{
"name": "NetBSD-SA2009-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc"
},
{
"name": "55285",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55285"
},
{
"name": "1022431",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35556",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35556"
},
{
"name": "35466",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35466"
},
{
"name": "netbsd-xml-dos(51311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51311"
},
{
"name": "NetBSD-SA2009-003",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-003.txt.asc"
},
{
"name": "55285",
"refsource": "OSVDB",
"url": "http://osvdb.org/55285"
},
{
"name": "1022431",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2483",
"datePublished": "2009-07-16T16:00:00",
"dateReserved": "2009-07-16T00:00:00",
"dateUpdated": "2024-08-07T05:52:14.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0764 (GCVE-0-1999-0764)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD allows ARP packets to overwrite static ARP entries.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6539",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6539"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetBSD allows ARP packets to overwrite static ARP entries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6539",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6539"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0764",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD allows ARP packets to overwrite static ARP entries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6539",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6539"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0764",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26139 (GCVE-0-2020-26139)
Vulnerability from cvelistv5
Published
2021-05-11 19:37
Modified
2024-08-04 15:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:09:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26139",
"datePublished": "2021-05-11T19:37:55",
"dateReserved": "2020-09-29T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45484 (GCVE-0-2021-45484)
Vulnerability from cvelistv5
Published
2021-12-25 01:05
Modified
2024-08-04 04:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-25T01:05:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://arxiv.org/pdf/2112.09604.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"name": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc",
"refsource": "MISC",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45484",
"datePublished": "2021-12-25T01:05:21",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:39:21.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1337 (GCVE-0-2002-1337)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-21T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"name": "http://www.sendmail.org/8.12.8.html",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"refsource": "ISS",
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1337",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-12-03T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3202 (GCVE-0-2006-3202)
Vulnerability from cvelistv5
Published
2006-06-23 20:00
Modified
2024-08-07 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:21.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016250",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016250"
},
{
"name": "netbsd-ipv6-dos(27139)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27139"
},
{
"name": "NetBSD-SA2006-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016250",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016250"
},
{
"name": "netbsd-ipv6-dos(27139)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27139"
},
{
"name": "NetBSD-SA2006-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016250",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016250"
},
{
"name": "netbsd-ipv6-dos(27139)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27139"
},
{
"name": "NetBSD-SA2006-016",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3202",
"datePublished": "2006-06-23T20:00:00",
"dateReserved": "2006-06-23T00:00:00",
"dateUpdated": "2024-08-07T18:23:21.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1244 (GCVE-0-2001-1244)
Vulnerability from cvelistv5
Published
2002-05-03 04:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:07.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010708 Small TCP packets == very large overhead == DoS?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"name": "tcp-mss-dos(6824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"name": "2997",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2997"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010708 Small TCP packets == very large overhead == DoS?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"name": "tcp-mss-dos(6824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"name": "2997",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2997"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010708 Small TCP packets == very large overhead == DoS?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/195457"
},
{
"name": "tcp-mss-dos(6824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6824"
},
{
"name": "2997",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2997"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1244",
"datePublished": "2002-05-03T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T04:51:07.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4741 (GCVE-0-2005-4741)
Vulnerability from cvelistv5
Published
2006-03-19 23:00
Modified
2024-09-16 23:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:28.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15290"
},
{
"name": "20051106 http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0157.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/31/0001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz"
},
{
"name": "20759",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20759"
},
{
"name": "NetBSD-SA2005-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-013.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-03-19T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15290"
},
{
"name": "20051106 http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0157.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/31/0001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz"
},
{
"name": "20759",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20759"
},
{
"name": "NetBSD-SA2005-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-013.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15290"
},
{
"name": "20051106 http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0157.html"
},
{
"name": "http://mail-index.netbsd.org/source-changes/2005/10/31/0001.html",
"refsource": "CONFIRM",
"url": "http://mail-index.netbsd.org/source-changes/2005/10/31/0001.html"
},
{
"name": "http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz",
"refsource": "MISC",
"url": "http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz"
},
{
"name": "20759",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20759"
},
{
"name": "NetBSD-SA2005-013",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-013.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4741",
"datePublished": "2006-03-19T23:00:00Z",
"dateReserved": "2006-03-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:10:47.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0304 (GCVE-0-1999-0304)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "mmap function in BSD allows local attackers in the kmem group to modify memory through devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:13:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mmap function in BSD allows local attackers in the kmem group to modify memory through devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0304",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7252 (GCVE-0-2006-7252)
Vulnerability from cvelistv5
Published
2012-07-25 19:00
Modified
2024-09-16 23:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:40.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=161263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-25T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=161263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/",
"refsource": "MISC",
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
},
{
"name": "http://svnweb.freebsd.org/base?view=revision\u0026revision=161263",
"refsource": "CONFIRM",
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=161263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7252",
"datePublished": "2012-07-25T19:00:00Z",
"dateReserved": "2012-07-25T00:00:00Z",
"dateUpdated": "2024-09-16T23:06:20.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0561 (GCVE-0-2010-0561)
Vulnerability from cvelistv5
Published
2010-02-08 21:00
Modified
2024-09-16 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver (src/sys/dev/pci/azalia.c) or (2) the hdaudio_afg_query_devinfo function in the hdaudio audio driver (src/sys/dev/pci/hdaudio/hdaudio_afg.c).
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2010-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-003.txt.asc"
},
{
"name": "62082",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62082"
},
{
"name": "38057",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38057"
},
{
"name": "38284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38284"
},
{
"name": "1023539",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023539"
},
{
"name": "62081",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver (src/sys/dev/pci/azalia.c) or (2) the hdaudio_afg_query_devinfo function in the hdaudio audio driver (src/sys/dev/pci/hdaudio/hdaudio_afg.c)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-02-08T21:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2010-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-003.txt.asc"
},
{
"name": "62082",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62082"
},
{
"name": "38057",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38057"
},
{
"name": "38284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38284"
},
{
"name": "1023539",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023539"
},
{
"name": "62081",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver (src/sys/dev/pci/azalia.c) or (2) the hdaudio_afg_query_devinfo function in the hdaudio audio driver (src/sys/dev/pci/hdaudio/hdaudio_afg.c)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2010-003",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-003.txt.asc"
},
{
"name": "62082",
"refsource": "OSVDB",
"url": "http://osvdb.org/62082"
},
{
"name": "38057",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38057"
},
{
"name": "38284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38284"
},
{
"name": "1023539",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023539"
},
{
"name": "62081",
"refsource": "OSVDB",
"url": "http://osvdb.org/62081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0561",
"datePublished": "2010-02-08T21:00:00Z",
"dateReserved": "2010-02-08T00:00:00Z",
"dateUpdated": "2024-09-16T20:53:19.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1225 (GCVE-0-1999-1225)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mountd-file-exists(347)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/347"
},
{
"name": "19970824 Serious security flaw in rpc.mountd on several operating systems.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/7526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "mountd-file-exists(347)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/347"
},
{
"name": "19970824 Serious security flaw in rpc.mountd on several operating systems.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/7526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mountd-file-exists(347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/347"
},
{
"name": "19970824 Serious security flaw in rpc.mountd on several operating systems.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/7526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1225",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5214 (GCVE-0-2006-5214)
Vulnerability from cvelistv5
Published
2006-10-09 21:00
Modified
2024-08-07 19:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:04.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017015"
},
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5897"
},
{
"name": "ADV-2006-3962",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3962"
},
{
"name": "22469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22469"
},
{
"name": "oval:org.mitre.oval:def:1760",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1760"
},
{
"name": "22323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22323"
},
{
"name": "20400",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20400"
},
{
"name": "102652",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"name": "USN-364-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-364-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22439"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user\u0027s Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017015"
},
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5897"
},
{
"name": "ADV-2006-3962",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3962"
},
{
"name": "22469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22469"
},
{
"name": "oval:org.mitre.oval:def:1760",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1760"
},
{
"name": "22323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22323"
},
{
"name": "20400",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20400"
},
{
"name": "102652",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"name": "USN-364-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-364-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22439"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user\u0027s Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017015",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017015"
},
{
"name": "22992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22992"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=5897",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5897"
},
{
"name": "ADV-2006-3962",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3962"
},
{
"name": "22469",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22469"
},
{
"name": "oval:org.mitre.oval:def:1760",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1760"
},
{
"name": "22323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22323"
},
{
"name": "20400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20400"
},
{
"name": "102652",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"name": "USN-364-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-364-1"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
},
{
"name": "22439",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22439"
},
{
"name": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804",
"refsource": "CONFIRM",
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5214",
"datePublished": "2006-10-09T21:00:00",
"dateReserved": "2006-10-09T00:00:00",
"dateUpdated": "2024-08-07T19:41:04.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0396 (GCVE-0-1999-0396)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:52.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:26:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0396",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:52.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0694 (GCVE-0-2003-0694)
Vulnerability from cvelistv5
Published
2003-09-18 04:00
Modified
2024-08-08 02:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:11.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"name": "RHSA-2003:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"name": "20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"name": "CA-2003-25",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-25.html"
},
{
"name": "VU#784980",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"name": "MDKSA-2003:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"name": "oval:org.mitre.oval:def:603",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603"
},
{
"name": "20030917 [slackware-security] Sendmail vulnerabilities fixed (SSA:2003-260-02)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"name": "DSA-384",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"name": "SCOSA-2004.11",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"name": "RHSA-2003:284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-284.html"
},
{
"name": "20030917 GLSA: sendmail (200309-13)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"name": "20030917 Zalewski Advisory - Sendmail 8.12.9 prescan bug",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"name": "oval:org.mitre.oval:def:572",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572"
},
{
"name": "20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975"
},
{
"name": "CLA-2003:742",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"name": "RHSA-2003:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"name": "20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"name": "CA-2003-25",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-25.html"
},
{
"name": "VU#784980",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"name": "MDKSA-2003:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"name": "oval:org.mitre.oval:def:603",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603"
},
{
"name": "20030917 [slackware-security] Sendmail vulnerabilities fixed (SSA:2003-260-02)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"name": "DSA-384",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"name": "SCOSA-2004.11",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"name": "RHSA-2003:284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-284.html"
},
{
"name": "20030917 GLSA: sendmail (200309-13)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"name": "20030917 Zalewski Advisory - Sendmail 8.12.9 prescan bug",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"name": "oval:org.mitre.oval:def:572",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572"
},
{
"name": "20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2975",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975"
},
{
"name": "CLA-2003:742",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"name": "http://www.sendmail.org/8.12.10.html",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"name": "RHSA-2003:283",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"name": "20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"name": "CA-2003-25",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-25.html"
},
{
"name": "VU#784980",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"name": "MDKSA-2003:092",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"name": "oval:org.mitre.oval:def:603",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603"
},
{
"name": "20030917 [slackware-security] Sendmail vulnerabilities fixed (SSA:2003-260-02)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"name": "DSA-384",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"name": "SCOSA-2004.11",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"name": "RHSA-2003:284",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-284.html"
},
{
"name": "20030917 GLSA: sendmail (200309-13)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"name": "20030917 Zalewski Advisory - Sendmail 8.12.9 prescan bug",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"name": "oval:org.mitre.oval:def:572",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572"
},
{
"name": "20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2975",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975"
},
{
"name": "CLA-2003:742",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0694",
"datePublished": "2003-09-18T04:00:00",
"dateReserved": "2003-08-14T00:00:00",
"dateUpdated": "2024-08-08T02:05:11.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6253 (GCVE-0-2016-6253)
Vulnerability from cvelistv5
Published
2017-01-20 15:00
Modified
2024-08-06 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2016-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-006.txt.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html"
},
{
"name": "40141",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40141/"
},
{
"name": "40385",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40385/"
},
{
"name": "92101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92101"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://akat1.pl/?id=2"
},
{
"name": "1036429",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036429"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-20T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2016-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-006.txt.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html"
},
{
"name": "40141",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40141/"
},
{
"name": "40385",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40385/"
},
{
"name": "92101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92101"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://akat1.pl/?id=2"
},
{
"name": "1036429",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036429"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2016-006",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-006.txt.asc"
},
{
"name": "http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138021/NetBSD-mail.local-8-Local-Root.html"
},
{
"name": "40141",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40141/"
},
{
"name": "40385",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40385/"
},
{
"name": "92101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92101"
},
{
"name": "http://akat1.pl/?id=2",
"refsource": "MISC",
"url": "http://akat1.pl/?id=2"
},
{
"name": "1036429",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036429"
},
{
"name": "http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/exploit/unix/local/netbsd_mail_local"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6253",
"datePublished": "2017-01-20T15:00:00",
"dateReserved": "2016-07-20T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1677 (GCVE-0-2007-1677)
Vulnerability from cvelistv5
Published
2007-03-30 00:00
Modified
2024-08-07 13:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017832"
},
{
"name": "43596",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43596"
},
{
"name": "NetBSD-SA2007-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-004.txt.asc"
},
{
"name": "23193",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23193"
},
{
"name": "netbsd-clnproute-bo(33381)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33381"
},
{
"name": "ADV-2007-1159",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1159"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017832"
},
{
"name": "43596",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43596"
},
{
"name": "NetBSD-SA2007-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-004.txt.asc"
},
{
"name": "23193",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23193"
},
{
"name": "netbsd-clnproute-bo(33381)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33381"
},
{
"name": "ADV-2007-1159",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1159"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017832",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017832"
},
{
"name": "43596",
"refsource": "OSVDB",
"url": "http://osvdb.org/43596"
},
{
"name": "NetBSD-SA2007-004",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-004.txt.asc"
},
{
"name": "23193",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23193"
},
{
"name": "netbsd-clnproute-bo(33381)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33381"
},
{
"name": "ADV-2007-1159",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1159"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1677",
"datePublished": "2007-03-30T00:00:00",
"dateReserved": "2007-03-26T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0303 (GCVE-0-1999-0303)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:12:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0303",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1500 (GCVE-0-2002-1500)
Vulnerability from cvelistv5
Published
2003-03-18 05:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET().
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2002-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc"
},
{
"name": "5727",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5727"
},
{
"name": "netbsd-fdset-bo(10114)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10114.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET()."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2002-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc"
},
{
"name": "5727",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5727"
},
{
"name": "netbsd-fdset-bo(10114)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10114.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2002-014",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc"
},
{
"name": "5727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5727"
},
{
"name": "netbsd-fdset-bo(10114)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10114.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1500",
"datePublished": "2003-03-18T05:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3566 (GCVE-0-2014-3566)
Vulnerability from cvelistv5
Published
2014-10-15 00:00
Modified
2024-11-27 19:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-27T19:31:57.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://templatelab.com/ssl-poodle/"
},
{
"name": "HPSBOV03227",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"name": "1031090",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "HPSBHF03300",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
},
{
"name": "VU#577193",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/577193"
},
{
"name": "HPSBMU03184",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
},
{
"name": "HPSBGN03209",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1331",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6542"
},
{
"name": "1031106",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031106"
},
{
"name": "HPSBGN03201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "[openssl-dev] 20141014 Patch to mitigate CVE-2014-3566 (\"POODLE\")",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
},
{
"name": "SSRT101898",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"name": "SSRT101896",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"name": "60056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60056"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "HPSBUX03162",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"name": "61130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61130"
},
{
"name": "RHSA-2015:1546",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html"
},
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6529"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"name": "APPLE-SA-2014-10-16-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "RHSA-2014:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html"
},
{
"name": "1031087",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031087"
},
{
"name": "HPSBMU03234",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa83"
},
{
"name": "SSRT101849",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX200238"
},
{
"name": "61359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61359"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6541"
},
{
"name": "1031093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031093"
},
{
"name": "1031132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031132"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "SSRT101790",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"name": "DSA-3253",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/support/kb/doc.php?id=7015773"
},
{
"name": "APPLE-SA-2014-10-16-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.elastic.co/blog/logstash-1-4-3-released"
},
{
"name": "SSRT101854",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61827"
},
{
"name": "HPSBMU03152",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "HPSBMU03304",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://technet.microsoft.com/library/security/3009008.aspx"
},
{
"name": "RHSA-2015:1545",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
},
{
"name": "HPSBMU03259",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
},
{
"name": "1031094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031094"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"name": "61316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61316"
},
{
"name": "GLSA-201606-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-11"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
},
{
"name": "1031096",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031096"
},
{
"name": "HPSBHF03275",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"name": "61810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61810"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "DSA-3053",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"name": "HPSBGN03237",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"name": "1031107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031107"
},
{
"name": "1031095",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031095"
},
{
"name": "HPSBMU03223",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "HPSBGN03305",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
},
{
"name": "HPSBUX03194",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "1031091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031091"
},
{
"name": "HPSBMU03260",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"name": "1031123",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205217"
},
{
"name": "1031092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61926"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "SSRT101779",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"
},
{
"name": "HPSBHF03156",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
},
{
"name": "openSUSE-SU-2016:0640",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "SSRT101838",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"name": "HPSBGN03569",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
},
{
"name": "APPLE-SA-2015-09-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6531"
},
{
"name": "SUSE-SU-2014:1357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SSRT101897",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"name": "HPSBGN03203",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
},
{
"name": "60206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60206"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
},
{
"name": "60792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60792"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "DSA-3489",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3489"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
},
{
"name": "1031105",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"name": "FEDORA-2014-13069",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"
},
{
"name": "1031131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031131"
},
{
"name": "HPSBMU03221",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "SSRT101795",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"name": "HPSBGN03222",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
},
{
"name": "1031130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031130"
},
{
"name": "HPSBMU03301",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"name": "HPSBGN03164",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
},
{
"name": "RHSA-2014:1948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html"
},
{
"name": "NetBSD-SA2014-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
},
{
"name": "HPSBGN03192",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
},
{
"name": "RHSA-2014:1653",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "HPSBMU03416",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/HT204244"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
},
{
"name": "HPSBMU03283",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "FEDORA-2014-12951",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"
},
{
"name": "HPSBGN03191",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU"
},
{
"name": "SSRT101767",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "HPSBGN03332",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
},
{
"name": "RHSA-2014:1652",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "HPSBST03265",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "HPSBMU03241",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"name": "1031124",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031124"
},
{
"name": "SUSE-SU-2015:0578",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"name": "HPSBMU03294",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "HPSBGN03251",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "HPSBGN03391",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
},
{
"name": "59627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59627"
},
{
"name": "HPSBGN03208",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"name": "SSRT101894",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"name": "HPSBMU03214",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "HPSBMU03263",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"name": "HPSBGN03254",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"name": "20141014 SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"
},
{
"name": "HPSBGN03205",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
},
{
"name": "RHSA-2015:0698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"name": "SUSE-SU-2014:1361",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html"
},
{
"name": "60859",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60859"
},
{
"name": "APPLE-SA-2014-10-20-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101921",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
},
{
"name": "61345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61345"
},
{
"name": "SSRT101834",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"name": "61019",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61019"
},
{
"name": "70574",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70574"
},
{
"name": "1031120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031120"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "61825",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61825"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0416.html"
},
{
"name": "1031029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031029"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"name": "HPSBMU03262",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"name": "HPSBMU03267",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"
},
{
"name": "HPSBMU03261",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"name": "SUSE-SU-2016:1459",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "61782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61782"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/articles/1232123"
},
{
"name": "MDVSA-2015:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"name": "FEDORA-2015-9110",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"
},
{
"name": "1031085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031085"
},
{
"name": "HPSBST03418",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "SSRT101892",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"name": "APPLE-SA-2014-10-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101916",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mpgn/poodle-PoC"
},
{
"name": "MDVSA-2014:203",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX216642"
},
{
"name": "SSRT101899",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "APPLE-SA-2015-01-27-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name": "61303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61303"
},
{
"name": "HPSBGN03252",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"name": "1031039",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031039"
},
{
"name": "SUSE-SU-2016:1457",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
},
{
"name": "SSRT101998",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "SSRT101922",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
},
{
"name": "1031089",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031089"
},
{
"name": "HPSBGN03253",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"name": "HPSBMU03183",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
},
{
"name": "TA14-290A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-290A"
},
{
"name": "FEDORA-2014-13012",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"
},
{
"name": "61819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61819"
},
{
"name": "HPSBGN03255",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"name": "1031088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031088"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"name": "61995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61995"
},
{
"name": "HPSBGN03202",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090"
},
{
"name": "SSRT101928",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"name": "1031086",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031086"
},
{
"name": "HPSBPI03360",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "RHSA-2014:1692",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html"
},
{
"name": "FEDORA-2015-9090",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"
},
{
"name": "HPSBPI03107",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
},
{
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:29:26",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "HPSBOV03227",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
},
{
"name": "1031090",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "HPSBHF03300",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"
},
{
"name": "VU#577193",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/577193"
},
{
"name": "HPSBMU03184",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
},
{
"name": "HPSBGN03209",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
},
{
"name": "openSUSE-SU-2014:1331",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6542"
},
{
"name": "1031106",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031106"
},
{
"name": "HPSBGN03201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "[openssl-dev] 20141014 Patch to mitigate CVE-2014-3566 (\"POODLE\")",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
},
{
"name": "SSRT101898",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"name": "SSRT101896",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"name": "60056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60056"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "HPSBUX03162",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"name": "61130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61130"
},
{
"name": "RHSA-2015:1546",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html"
},
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6529"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openssl.org/news/secadv_20141015.txt"
},
{
"name": "APPLE-SA-2014-10-16-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "RHSA-2014:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html"
},
{
"name": "1031087",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031087"
},
{
"name": "HPSBMU03234",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa83"
},
{
"name": "SSRT101849",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX200238"
},
{
"name": "61359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61359"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6541"
},
{
"name": "1031093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031093"
},
{
"name": "1031132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031132"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "SSRT101790",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"name": "DSA-3253",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3253"
},
{
"name": "SSRT101846",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/support/kb/doc.php?id=7015773"
},
{
"name": "APPLE-SA-2014-10-16-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.elastic.co/blog/logstash-1-4-3-released"
},
{
"name": "SSRT101854",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"name": "HPSBST03195",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"name": "61827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61827"
},
{
"name": "HPSBMU03152",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "HPSBMU03304",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://technet.microsoft.com/library/security/3009008.aspx"
},
{
"name": "RHSA-2015:1545",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
},
{
"name": "HPSBMU03259",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
},
{
"name": "1031094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031094"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"name": "61316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61316"
},
{
"name": "GLSA-201606-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-11"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
},
{
"name": "1031096",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031096"
},
{
"name": "HPSBHF03275",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
},
{
"name": "61810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61810"
},
{
"name": "HPSBHF03293",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"name": "DSA-3053",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3053"
},
{
"name": "HPSBGN03237",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/poodle"
},
{
"name": "1031107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031107"
},
{
"name": "1031095",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031095"
},
{
"name": "HPSBMU03223",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "HPSBGN03305",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
},
{
"name": "HPSBUX03194",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"name": "SSRT101868",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "1031091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031091"
},
{
"name": "HPSBMU03260",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"name": "1031123",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205217"
},
{
"name": "1031092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61926"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "SSRT101779",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"
},
{
"name": "HPSBHF03156",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
},
{
"name": "openSUSE-SU-2016:0640",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "SSRT101838",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"name": "HPSBGN03569",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
},
{
"name": "APPLE-SA-2015-09-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6531"
},
{
"name": "SUSE-SU-2014:1357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SSRT101897",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"name": "HPSBGN03203",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
},
{
"name": "60206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60206"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
},
{
"name": "60792",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60792"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "DSA-3489",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3489"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
},
{
"name": "1031105",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
},
{
"name": "FEDORA-2014-13069",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"
},
{
"name": "1031131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031131"
},
{
"name": "HPSBMU03221",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "SSRT101795",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"name": "HPSBGN03222",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
},
{
"name": "1031130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031130"
},
{
"name": "HPSBMU03301",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"name": "HPSBGN03164",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
},
{
"name": "RHSA-2014:1948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html"
},
{
"name": "NetBSD-SA2014-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"
},
{
"name": "HPSBGN03192",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
},
{
"name": "RHSA-2014:1653",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "HPSBMU03416",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/HT204244"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
},
{
"name": "HPSBMU03283",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "FEDORA-2014-12951",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"
},
{
"name": "HPSBGN03191",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU"
},
{
"name": "SSRT101767",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "HPSBGN03332",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
},
{
"name": "RHSA-2014:1652",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "HPSBST03265",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "HPSBMU03241",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"name": "1031124",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031124"
},
{
"name": "SUSE-SU-2015:0578",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"name": "HPSBMU03294",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "HPSBGN03251",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "HPSBGN03391",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
},
{
"name": "59627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59627"
},
{
"name": "HPSBGN03208",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
},
{
"name": "SSRT101894",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
},
{
"name": "HPSBMU03214",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "HPSBMU03263",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
},
{
"name": "HPSBGN03254",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/product_security/poodle"
},
{
"name": "20141014 SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"
},
{
"name": "HPSBGN03205",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
},
{
"name": "RHSA-2015:0698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"name": "SUSE-SU-2014:1361",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html"
},
{
"name": "60859",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60859"
},
{
"name": "APPLE-SA-2014-10-20-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://www.securityfocus.com/archive/1/533746"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101921",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
},
{
"name": "61345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61345"
},
{
"name": "SSRT101834",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
},
{
"name": "61019",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61019"
},
{
"name": "70574",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70574"
},
{
"name": "1031120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031120"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "61825",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61825"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0416.html"
},
{
"name": "1031029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031029"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"name": "HPSBMU03262",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
},
{
"name": "HPSBMU03267",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"
},
{
"name": "HPSBMU03261",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
},
{
"name": "SUSE-SU-2016:1459",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "61782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61782"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/articles/1232123"
},
{
"name": "MDVSA-2015:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"name": "FEDORA-2015-9110",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"
},
{
"name": "1031085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031085"
},
{
"name": "HPSBST03418",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "SSRT101892",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
},
{
"name": "APPLE-SA-2014-10-20-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://www.securityfocus.com/archive/1/533747"
},
{
"name": "HPSBGN03233",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101916",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mpgn/poodle-PoC"
},
{
"name": "MDVSA-2014:203",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"
},
{
"name": "SSRT101739",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX216642"
},
{
"name": "SSRT101899",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "APPLE-SA-2015-01-27-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name": "61303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61303"
},
{
"name": "HPSBGN03252",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"name": "1031039",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031039"
},
{
"name": "SUSE-SU-2016:1457",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
},
{
"name": "SSRT101998",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "SSRT101922",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
},
{
"name": "1031089",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031089"
},
{
"name": "HPSBGN03253",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
},
{
"name": "HPSBMU03183",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
},
{
"name": "TA14-290A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA14-290A"
},
{
"name": "FEDORA-2014-13012",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"
},
{
"name": "61819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61819"
},
{
"name": "HPSBGN03255",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"name": "1031088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031088"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"name": "61995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61995"
},
{
"name": "HPSBGN03202",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10090"
},
{
"name": "SSRT101928",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
},
{
"name": "1031086",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031086"
},
{
"name": "HPSBPI03360",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "RHSA-2014:1692",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html"
},
{
"name": "FEDORA-2015-9090",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"
},
{
"name": "HPSBPI03107",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
},
{
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3566",
"datePublished": "2014-10-15T00:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-11-27T19:31:57.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1915 (GCVE-0-2002-1915)
Vulnerability from cvelistv5
Published
2005-06-28 04:00
Modified
2024-09-17 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "tip-flock-acculog-dos(9633)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9633.php"
},
{
"name": "20020717 asciiSECURE advisory (2002-07-17/1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/283033"
},
{
"name": "5265",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5265"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "tip-flock-acculog-dos(9633)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9633.php"
},
{
"name": "20020717 asciiSECURE advisory (2002-07-17/1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/283033"
},
{
"name": "5265",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5265"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "tip-flock-acculog-dos(9633)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9633.php"
},
{
"name": "20020717 asciiSECURE advisory (2002-07-17/1)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/283033"
},
{
"name": "5265",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5265"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1915",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T03:12:29.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1147 (GCVE-0-2008-1147)
Vulnerability from cvelistv5
Published
2008-03-04 23:00
Modified
2024-08-07 08:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openbsd-xor-weak-security(41155)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41155"
},
{
"name": "20080206 RE: A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2008/Feb/0063.html"
},
{
"name": "20080206 Re: A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2008/Feb/0052.html"
},
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "28819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28819"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype="
},
{
"name": "27647",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka \"Algorithm X2\"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openbsd-xor-weak-security(41155)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41155"
},
{
"name": "20080206 RE: A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2008/Feb/0063.html"
},
{
"name": "20080206 Re: A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2008/Feb/0052.html"
},
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "28819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28819"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype="
},
{
"name": "27647",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka \"Algorithm X2\"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openbsd-xor-weak-security(41155)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41155"
},
{
"name": "20080206 RE: A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2008/Feb/0063.html"
},
{
"name": "20080206 Re: A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2008/Feb/0052.html"
},
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "28819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28819"
},
{
"name": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf",
"refsource": "MISC",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"name": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"name": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10;contenttype=",
"refsource": "CONFIRM",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10;contenttype="
},
{
"name": "27647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1147",
"datePublished": "2008-03-04T23:00:00",
"dateReserved": "2008-03-04T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0033 (GCVE-0-2001-0033)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:55.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001208 Vulnerabilities in KTH Kerberos IV",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html"
},
{
"name": "kerberos4-user-config(5738)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5738"
},
{
"name": "20001210 KTH upgrade and FIX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001208 Vulnerabilities in KTH Kerberos IV",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html"
},
{
"name": "kerberos4-user-config(5738)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5738"
},
{
"name": "20001210 KTH upgrade and FIX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001208 Vulnerabilities in KTH Kerberos IV",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html"
},
{
"name": "kerberos4-user-config(5738)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5738"
},
{
"name": "20001210 KTH upgrade and FIX",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0105.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0033",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-02-01T00:00:00",
"dateUpdated": "2024-08-08T04:06:55.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0009 (GCVE-0-1999-0009)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "134",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/134"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"tags": [
"vendor-advisory",
"x_refsource_SUN",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "134",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/134"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"tags": [
"vendor-advisory",
"x_refsource_SUN"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980603-01-PX",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/134"
},
{
"name": "HPSBUX9808-083",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0009",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0414 (GCVE-0-2002-0414)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4224",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4224"
},
{
"name": "20020304 [VulnWatch] BSD: IPv4 forwarding doesn\u0027t consult inbound SPD in KAME-derived IPsec",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html"
},
{
"name": "5304",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5304"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG"
},
{
"name": "20020304 BSD: IPv4 forwarding doesn\u0027t consult inbound SPD in KAME-derived IPsec",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/259598"
},
{
"name": "kame-forged-packet-forwarding(8416)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8416.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4224",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4224"
},
{
"name": "20020304 [VulnWatch] BSD: IPv4 forwarding doesn\u0027t consult inbound SPD in KAME-derived IPsec",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html"
},
{
"name": "5304",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5304"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG"
},
{
"name": "20020304 BSD: IPv4 forwarding doesn\u0027t consult inbound SPD in KAME-derived IPsec",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/259598"
},
{
"name": "kame-forged-packet-forwarding(8416)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8416.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4224"
},
{
"name": "20020304 [VulnWatch] BSD: IPv4 forwarding doesn\u0027t consult inbound SPD in KAME-derived IPsec",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0057.html"
},
{
"name": "5304",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5304"
},
{
"name": "http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://orange.kame.net/dev/cvsweb.cgi/kame/CHANGELOG"
},
{
"name": "20020304 BSD: IPv4 forwarding doesn\u0027t consult inbound SPD in KAME-derived IPsec",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/259598"
},
{
"name": "kame-forged-packet-forwarding(8416)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8416.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0414",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1208 (GCVE-0-2000-1208)
Vulnerability from cvelistv5
Published
2002-08-01 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000925 Format strings: bug #1: BSD-lpr",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2"
},
{
"name": "lpr-checkremote-format-string(5286)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/5286.php"
},
{
"name": "1711",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1711"
},
{
"name": "20001004 Immunix OS Security Update for lpr",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/137555"
},
{
"name": "RHSA-2000:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-066.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000925 Format strings: bug #1: BSD-lpr",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2"
},
{
"name": "lpr-checkremote-format-string(5286)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/5286.php"
},
{
"name": "1711",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1711"
},
{
"name": "20001004 Immunix OS Security Update for lpr",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/137555"
},
{
"name": "RHSA-2000:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-066.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000925 Format strings: bug #1: BSD-lpr",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2"
},
{
"name": "lpr-checkremote-format-string(5286)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/5286.php"
},
{
"name": "1711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1711"
},
{
"name": "20001004 Immunix OS Security Update for lpr",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/137555"
},
{
"name": "RHSA-2000:066",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-066.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1208",
"datePublished": "2002-08-01T04:00:00",
"dateReserved": "2002-07-31T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1523 (GCVE-0-2007-1523)
Vulnerability from cvelistv5
Published
2007-03-20 20:00
Modified
2024-08-07 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"name": "34593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34593"
},
{
"name": "22945",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"name": "34593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34593"
},
{
"name": "22945",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kernelwars.blogspot.com/2007/01/alive.html",
"refsource": "MISC",
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"name": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"name": "34593",
"refsource": "OSVDB",
"url": "http://osvdb.org/34593"
},
{
"name": "22945",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1523",
"datePublished": "2007-03-20T20:00:00",
"dateReserved": "2007-03-20T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5015 (GCVE-0-2014-5015)
Vulnerability from cvelistv5
Published
2014-07-24 14:00
Modified
2024-08-06 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68752",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68752"
},
{
"name": "NetBSD-SA2014-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-007.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eterna.com.au/bozohttpd/CHANGES"
},
{
"name": "109283",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/109283"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eterna.com.au/bozohttpd/"
},
{
"name": "netbsd-cve20145015-info-disc(94751)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94751"
},
{
"name": "[oss-security] 20140718 Re: CVE Request: bozohttpd: basic http authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q3/180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "68752",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68752"
},
{
"name": "NetBSD-SA2014-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-007.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eterna.com.au/bozohttpd/CHANGES"
},
{
"name": "109283",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/109283"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eterna.com.au/bozohttpd/"
},
{
"name": "netbsd-cve20145015-info-disc(94751)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94751"
},
{
"name": "[oss-security] 20140718 Re: CVE Request: bozohttpd: basic http authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q3/180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-5015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68752",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68752"
},
{
"name": "NetBSD-SA2014-007",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-007.txt.asc"
},
{
"name": "http://www.eterna.com.au/bozohttpd/CHANGES",
"refsource": "CONFIRM",
"url": "http://www.eterna.com.au/bozohttpd/CHANGES"
},
{
"name": "109283",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109283"
},
{
"name": "http://www.eterna.com.au/bozohttpd/",
"refsource": "CONFIRM",
"url": "http://www.eterna.com.au/bozohttpd/"
},
{
"name": "netbsd-cve20145015-info-disc(94751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94751"
},
{
"name": "[oss-security] 20140718 Re: CVE Request: bozohttpd: basic http authentication bypass",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-5015",
"datePublished": "2014-07-24T14:00:00",
"dateReserved": "2014-07-18T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0074 (GCVE-0-1999-0074)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Listening TCP ports are sequentially allocated, allowing spoofing attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T05:41:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0074"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Listening TCP ports are sequentially allocated, allowing spoofing attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cve.org/CVERecord?id=CVE-1999-0074",
"refsource": "MISC",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0074"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0074",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0489 (GCVE-0-2000-0489)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bsd-setsockopt-dos(3298)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3298"
},
{
"name": "622",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/622"
},
{
"name": "20000601 Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability - Mac OS X affected",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=NCBBKFKDOLAGKIAPMILPCEJLCEAA.labs%40ussrback.com"
},
{
"name": "19990826 Local DoS in FreeBSD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.9908270039010.16315-100000%40thetis.deor.org"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bsd-setsockopt-dos(3298)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3298"
},
{
"name": "622",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/622"
},
{
"name": "20000601 Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability - Mac OS X affected",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=NCBBKFKDOLAGKIAPMILPCEJLCEAA.labs%40ussrback.com"
},
{
"name": "19990826 Local DoS in FreeBSD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.9908270039010.16315-100000%40thetis.deor.org"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bsd-setsockopt-dos(3298)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3298"
},
{
"name": "622",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/622"
},
{
"name": "20000601 Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability - Mac OS X affected",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=NCBBKFKDOLAGKIAPMILPCEJLCEAA.labs@ussrback.com"
},
{
"name": "19990826 Local DoS in FreeBSD",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.9908270039010.16315-100000@thetis.deor.org"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0489",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6653 (GCVE-0-2006-6653)
Vulnerability from cvelistv5
Published
2006-12-20 02:00
Modified
2024-09-17 01:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka "a dangling socket").
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017293",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka \"a dangling socket\")."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-20T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017293",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka \"a dangling socket\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017293",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6653",
"datePublished": "2006-12-20T02:00:00Z",
"dateReserved": "2006-12-19T00:00:00Z",
"dateUpdated": "2024-09-17T01:31:30.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0763 (GCVE-0-1999-0763)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6540",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6540"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6540",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6540"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0763",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6540",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6540"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0763",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0102 (GCVE-0-2003-0102)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/03.04.03.txt"
},
{
"name": "file-afctr-read-bo(11469)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11469"
},
{
"name": "NetBSD-SA2003-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc"
},
{
"name": "RHSA-2003:087",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-087.html"
},
{
"name": "SuSE-SA:2003:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_017_file.html"
},
{
"name": "7008",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7008"
},
{
"name": "20030304 iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104680706201721\u0026w=2"
},
{
"name": "IMNX-2003-7+-012-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://lwn.net/Alerts/34908/"
},
{
"name": "RHSA-2003:086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-086.html"
},
{
"name": "DSA-260",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-260"
},
{
"name": "VU#611865",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/611865"
},
{
"name": "MDKSA-2003:030",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-29T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/03.04.03.txt"
},
{
"name": "file-afctr-read-bo(11469)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11469"
},
{
"name": "NetBSD-SA2003-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc"
},
{
"name": "RHSA-2003:087",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-087.html"
},
{
"name": "SuSE-SA:2003:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_017_file.html"
},
{
"name": "7008",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7008"
},
{
"name": "20030304 iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104680706201721\u0026w=2"
},
{
"name": "IMNX-2003-7+-012-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://lwn.net/Alerts/34908/"
},
{
"name": "RHSA-2003:086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-086.html"
},
{
"name": "DSA-260",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-260"
},
{
"name": "VU#611865",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/611865"
},
{
"name": "MDKSA-2003:030",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.idefense.com/advisory/03.04.03.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/03.04.03.txt"
},
{
"name": "file-afctr-read-bo(11469)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11469"
},
{
"name": "NetBSD-SA2003-003",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc"
},
{
"name": "RHSA-2003:087",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-087.html"
},
{
"name": "SuSE-SA:2003:017",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_017_file.html"
},
{
"name": "7008",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7008"
},
{
"name": "20030304 iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104680706201721\u0026w=2"
},
{
"name": "IMNX-2003-7+-012-01",
"refsource": "IMMUNIX",
"url": "http://lwn.net/Alerts/34908/"
},
{
"name": "RHSA-2003:086",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-086.html"
},
{
"name": "DSA-260",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-260"
},
{
"name": "VU#611865",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/611865"
},
{
"name": "MDKSA-2003:030",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0102",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-25T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4782 (GCVE-0-2005-4782)
Vulnerability from cvelistv5
Published
2006-04-14 10:00
Modified
2024-09-16 18:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:22.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111\u0026r2=1.112"
},
{
"name": "NetBSD-SA2005-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html"
},
{
"name": "[source-changes] 20051021 CVS commit: src/sys/kern",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html"
},
{
"name": "15289",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15289"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with \"options DIAGNOSTIC,\" allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-14T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111\u0026r2=1.112"
},
{
"name": "NetBSD-SA2005-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html"
},
{
"name": "[source-changes] 20051021 CVS commit: src/sys/kern",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html"
},
{
"name": "15289",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15289"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with \"options DIAGNOSTIC,\" allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111\u0026r2=1.112",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/uipc_socket.c.diff?r1=1.111\u0026r2=1.112"
},
{
"name": "NetBSD-SA2005-012",
"refsource": "NETBSD",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/11/08/0010.html"
},
{
"name": "[source-changes] 20051021 CVS commit: src/sys/kern",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/source-changes/2005/10/21/0038.html"
},
{
"name": "15289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15289"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4782",
"datePublished": "2006-04-14T10:00:00Z",
"dateReserved": "2006-04-13T00:00:00Z",
"dateUpdated": "2024-09-16T18:39:40.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1273 (GCVE-0-2007-1273)
Vulnerability from cvelistv5
Published
2007-03-10 20:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22878",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22878"
},
{
"name": "35453",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35453"
},
{
"name": "NetBSD-SA2007-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-001.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22878",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22878"
},
{
"name": "35453",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35453"
},
{
"name": "NetBSD-SA2007-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-001.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22878"
},
{
"name": "35453",
"refsource": "OSVDB",
"url": "http://osvdb.org/35453"
},
{
"name": "NetBSD-SA2007-001",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-001.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1273",
"datePublished": "2007-03-10T20:00:00",
"dateReserved": "2007-03-04T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0016 (GCVE-0-1999-0016)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2025-03-17 15:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Land IP denial of service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-03-17T15:03:08.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX9801-076",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-076"
},
{
"url": "https://security.netapp.com/advisory/ntap-20170815-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Land IP denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX9801-076",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-076"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Land IP denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX9801-076",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-076"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0016",
"datePublished": "1999-09-29T04:00:00.000Z",
"dateReserved": "1999-06-07T00:00:00.000Z",
"dateUpdated": "2025-03-17T15:03:08.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4779 (GCVE-0-2005-4779)
Vulnerability from cvelistv5
Published
2006-04-13 10:00
Modified
2024-09-16 19:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:22.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4\u0026r2=1.4.2.1\u0026f=h"
},
{
"name": "20725",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20725"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-13T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4\u0026r2=1.4.2.1\u0026f=h"
},
{
"name": "20725",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20725"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow local users to execute Trojan horse programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988",
"refsource": "CONFIRM",
"url": "http://releng.netbsd.org/cgi-bin/req-2-0.cgi?show=1988"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4\u0026r2=1.4.2.1\u0026f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/dev/verified_exec.c.diff?r1=1.4\u0026r2=1.4.2.1\u0026f=h"
},
{
"name": "20725",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20725"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4779",
"datePublished": "2006-04-13T10:00:00Z",
"dateReserved": "2006-04-13T00:00:00Z",
"dateUpdated": "2024-09-16T19:30:13.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000375 (GCVE-0-2017-1000375)
Vulnerability from cvelistv5
Published
2017-06-19 16:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:39.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42272",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42272/"
},
{
"name": "99257",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99257"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-11T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42272",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42272/"
},
{
"name": "99257",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99257"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000375",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42272",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42272/"
},
{
"name": "99257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99257"
},
{
"name": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000375",
"datePublished": "2017-06-19T16:00:00",
"dateReserved": "2017-06-19T00:00:00",
"dateUpdated": "2024-08-05T22:00:39.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2482 (GCVE-0-2009-2482)
Vulnerability from cvelistv5
Published
2009-07-16 16:00
Modified
2024-08-07 05:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:15.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022432"
},
{
"name": "NetBSD-SA2009-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc"
},
{
"name": "35553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35553"
},
{
"name": "55284",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55284"
},
{
"name": "35465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35465"
},
{
"name": "netbsd-openpam-security-bypass(51312)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1022432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022432"
},
{
"name": "NetBSD-SA2009-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc"
},
{
"name": "35553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35553"
},
{
"name": "55284",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55284"
},
{
"name": "35465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35465"
},
{
"name": "netbsd-openpam-security-bypass(51312)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022432"
},
{
"name": "NetBSD-SA2009-004",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-004.txt.asc"
},
{
"name": "35553",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35553"
},
{
"name": "55284",
"refsource": "OSVDB",
"url": "http://osvdb.org/55284"
},
{
"name": "35465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35465"
},
{
"name": "netbsd-openpam-security-bypass(51312)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2482",
"datePublished": "2009-07-16T16:00:00",
"dateReserved": "2009-07-16T00:00:00",
"dateUpdated": "2024-08-07T05:52:15.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0670 (GCVE-0-2001-0670)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CA-2001-30",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2001-30.html"
},
{
"name": "RHSA-2001:147",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-147.html"
},
{
"name": "20010829 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/alerts/advise94.php"
},
{
"name": "CSSA-2001-SCO.20",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt"
},
{
"name": "NetBSD-SA2001-018",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc"
},
{
"name": "3252",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3252"
},
{
"name": "VU#274043",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/274043"
},
{
"name": "20010829",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.com/errata28.html"
},
{
"name": "bsd-lpd-bo(7046)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7046"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CA-2001-30",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2001-30.html"
},
{
"name": "RHSA-2001:147",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-147.html"
},
{
"name": "20010829 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/alerts/advise94.php"
},
{
"name": "CSSA-2001-SCO.20",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt"
},
{
"name": "NetBSD-SA2001-018",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc"
},
{
"name": "3252",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3252"
},
{
"name": "VU#274043",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/274043"
},
{
"name": "20010829",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.com/errata28.html"
},
{
"name": "bsd-lpd-bo(7046)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7046"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CA-2001-30",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-30.html"
},
{
"name": "RHSA-2001:147",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-147.html"
},
{
"name": "20010829 Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon",
"refsource": "ISS",
"url": "http://xforce.iss.net/alerts/advise94.php"
},
{
"name": "CSSA-2001-SCO.20",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.20/CSSA-2001-SCO.20.txt"
},
{
"name": "NetBSD-SA2001-018",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-018.txt.asc"
},
{
"name": "3252",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3252"
},
{
"name": "VU#274043",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/274043"
},
{
"name": "20010829",
"refsource": "OPENBSD",
"url": "http://www.openbsd.com/errata28.html"
},
{
"name": "bsd-lpd-bo(7046)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7046"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0670",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-27T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3951 (GCVE-0-2014-3951)
Vulnerability from cvelistv5
Published
2014-08-21 22:00
Modified
2024-08-06 10:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2014-5384 is used for the NULL pointer dereference.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:57:17.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-14:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"name": "1030458",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030458"
},
{
"name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2014-5384 is used for the NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-08-21T21:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-14:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"name": "1030458",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030458"
},
{
"name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2014-5384 is used for the NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-14:15",
"refsource": "FREEBSD",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"name": "1030458",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030458"
},
{
"name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3951",
"datePublished": "2014-08-21T22:00:00",
"dateReserved": "2014-06-03T00:00:00",
"dateUpdated": "2024-08-06T10:57:17.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1588 (GCVE-0-2006-1588)
Vulnerability from cvelistv5
Published
2006-04-03 10:00
Modified
2024-08-07 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17312"
},
{
"name": "24262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24262"
},
{
"name": "19464",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19464"
},
{
"name": "bsd-ifbridge-information-disclosure(25582)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25582"
},
{
"name": "NetBSD-SA2006-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc"
},
{
"name": "1015846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015846"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17312"
},
{
"name": "24262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24262"
},
{
"name": "19464",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19464"
},
{
"name": "bsd-ifbridge-information-disclosure(25582)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25582"
},
{
"name": "NetBSD-SA2006-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc"
},
{
"name": "1015846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015846"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17312"
},
{
"name": "24262",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24262"
},
{
"name": "19464",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19464"
},
{
"name": "bsd-ifbridge-information-disclosure(25582)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25582"
},
{
"name": "NetBSD-SA2006-005",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc"
},
{
"name": "1015846",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015846"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1588",
"datePublished": "2006-04-03T10:00:00",
"dateReserved": "2006-04-02T00:00:00",
"dateUpdated": "2024-08-07T17:19:48.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0681 (GCVE-0-2003-0681)
Vulnerability from cvelistv5
Published
2003-09-18 04:00
Modified
2024-08-08 02:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:11.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"name": "RHSA-2003:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"name": "oval:org.mitre.oval:def:595",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A595"
},
{
"name": "MDKSA-2003:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"name": "oval:org.mitre.oval:def:3606",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3606"
},
{
"name": "VU#108964",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/108964"
},
{
"name": "DSA-384",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"name": "sendmail-ruleset-parsing-bo(13216)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13216"
},
{
"name": "20030917 GLSA: sendmail (200309-13)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"name": "8649",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8649"
},
{
"name": "CLA-2003:742",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A \"potential buffer overflow in ruleset parsing\" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"name": "RHSA-2003:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"name": "oval:org.mitre.oval:def:595",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A595"
},
{
"name": "MDKSA-2003:092",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"name": "oval:org.mitre.oval:def:3606",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3606"
},
{
"name": "VU#108964",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/108964"
},
{
"name": "DSA-384",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"name": "sendmail-ruleset-parsing-bo(13216)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13216"
},
{
"name": "20030917 GLSA: sendmail (200309-13)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"name": "8649",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8649"
},
{
"name": "CLA-2003:742",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A \"potential buffer overflow in ruleset parsing\" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"name": "http://www.sendmail.org/8.12.10.html",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"name": "RHSA-2003:283",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-283.html"
},
{
"name": "oval:org.mitre.oval:def:595",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A595"
},
{
"name": "MDKSA-2003:092",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:092"
},
{
"name": "oval:org.mitre.oval:def:3606",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3606"
},
{
"name": "VU#108964",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/108964"
},
{
"name": "DSA-384",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"name": "sendmail-ruleset-parsing-bo(13216)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13216"
},
{
"name": "20030917 GLSA: sendmail (200309-13)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"name": "8649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8649"
},
{
"name": "CLA-2003:742",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0681",
"datePublished": "2003-09-18T04:00:00",
"dateReserved": "2003-08-13T00:00:00",
"dateUpdated": "2024-08-08T02:05:11.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0004 (GCVE-0-2002-0004)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-16T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"refsource": "MANDRAKE",
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0004",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-01-02T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6397 (GCVE-0-2006-6397)
Vulnerability from cvelistv5
Published
2006-12-08 01:00
Modified
2024-08-07 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061122 Re: Re: *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452374/100/200/threaded"
},
{
"name": "20061122 *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452322/100/200/threaded"
},
{
"name": "20061122 Re: *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452330/100/200/threaded"
},
{
"name": "20061123 Re: *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452470/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061122 Re: Re: *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452374/100/200/threaded"
},
{
"name": "20061122 *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452322/100/200/threaded"
},
{
"name": "20061122 Re: *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452330/100/200/threaded"
},
{
"name": "20061123 Re: *BSD banner INT overflow vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452470/100/200/threaded"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061122 Re: Re: *BSD banner INT overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452374/100/200/threaded"
},
{
"name": "20061122 *BSD banner INT overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452322/100/200/threaded"
},
{
"name": "20061122 Re: *BSD banner INT overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452330/100/200/threaded"
},
{
"name": "20061123 Re: *BSD banner INT overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452470/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6397",
"datePublished": "2006-12-08T01:00:00",
"dateReserved": "2006-12-07T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2895 (GCVE-0-2011-2895)
Vulnerability from cvelistv5
Published
2011-08-19 17:00
Modified
2024-08-06 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205635"
},
{
"name": "RHSA-2011:1154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"name": "USN-1191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"name": "[oss-security] 20110810 LZW decompression issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"name": "45544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45544"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205637"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5130"
},
{
"name": "APPLE-SA-2015-12-08-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name": "MDVSA-2011:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"name": "49124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49124"
},
{
"name": "45599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45599"
},
{
"name": "RHSA-2011:1155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"name": "1025920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025920"
},
{
"name": "openSUSE-SU-2011:1299",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"name": "APPLE-SA-2015-12-08-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name": "SUSE-SU-2011:1035",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"name": "APPLE-SA-2012-02-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"name": "[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"name": "46127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46127"
},
{
"name": "45986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45986"
},
{
"name": "RHSA-2011:1161",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"name": "RHSA-2011:1834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"name": "xorg-lzw-bo(69141)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"name": "APPLE-SA-2015-12-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name": "45568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45568"
},
{
"name": "[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205641"
},
{
"name": "NetBSD-SA2011-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "APPLE-SA-2015-12-08-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5281"
},
{
"name": "APPLE-SA-2012-05-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"name": "DSA-2293",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205635"
},
{
"name": "RHSA-2011:1154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"name": "USN-1191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"name": "[oss-security] 20110810 LZW decompression issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"name": "45544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45544"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205637"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5130"
},
{
"name": "APPLE-SA-2015-12-08-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name": "MDVSA-2011:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"name": "49124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49124"
},
{
"name": "45599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45599"
},
{
"name": "RHSA-2011:1155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"name": "1025920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025920"
},
{
"name": "openSUSE-SU-2011:1299",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"name": "APPLE-SA-2015-12-08-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name": "SUSE-SU-2011:1035",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"name": "APPLE-SA-2012-02-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"name": "[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"name": "46127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46127"
},
{
"name": "45986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45986"
},
{
"name": "RHSA-2011:1161",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"name": "RHSA-2011:1834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"name": "xorg-lzw-bo(69141)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"name": "APPLE-SA-2015-12-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name": "45568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45568"
},
{
"name": "[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205641"
},
{
"name": "NetBSD-SA2011-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "APPLE-SA-2015-12-08-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5281"
},
{
"name": "APPLE-SA-2012-05-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"name": "DSA-2293",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2895",
"datePublished": "2011-08-19T17:00:00",
"dateReserved": "2011-07-27T00:00:00",
"dateUpdated": "2024-08-06T23:15:31.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1289 (GCVE-0-2003-1289)
Vulnerability from cvelistv5
Published
2005-12-17 21:00
Modified
2024-08-08 02:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:46.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/2406"
},
{
"name": "freebsd-ibcs2-kernel-memory(12892)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12892"
},
{
"name": "9504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9504"
},
{
"name": "FreeBSD-SA-03:10",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc"
},
{
"name": "1007460",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1007460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/2406"
},
{
"name": "freebsd-ibcs2-kernel-memory(12892)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12892"
},
{
"name": "9504",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9504"
},
{
"name": "FreeBSD-SA-03:10",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc"
},
{
"name": "1007460",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1007460"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2406",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2406"
},
{
"name": "freebsd-ibcs2-kernel-memory(12892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12892"
},
{
"name": "9504",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9504"
},
{
"name": "FreeBSD-SA-03:10",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:10.ibcs2.asc"
},
{
"name": "1007460",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1007460"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1289",
"datePublished": "2005-12-17T21:00:00",
"dateReserved": "2005-12-17T00:00:00",
"dateUpdated": "2024-08-08T02:19:46.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0323 (GCVE-0-1999-0323)
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeBSD mmap function allows users to modify append-only or immutable files.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1998-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeBSD mmap function allows users to modify append-only or immutable files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1998-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeBSD mmap function allows users to modify append-only or immutable files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1998-003",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0323",
"datePublished": "2000-06-02T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4609 (GCVE-0-2008-4609)
Vulnerability from cvelistv5
Published
2008-10-20 17:00
Modified
2024-08-07 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
},
{
"name": "HPSBMI02473",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
},
{
"name": "[dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.outpost24.com/news/news-2008-10-02.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
},
{
"name": "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
},
{
"name": "TA09-251A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
},
{
"name": "MS09-048",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
},
{
"name": "oval:org.mitre.oval:def:6340",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SSRT080138",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
},
{
"name": "HPSBMI02473",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
},
{
"name": "[dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.outpost24.com/news/news-2008-10-02.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
},
{
"name": "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
},
{
"name": "TA09-251A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
},
{
"name": "MS09-048",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
},
{
"name": "oval:org.mitre.oval:def:6340",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SSRT080138",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4609",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.robertlee.name/2008/10/conjecture-speculation.html",
"refsource": "MISC",
"url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
},
{
"name": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html",
"refsource": "MISC",
"url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
},
{
"name": "HPSBMI02473",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
},
{
"name": "[dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation",
"refsource": "MLIST",
"url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
},
{
"name": "http://insecure.org/stf/tcp-dos-attack-explained.html",
"refsource": "MISC",
"url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
},
{
"name": "http://www.outpost24.com/news/news-2008-10-02.html",
"refsource": "MISC",
"url": "http://www.outpost24.com/news/news-2008-10-02.html"
},
{
"name": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf",
"refsource": "MISC",
"url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
},
{
"name": "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
},
{
"name": "TA09-251A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
},
{
"name": "MS09-048",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
},
{
"name": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked",
"refsource": "MISC",
"url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
},
{
"name": "oval:org.mitre.oval:def:6340",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "SSRT080138",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4609",
"datePublished": "2008-10-20T17:00:00",
"dateReserved": "2008-10-20T00:00:00",
"dateUpdated": "2024-08-07T10:24:20.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0993 (GCVE-0-2001-0993)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:07.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2001-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html"
},
{
"name": "3088",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3088"
},
{
"name": "bsd-kernel-sendmsg-dos(6908)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6908"
},
{
"name": "1910",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-06T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2001-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html"
},
{
"name": "3088",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3088"
},
{
"name": "bsd-kernel-sendmsg-dos(6908)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6908"
},
{
"name": "1910",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1910"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2001-011",
"refsource": "NETBSD",
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html"
},
{
"name": "3088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3088"
},
{
"name": "bsd-kernel-sendmsg-dos(6908)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6908"
},
{
"name": "1910",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1910"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0993",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:37:07.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2205 (GCVE-0-2006-2205)
Vulnerability from cvelistv5
Published
2006-05-05 10:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:27.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17999",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17999"
},
{
"name": "25086",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25086"
},
{
"name": "NetBSD-SA2006-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-014.txt.asc"
},
{
"name": "1016004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-05-20T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17999",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17999"
},
{
"name": "25086",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25086"
},
{
"name": "NetBSD-SA2006-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-014.txt.asc"
},
{
"name": "1016004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17999",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17999"
},
{
"name": "25086",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25086"
},
{
"name": "NetBSD-SA2006-014",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-014.txt.asc"
},
{
"name": "1016004",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2205",
"datePublished": "2006-05-05T10:00:00",
"dateReserved": "2006-05-04T00:00:00",
"dateUpdated": "2024-08-07T17:43:27.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1194 (GCVE-0-2002-1194)
Vulnerability from cvelistv5
Published
2002-10-15 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netbsd-talkd-bo(10303)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10303.php"
},
{
"name": "NetBSD-SA2002-019",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc"
},
{
"name": "5910",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netbsd-talkd-bo(10303)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10303.php"
},
{
"name": "NetBSD-SA2002-019",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc"
},
{
"name": "5910",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5910"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow remote attackers to execute arbitrary code via a long inbound message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netbsd-talkd-bo(10303)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10303.php"
},
{
"name": "NetBSD-SA2002-019",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc"
},
{
"name": "5910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5910"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1194",
"datePublished": "2002-10-15T04:00:00",
"dateReserved": "2002-10-08T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0315 (GCVE-0-2000-0315)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7575",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7575"
},
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7575",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7575"
},
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7575",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7575"
},
{
"name": "19990213 traceroute as a flooder",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "NetBSD-SA1999-004",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0315",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0230 (GCVE-0-2004-0230)
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:2689",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689"
},
{
"name": "oval:org.mitre.oval:def:3508",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508"
},
{
"name": "TA04-111A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-111A.html"
},
{
"name": "oval:org.mitre.oval:def:5711",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711"
},
{
"name": "20040425 Perl code exploting TCP not checking RST ACK.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2"
},
{
"name": "SSRT061264",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
},
{
"name": "MS06-064",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"name": "11440",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11440"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/JSA10638"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "VU#415294",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"name": "SSRT4696",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2"
},
{
"name": "SCOSA-2005.9",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt"
},
{
"name": "20040403-01-A",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc"
},
{
"name": "MS05-019",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"name": "HPSBST02161",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"name": "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
},
{
"name": "SCOSA-2005.3",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt"
},
{
"name": "10183",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10183"
},
{
"name": "oval:org.mitre.oval:def:4791",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791"
},
{
"name": "SCOSA-2005.14",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt"
},
{
"name": "oval:org.mitre.oval:def:270",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270"
},
{
"name": "tcp-rst-dos(15886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886"
},
{
"name": "4030",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4030"
},
{
"name": "22341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22341"
},
{
"name": "NetBSD-SA2004-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc"
},
{
"name": "ADV-2006-3983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"name": "11458",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11458"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:2689",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689"
},
{
"name": "oval:org.mitre.oval:def:3508",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508"
},
{
"name": "TA04-111A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-111A.html"
},
{
"name": "oval:org.mitre.oval:def:5711",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711"
},
{
"name": "20040425 Perl code exploting TCP not checking RST ACK.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2"
},
{
"name": "SSRT061264",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
},
{
"name": "MS06-064",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"name": "11440",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11440"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/JSA10638"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "VU#415294",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"name": "SSRT4696",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2"
},
{
"name": "SCOSA-2005.9",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt"
},
{
"name": "20040403-01-A",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc"
},
{
"name": "MS05-019",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"name": "HPSBST02161",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"name": "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
},
{
"name": "SCOSA-2005.3",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt"
},
{
"name": "10183",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10183"
},
{
"name": "oval:org.mitre.oval:def:4791",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791"
},
{
"name": "SCOSA-2005.14",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt"
},
{
"name": "oval:org.mitre.oval:def:270",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270"
},
{
"name": "tcp-rst-dos(15886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886"
},
{
"name": "4030",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4030"
},
{
"name": "22341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22341"
},
{
"name": "NetBSD-SA2004-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc"
},
{
"name": "ADV-2006-3983",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"name": "11458",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11458"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0230",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:2689",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689"
},
{
"name": "oval:org.mitre.oval:def:3508",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508"
},
{
"name": "TA04-111A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-111A.html"
},
{
"name": "oval:org.mitre.oval:def:5711",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711"
},
{
"name": "20040425 Perl code exploting TCP not checking RST ACK.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2"
},
{
"name": "SSRT061264",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
},
{
"name": "MS06-064",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064"
},
{
"name": "11440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11440"
},
{
"name": "http://kb.juniper.net/JSA10638",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/JSA10638"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "VU#415294",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/415294"
},
{
"name": "SSRT4696",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2"
},
{
"name": "SCOSA-2005.9",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt"
},
{
"name": "20040403-01-A",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc"
},
{
"name": "MS05-019",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019"
},
{
"name": "HPSBST02161",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
},
{
"name": "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml"
},
{
"name": "SCOSA-2005.3",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt"
},
{
"name": "10183",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10183"
},
{
"name": "oval:org.mitre.oval:def:4791",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791"
},
{
"name": "SCOSA-2005.14",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt"
},
{
"name": "oval:org.mitre.oval:def:270",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270"
},
{
"name": "tcp-rst-dos(15886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886"
},
{
"name": "4030",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4030"
},
{
"name": "22341",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22341"
},
{
"name": "NetBSD-SA2004-006",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc"
},
{
"name": "ADV-2006-3983",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3983"
},
{
"name": "11458",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11458"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0230",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1543 (GCVE-0-2002-1543)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2002-025",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc"
},
{
"name": "6036",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6036"
},
{
"name": "trek-keyboard-input-bo(10458)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10458.php"
},
{
"name": "7570",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7570"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2002-025",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc"
},
{
"name": "6036",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6036"
},
{
"name": "trek-keyboard-input-bo(10458)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10458.php"
},
{
"name": "7570",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7570"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2002-025",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc"
},
{
"name": "6036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6036"
},
{
"name": "trek-keyboard-input-bo(10458)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10458.php"
},
{
"name": "7570",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7570"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1543",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-25T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4304 (GCVE-0-2006-4304)
Vulnerability from cvelistv5
Published
2006-08-24 00:00
Modified
2024-08-07 19:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch"
},
{
"name": "19684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19684"
},
{
"name": "sppp4-lcp-bo(28562)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28562"
},
{
"name": "FreeBSD-SA-06:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc"
},
{
"name": "[3.8] 20060902 014: SECURITY FIX: September 2, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata38.html#sppp"
},
{
"name": "21731",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21731"
},
{
"name": "NetBSD-SA2006-019",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc"
},
{
"name": "1016745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016745"
},
{
"name": "[3.9] 20060902 009: SECURITY FIX: September 2, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata.html#sppp"
},
{
"name": "21587",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch"
},
{
"name": "19684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19684"
},
{
"name": "sppp4-lcp-bo(28562)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28562"
},
{
"name": "FreeBSD-SA-06:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc"
},
{
"name": "[3.8] 20060902 014: SECURITY FIX: September 2, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata38.html#sppp"
},
{
"name": "21731",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21731"
},
{
"name": "NetBSD-SA2006-019",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc"
},
{
"name": "1016745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016745"
},
{
"name": "[3.9] 20060902 009: SECURITY FIX: September 2, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata.html#sppp"
},
{
"name": "21587",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch",
"refsource": "MISC",
"url": "http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch"
},
{
"name": "19684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19684"
},
{
"name": "sppp4-lcp-bo(28562)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28562"
},
{
"name": "FreeBSD-SA-06:08",
"refsource": "FREEBSD",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-06:18.ppp.asc"
},
{
"name": "[3.8] 20060902 014: SECURITY FIX: September 2, 2006",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata38.html#sppp"
},
{
"name": "21731",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21731"
},
{
"name": "NetBSD-SA2006-019",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc"
},
{
"name": "1016745",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016745"
},
{
"name": "[3.9] 20060902 009: SECURITY FIX: September 2, 2006",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata.html#sppp"
},
{
"name": "21587",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4304",
"datePublished": "2006-08-24T00:00:00",
"dateReserved": "2006-08-22T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4691 (GCVE-0-2005-4691)
Vulnerability from cvelistv5
Published
2006-02-01 02:00
Modified
2024-09-16 23:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:28.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"name": "15263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15263"
},
{
"name": "20731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20731"
},
{
"name": "2005-009",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-02-01T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"name": "15263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15263"
},
{
"name": "20731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20731"
},
{
"name": "2005-009",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015132",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015132"
},
{
"name": "http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html",
"refsource": "CONFIRM",
"url": "http://mail-index.netbsd.org/source-changes/2005/09/12/0043.html"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"name": "15263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15263"
},
{
"name": "20731",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20731"
},
{
"name": "2005-009",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4691",
"datePublished": "2006-02-01T02:00:00Z",
"dateReserved": "2006-01-31T00:00:00Z",
"dateUpdated": "2024-09-16T23:06:39.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5215 (GCVE-0-2006-5215)
Vulnerability from cvelistv5
Published
2006-10-09 21:00
Modified
2024-08-07 19:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805"
},
{
"name": "1017015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017015"
},
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22992"
},
{
"name": "oval:org.mitre.oval:def:2205",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205"
},
{
"name": "xdm-xsession-symlink(29427)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29427"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5898"
},
{
"name": "102652",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user\u0027s Xsession errors file, via a symlink attack on a /tmp/xses-$USER file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805"
},
{
"name": "1017015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017015"
},
{
"name": "22992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22992"
},
{
"name": "oval:org.mitre.oval:def:2205",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205"
},
{
"name": "xdm-xsession-symlink(29427)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29427"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5898"
},
{
"name": "102652",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user\u0027s Xsession errors file, via a symlink attack on a /tmp/xses-$USER file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805",
"refsource": "CONFIRM",
"url": "http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=32805"
},
{
"name": "1017015",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017015"
},
{
"name": "22992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22992"
},
{
"name": "oval:org.mitre.oval:def:2205",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2205"
},
{
"name": "xdm-xsession-symlink(29427)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29427"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=5898",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=5898"
},
{
"name": "102652",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102652-1"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5215",
"datePublished": "2006-10-09T21:00:00",
"dateReserved": "2006-10-09T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2464 (GCVE-0-2008-2464)
Vulnerability from cvelistv5
Published
2008-09-10 15:00
Modified
2024-09-16 22:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:28.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31026",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cert.fi/haavoittuvuudet/2008/advisory-netbsd.html"
},
{
"name": "VU#817940",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/817940"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.46\u0026r2=1.47\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.34%3Br2=1.35%3Bf=h"
},
{
"name": "NetBSD-SA2008-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-011.txt.asc"
},
{
"name": "1020822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020822"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-09-10T15:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "31026",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cert.fi/haavoittuvuudet/2008/advisory-netbsd.html"
},
{
"name": "VU#817940",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/817940"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.46\u0026r2=1.47\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.34%3Br2=1.35%3Bf=h"
},
{
"name": "NetBSD-SA2008-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-011.txt.asc"
},
{
"name": "1020822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020822"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-2464",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31026"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c"
},
{
"name": "http://cert.fi/haavoittuvuudet/2008/advisory-netbsd.html",
"refsource": "MISC",
"url": "http://cert.fi/haavoittuvuudet/2008/advisory-netbsd.html"
},
{
"name": "VU#817940",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/817940"
},
{
"name": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c",
"refsource": "CONFIRM",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.46\u0026r2=1.47\u0026f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.46\u0026r2=1.47\u0026f=h"
},
{
"name": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.34;r2=1.35;f=h",
"refsource": "CONFIRM",
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/mld6.c.diff?r1=1.34;r2=1.35;f=h"
},
{
"name": "NetBSD-SA2008-011",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-011.txt.asc"
},
{
"name": "1020822",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020822"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-2464",
"datePublished": "2008-09-10T15:00:00Z",
"dateReserved": "2008-05-28T00:00:00Z",
"dateUpdated": "2024-09-16T22:02:39.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8212 (GCVE-0-2015-8212)
Vulnerability from cvelistv5
Published
2017-01-19 20:00
Modified
2024-08-06 08:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:32.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2016-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc"
},
{
"name": "1035673",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035673"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-19T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2016-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc"
},
{
"name": "1035673",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035673"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2016-005",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc"
},
{
"name": "1035673",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035673"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8212",
"datePublished": "2017-01-19T20:00:00",
"dateReserved": "2015-11-14T00:00:00",
"dateUpdated": "2024-08-06T08:13:32.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0247 (GCVE-0-2001-0247)
Vulnerability from cvelistv5
Published
2001-05-24 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:14:06.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-01:33",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"
},
{
"name": "2548",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2548"
},
{
"name": "20010409 Globbing Vulnerabilities in Multiple FTP Daemons",
"tags": [
"vendor-advisory",
"x_refsource_NAI",
"x_transferred"
],
"url": "http://www.nai.com/research/covert/advisories/048.asp"
},
{
"name": "CA-2001-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2001-07.html"
},
{
"name": "20010802-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"
},
{
"name": "NetBSD-SA2000-018",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"name": "ftp-glob-expansion(6332)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-01:33",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"
},
{
"name": "2548",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2548"
},
{
"name": "20010409 Globbing Vulnerabilities in Multiple FTP Daemons",
"tags": [
"vendor-advisory",
"x_refsource_NAI"
],
"url": "http://www.nai.com/research/covert/advisories/048.asp"
},
{
"name": "CA-2001-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2001-07.html"
},
{
"name": "20010802-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"
},
{
"name": "NetBSD-SA2000-018",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"name": "ftp-glob-expansion(6332)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-01:33",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html"
},
{
"name": "2548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2548"
},
{
"name": "20010409 Globbing Vulnerabilities in Multiple FTP Daemons",
"refsource": "NAI",
"url": "http://www.nai.com/research/covert/advisories/048.asp"
},
{
"name": "CA-2001-07",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-07.html"
},
{
"name": "20010802-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P"
},
{
"name": "NetBSD-SA2000-018",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"name": "ftp-glob-expansion(6332)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6332"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0247",
"datePublished": "2001-05-24T04:00:00",
"dateReserved": "2001-03-22T00:00:00",
"dateUpdated": "2024-08-08T04:14:06.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2012 (GCVE-0-2004-2012)
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040510 Advisory 04/2004: Net(Free)BSD Systrace local root vulnerabilitiy",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108432258920570\u0026w=2"
},
{
"name": "10320",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10320"
},
{
"name": "systrace-gain-privileges(16110)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16110"
},
{
"name": "11585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11585"
},
{
"name": "NetBSD-SA2004-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-007.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040510 Advisory 04/2004: Net(Free)BSD Systrace local root vulnerabilitiy",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108432258920570\u0026w=2"
},
{
"name": "10320",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10320"
},
{
"name": "systrace-gain-privileges(16110)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16110"
},
{
"name": "11585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11585"
},
{
"name": "NetBSD-SA2004-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-007.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040510 Advisory 04/2004: Net(Free)BSD Systrace local root vulnerabilitiy",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108432258920570\u0026w=2"
},
{
"name": "10320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10320"
},
{
"name": "systrace-gain-privileges(16110)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16110"
},
{
"name": "11585",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11585"
},
{
"name": "NetBSD-SA2004-007",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-007.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2012",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0433 (GCVE-0-1999-0433)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:33:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0433",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000378 (GCVE-0-2017-1000378)
Vulnerability from cvelistv5
Published
2017-06-19 16:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99255",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99255"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23\u0026content-type=text/x-cvsweb-markup"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-26T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "99255",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99255"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23\u0026content-type=text/x-cvsweb-markup"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000378",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99255"
},
{
"name": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23\u0026content-type=text/x-cvsweb-markup",
"refsource": "MISC",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/qsort.c?rev=1.23\u0026content-type=text/x-cvsweb-markup"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000378",
"datePublished": "2017-06-19T16:00:00",
"dateReserved": "2017-06-13T00:00:00",
"dateUpdated": "2024-08-05T22:00:41.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5363 (GCVE-0-2012-5363)
Vulnerability from cvelistv5
Published
2020-02-20 14:24
Modified
2024-08-06 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:46.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"name": "56170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/56170/info"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T14:24:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"name": "56170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/56170/info"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openwall.com/lists/oss-security/2012/10/10/12",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"name": "56170",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/56170/info"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5363",
"datePublished": "2020-02-20T14:24:37",
"dateReserved": "2012-10-10T00:00:00",
"dateUpdated": "2024-08-06T21:05:46.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0092 (GCVE-0-2000-0092)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "939",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/939"
},
{
"name": "FreeBSD-SA-00:01",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:01.make.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BSD make program allows local users to modify files via a symlink attack when the -j option is being used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-09-15T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "939",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/939"
},
{
"name": "FreeBSD-SA-00:01",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:01.make.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BSD make program allows local users to modify files via a symlink attack when the -j option is being used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "939",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/939"
},
{
"name": "FreeBSD-SA-00:01",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:01.make.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0092",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-02-02T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4754 (GCVE-0-2010-4754)
Vulnerability from cvelistv5
Published
2011-03-02 19:00
Modified
2024-08-07 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.009Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4723"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"name": "APPLE-SA-2011-06-23-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "NetBSD-SA2010-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name": "8116",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8116"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-06-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4723"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"name": "APPLE-SA-2011-06-23-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "NetBSD-SA2010-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name": "8116",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8116"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"name": "http://support.apple.com/kb/HT4723",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4723"
},
{
"name": "http://securityreason.com/exploitalert/9223",
"refsource": "MISC",
"url": "http://securityreason.com/exploitalert/9223"
},
{
"name": "APPLE-SA-2011-06-23-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name": "http://cxib.net/stuff/glob-0day.c",
"refsource": "MISC",
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "NetBSD-SA2010-008",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name": "8116",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8116"
},
{
"name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.c#rev1.18.10.1"
},
{
"name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/lib/libc/gen/glob.3#rev1.30.12.1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4754",
"datePublished": "2011-03-02T19:00:00",
"dateReserved": "2011-03-02T00:00:00",
"dateUpdated": "2024-08-07T03:55:35.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1833 (GCVE-0-2006-1833)
Vulnerability from cvelistv5
Published
2006-04-19 16:00
Modified
2024-08-07 17:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:27:28.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19585"
},
{
"name": "NetBSD-SA2006-009",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc"
},
{
"name": "17496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17496"
},
{
"name": "1015907",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015907"
},
{
"name": "netbsd-intel-rng-security-bypass(25786)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786"
},
{
"name": "24577",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24577"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19585",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19585"
},
{
"name": "NetBSD-SA2006-009",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc"
},
{
"name": "17496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17496"
},
{
"name": "1015907",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015907"
},
{
"name": "netbsd-intel-rng-security-bypass(25786)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786"
},
{
"name": "24577",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24577"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19585",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19585"
},
{
"name": "NetBSD-SA2006-009",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc"
},
{
"name": "17496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17496"
},
{
"name": "1015907",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015907"
},
{
"name": "netbsd-intel-rng-security-bypass(25786)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786"
},
{
"name": "24577",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24577"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1833",
"datePublished": "2006-04-19T16:00:00",
"dateReserved": "2006-04-19T00:00:00",
"dateUpdated": "2024-08-07T17:27:28.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6654 (GCVE-0-2006-6654)
Vulnerability from cvelistv5
Published
2006-12-20 02:00
Modified
2024-09-17 02:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017293",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-20T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017293",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017293",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017293"
},
{
"name": "NetBSD-SA2006-026",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-026.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6654",
"datePublished": "2006-12-20T02:00:00Z",
"dateReserved": "2006-12-19T00:00:00Z",
"dateUpdated": "2024-09-17T02:31:14.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1547 (GCVE-0-2011-1547)
Vulnerability from cvelistv5
Published
2011-05-09 19:00
Modified
2024-08-06 22:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#668220",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/668220"
},
{
"name": "NetBSD-SA2011-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.asc"
},
{
"name": "20110401 BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#668220",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/668220"
},
{
"name": "NetBSD-SA2011-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.asc"
},
{
"name": "20110401 BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#668220",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/668220"
},
{
"name": "NetBSD-SA2011-004",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.asc"
},
{
"name": "20110401 BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1547",
"datePublished": "2011-05-09T19:00:00",
"dateReserved": "2011-03-29T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0419 (GCVE-0-2011-0419)
Vulnerability from cvelistv5
Published
2011-05-16 17:00
Modified
2024-08-06 21:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44574"
},
{
"name": "HPSBUX02707",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SSRT100966",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "[dev] 20110511 Re: Apache Portable Runtime 1.4.4 [...] Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "20110512 Multiple Vendors libc/fnmatch(3) DoS (incl apache)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/98"
},
{
"name": "HPSBUX02702",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "HPSBOV02822",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "SSRT100619",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:14804",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxib.net/stuff/apr_fnmatch.txts"
},
{
"name": "oval:org.mitre.oval:def:14638",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638"
},
{
"name": "1025527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.apache.org/dist/apr/CHANGES-APR-1.4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098799"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029\u0026r2=1098902"
},
{
"name": "8246",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8246"
},
{
"name": "DSA-2237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2237"
},
{
"name": "RHSA-2011:0897",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390"
},
{
"name": "44564",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44564"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "SSRT100626",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "44490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44490"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxib.net/stuff/apache.fnmatch.phps"
},
{
"name": "RHSA-2011:0896",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "MDVSA-2011:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:084"
},
{
"name": "[dev] 20110510 Re: Apache Portable Runtime 1.4.4 [...] Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "RHSA-2011:0507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0507.html"
},
{
"name": "SUSE-SU-2011:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "HPSBMU02704",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "SSRT100606",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "[dev] 20110510 Re: fnmatch rewrite in apr, apr 1.4.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:10:16",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "44574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44574"
},
{
"name": "HPSBUX02707",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SSRT100966",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "[dev] 20110511 Re: Apache Portable Runtime 1.4.4 [...] Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "20110512 Multiple Vendors libc/fnmatch(3) DoS (incl apache)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/98"
},
{
"name": "HPSBUX02702",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "HPSBOV02822",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "SSRT100619",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:14804",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxib.net/stuff/apr_fnmatch.txts"
},
{
"name": "oval:org.mitre.oval:def:14638",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638"
},
{
"name": "1025527",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.apache.org/dist/apr/CHANGES-APR-1.4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098799"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029\u0026r2=1098902"
},
{
"name": "8246",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8246"
},
{
"name": "DSA-2237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2237"
},
{
"name": "RHSA-2011:0897",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390"
},
{
"name": "44564",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44564"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "SSRT100626",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "44490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44490"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxib.net/stuff/apache.fnmatch.phps"
},
{
"name": "RHSA-2011:0896",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "MDVSA-2011:084",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:084"
},
{
"name": "[dev] 20110510 Re: Apache Portable Runtime 1.4.4 [...] Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "RHSA-2011:0507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0507.html"
},
{
"name": "SUSE-SU-2011:1229",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "HPSBMU02704",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "SSRT100606",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "[dev] 20110510 Re: fnmatch rewrite in apr, apr 1.4.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-0419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44574"
},
{
"name": "HPSBUX02707",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "SSRT100966",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "[dev] 20110511 Re: Apache Portable Runtime 1.4.4 [...] Released",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/dev@apr.apache.org/msg23976.html"
},
{
"name": "48308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48308"
},
{
"name": "20110512 Multiple Vendors libc/fnmatch(3) DoS (incl apache)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/98"
},
{
"name": "HPSBUX02702",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "HPSBOV02822",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"name": "SSRT100619",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:14804",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22"
},
{
"name": "http://cxib.net/stuff/apr_fnmatch.txts",
"refsource": "MISC",
"url": "http://cxib.net/stuff/apr_fnmatch.txts"
},
{
"name": "oval:org.mitre.oval:def:14638",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638"
},
{
"name": "1025527",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025527"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098188",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098188"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15"
},
{
"name": "http://www.apache.org/dist/apr/CHANGES-APR-1.4",
"refsource": "CONFIRM",
"url": "http://www.apache.org/dist/apr/CHANGES-APR-1.4"
},
{
"name": "http://www.apache.org/dist/apr/Announcement1.x.html",
"refsource": "CONFIRM",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098799",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1098799"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "http://httpd.apache.org/security/vulnerabilities_22.html",
"refsource": "CONFIRM",
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"name": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029\u0026r2=1098902",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029\u0026r2=1098902"
},
{
"name": "8246",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8246"
},
{
"name": "DSA-2237",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2237"
},
{
"name": "RHSA-2011:0897",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=703390",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390"
},
{
"name": "44564",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44564"
},
{
"name": "http://www.apache.org/dist/httpd/Announcement2.2.html",
"refsource": "CONFIRM",
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "SSRT100626",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131731002122529\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "44490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44490"
},
{
"name": "http://cxib.net/stuff/apache.fnmatch.phps",
"refsource": "MISC",
"url": "http://cxib.net/stuff/apache.fnmatch.phps"
},
{
"name": "RHSA-2011:0896",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "MDVSA-2011:084",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:084"
},
{
"name": "[dev] 20110510 Re: Apache Portable Runtime 1.4.4 [...] Released",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/dev@apr.apache.org/msg23961.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "RHSA-2011:0507",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0507.html"
},
{
"name": "SUSE-SU-2011:1229",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"name": "HPSBMU02704",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132033751509019\u0026w=2"
},
{
"name": "SSRT100606",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=131551295528105\u0026w=2"
},
{
"name": "[dev] 20110510 Re: fnmatch rewrite in apr, apr 1.4.3",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/dev@apr.apache.org/msg23960.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [7/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [7/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888222 - in /httpd/site/trunk/content/security/json: CVE-2010-2068.json CVE-2010-2791.json CVE-2011-0419.json CVE-2011-3368.json",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-0419",
"datePublished": "2011-05-16T17:00:00",
"dateReserved": "2011-01-11T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5365 (GCVE-0-2012-5365)
Vulnerability from cvelistv5
Published
2020-02-20 14:20
Modified
2024-08-06 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:46.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"name": "56170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/56170/info"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T14:20:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"name": "56170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/56170/info"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openwall.com/lists/oss-security/2012/10/10/12",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/10/10/12"
},
{
"name": "56170",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/56170/info"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5365",
"datePublished": "2020-02-20T14:20:16",
"dateReserved": "2012-10-10T00:00:00",
"dateUpdated": "2024-08-06T21:05:46.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4352 (GCVE-0-2005-4352)
Vulnerability from cvelistv5
Published
2006-01-09 20:00
Modified
2024-08-07 23:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060109 Time modification flaw in BSD securelevels on NetBSD and Linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/421426/100/0/threaded"
},
{
"name": "20060109 Time modification flaw in BSD securelevels on NetBSD and Linux",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt"
},
{
"name": "bsd-securelevel-settimeofday-bypass(24036)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24036"
},
{
"name": "16170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16170"
},
{
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name": "1015454",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015454"
},
{
"name": "25691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25691"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka \"settimeofday() time wrap.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060109 Time modification flaw in BSD securelevels on NetBSD and Linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/421426/100/0/threaded"
},
{
"name": "20060109 Time modification flaw in BSD securelevels on NetBSD and Linux",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt"
},
{
"name": "bsd-securelevel-settimeofday-bypass(24036)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24036"
},
{
"name": "16170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16170"
},
{
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name": "1015454",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015454"
},
{
"name": "25691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25691"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka \"settimeofday() time wrap.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060109 Time modification flaw in BSD securelevels on NetBSD and Linux",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/421426/100/0/threaded"
},
{
"name": "20060109 Time modification flaw in BSD securelevels on NetBSD and Linux",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html"
},
{
"name": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt",
"refsource": "MISC",
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt"
},
{
"name": "bsd-securelevel-settimeofday-bypass(24036)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24036"
},
{
"name": "16170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16170"
},
{
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name": "1015454",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015454"
},
{
"name": "25691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25691"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4352",
"datePublished": "2006-01-09T20:00:00",
"dateReserved": "2005-12-19T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0381 (GCVE-0-2002-0381)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030604-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I"
},
{
"name": "20020317 TCP Connections to a Broadcast Address on BSD-Based Systems",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/262733"
},
{
"name": "4309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4309"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136\u0026r2=1.137"
},
{
"name": "bsd-broadcast-address(8485)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8485.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109\u0026r2=1.110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022"
},
{
"name": "5308",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-11T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030604-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I"
},
{
"name": "20020317 TCP Connections to a Broadcast Address on BSD-Based Systems",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/262733"
},
{
"name": "4309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4309"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136\u0026r2=1.137"
},
{
"name": "bsd-broadcast-address(8485)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8485.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109\u0026r2=1.110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022"
},
{
"name": "5308",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5308"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030604-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I"
},
{
"name": "20020317 TCP Connections to a Broadcast Address on BSD-Based Systems",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/262733"
},
{
"name": "4309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4309"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136\u0026r2=1.137",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136\u0026r2=1.137"
},
{
"name": "bsd-broadcast-address(8485)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8485.php"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109\u0026r2=1.110",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109\u0026r2=1.110"
},
{
"name": "http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022",
"refsource": "MISC",
"url": "http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022"
},
{
"name": "5308",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5308"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0381",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-17T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1391 (GCVE-0-2008-1391)
Vulnerability from cvelistv5
Published
2008-03-27 17:00
Modified
2024-08-07 08:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28479",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28479"
},
{
"name": "20080327 [securityreason] *BSD libc (strfmon) Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490158/100/0/threaded"
},
{
"name": "ADV-2008-3444",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3444"
},
{
"name": "TA08-350A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
},
{
"name": "bsd-strfmon-overflow(41504)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41504"
},
{
"name": "33179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33179"
},
{
"name": "3770",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3770"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/strfmon.c"
},
{
"name": "20080325 *BSD libc (strfmon) Multiple vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/53"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3338"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "APPLE-SA-2008-12-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
},
{
"name": "1019722",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019722"
},
{
"name": "29574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28479",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28479"
},
{
"name": "20080327 [securityreason] *BSD libc (strfmon) Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490158/100/0/threaded"
},
{
"name": "ADV-2008-3444",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3444"
},
{
"name": "TA08-350A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
},
{
"name": "bsd-strfmon-overflow(41504)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41504"
},
{
"name": "33179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33179"
},
{
"name": "3770",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3770"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/strfmon.c"
},
{
"name": "20080325 *BSD libc (strfmon) Multiple vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/53"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3338"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "APPLE-SA-2008-12-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
},
{
"name": "1019722",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019722"
},
{
"name": "29574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28479",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28479"
},
{
"name": "20080327 [securityreason] *BSD libc (strfmon) Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490158/100/0/threaded"
},
{
"name": "ADV-2008-3444",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3444"
},
{
"name": "TA08-350A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-350A.html"
},
{
"name": "bsd-strfmon-overflow(41504)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41504"
},
{
"name": "33179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33179"
},
{
"name": "3770",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3770"
},
{
"name": "SUSE-SA:2010:052",
"refsource": "SUSE",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/strfmon.c",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/stdlib/strfmon.c"
},
{
"name": "20080325 *BSD libc (strfmon) Multiple vulnerabilities",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/53"
},
{
"name": "http://support.apple.com/kb/HT3338",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3338"
},
{
"name": "DSA-2058",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "APPLE-SA-2008-12-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html"
},
{
"name": "1019722",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019722"
},
{
"name": "29574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1391",
"datePublished": "2008-03-27T17:00:00",
"dateReserved": "2008-03-18T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0730 (GCVE-0-2003-0730)
Vulnerability from cvelistv5
Published
2003-09-03 04:00
Modified
2024-08-08 02:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24168",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24168"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
},
{
"name": "20030830 Multiple integer overflows in XFree86 (local/remote)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106229335312429\u0026w=2"
},
{
"name": "CLA-2004:821",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000821"
},
{
"name": "ADV-2007-0589",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0589"
},
{
"name": "8514",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8514"
},
{
"name": "20031101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc"
},
{
"name": "MDKSA-2003:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:089"
},
{
"name": "RHSA-2003:289",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"name": "102803",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
},
{
"name": "RHSA-2003:287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"name": "RHSA-2003:286",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"name": "24247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24247"
},
{
"name": "NetBSD-SA2003-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc"
},
{
"name": "DSA-380",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-380"
},
{
"name": "RHSA-2003:288",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24168",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24168"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
},
{
"name": "20030830 Multiple integer overflows in XFree86 (local/remote)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106229335312429\u0026w=2"
},
{
"name": "CLA-2004:821",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000821"
},
{
"name": "ADV-2007-0589",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0589"
},
{
"name": "8514",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8514"
},
{
"name": "20031101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc"
},
{
"name": "MDKSA-2003:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:089"
},
{
"name": "RHSA-2003:289",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"name": "102803",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
},
{
"name": "RHSA-2003:287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"name": "RHSA-2003:286",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"name": "24247",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24247"
},
{
"name": "NetBSD-SA2003-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc"
},
{
"name": "DSA-380",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-380"
},
{
"name": "RHSA-2003:288",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24168",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24168"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm"
},
{
"name": "20030830 Multiple integer overflows in XFree86 (local/remote)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106229335312429\u0026w=2"
},
{
"name": "CLA-2004:821",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000821"
},
{
"name": "ADV-2007-0589",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0589"
},
{
"name": "8514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8514"
},
{
"name": "20031101-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc"
},
{
"name": "MDKSA-2003:089",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:089"
},
{
"name": "RHSA-2003:289",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-289.html"
},
{
"name": "102803",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1"
},
{
"name": "RHSA-2003:287",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-287.html"
},
{
"name": "RHSA-2003:286",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-286.html"
},
{
"name": "24247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24247"
},
{
"name": "NetBSD-SA2003-015",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc"
},
{
"name": "DSA-380",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-380"
},
{
"name": "RHSA-2003:288",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-288.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0730",
"datePublished": "2003-09-03T04:00:00",
"dateReserved": "2003-09-02T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0461 (GCVE-0-2000-0461)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000526",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata26.html#semconfig"
},
{
"name": "NetBSD-SA2000-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-004.txt.asc"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1270"
},
{
"name": "FreeBSD-SA-00:19",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:19.semconfig.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000526",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata26.html#semconfig"
},
{
"name": "NetBSD-SA2000-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-004.txt.asc"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1270"
},
{
"name": "FreeBSD-SA-00:19",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:19.semconfig.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000526",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata26.html#semconfig"
},
{
"name": "NetBSD-SA2000-004",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-004.txt.asc"
},
{
"name": "1270",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1270"
},
{
"name": "FreeBSD-SA-00:19",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:19.semconfig.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0461",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1587 (GCVE-0-2006-1587)
Vulnerability from cvelistv5
Published
2006-04-03 10:00
Modified
2024-08-07 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2006-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-007.txt.asc"
},
{
"name": "19465",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19465"
},
{
"name": "1015847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015847"
},
{
"name": "24258",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24258"
},
{
"name": "bsd-mailrc-insecure-permissions(25581)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.6 up to 3.0, when a user has \"set record\" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2006-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-007.txt.asc"
},
{
"name": "19465",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19465"
},
{
"name": "1015847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015847"
},
{
"name": "24258",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24258"
},
{
"name": "bsd-mailrc-insecure-permissions(25581)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25581"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 1.6 up to 3.0, when a user has \"set record\" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2006-007",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-007.txt.asc"
},
{
"name": "19465",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19465"
},
{
"name": "1015847",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015847"
},
{
"name": "24258",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24258"
},
{
"name": "bsd-mailrc-insecure-permissions(25581)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25581"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1587",
"datePublished": "2006-04-03T10:00:00",
"dateReserved": "2006-04-02T00:00:00",
"dateUpdated": "2024-08-07T17:19:48.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1589 (GCVE-0-2006-1589)
Vulnerability from cvelistv5
Published
2006-04-03 10:00
Modified
2024-08-07 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2006-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-008.txt.asc"
},
{
"name": "netbsd-elfloadfile-dos(25690)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25690"
},
{
"name": "1015848",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015848"
},
{
"name": "24576",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24576"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2006-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-008.txt.asc"
},
{
"name": "netbsd-elfloadfile-dos(25690)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25690"
},
{
"name": "1015848",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015848"
},
{
"name": "24576",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24576"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2006-008",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-008.txt.asc"
},
{
"name": "netbsd-elfloadfile-dos(25690)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25690"
},
{
"name": "1015848",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015848"
},
{
"name": "24576",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24576"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1589",
"datePublished": "2006-04-03T10:00:00",
"dateReserved": "2006-04-02T00:00:00",
"dateUpdated": "2024-08-07T17:19:48.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4305 (GCVE-0-2007-4305)
Vulnerability from cvelistv5
Published
2007-08-13 21:00
Modified
2024-08-07 14:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26479"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.watson.org/~robert/2007woot/"
},
{
"name": "25258",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-08-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26479"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.watson.org/~robert/2007woot/"
},
{
"name": "25258",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4305",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26479"
},
{
"name": "http://www.watson.org/~robert/2007woot/",
"refsource": "MISC",
"url": "http://www.watson.org/~robert/2007woot/"
},
{
"name": "25258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4305",
"datePublished": "2007-08-13T21:00:00",
"dateReserved": "2007-08-13T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0466 (GCVE-0-1999-0466)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:45.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/905"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "905",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/905"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "905",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/905"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0466",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:45.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1214 (GCVE-0-1999-1214)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"name": "19970915 Vulnerability in I/O Signal Handling",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"name": "11062",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11062"
},
{
"name": "openbsd-iosig(556)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/556"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"name": "19970915 Vulnerability in I/O Signal Handling",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"name": "11062",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11062"
},
{
"name": "openbsd-iosig(556)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/556"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openbsd.com/advisories/signals.txt",
"refsource": "MISC",
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"name": "19970915 Vulnerability in I/O Signal Handling",
"refsource": "OPENBSD",
"url": "http://www.openbsd.com/advisories/signals.txt"
},
{
"name": "11062",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11062"
},
{
"name": "openbsd-iosig(556)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/556"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1214",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1148 (GCVE-0-2008-1148)
Vulnerability from cvelistv5
Published
2008-03-04 23:00
Modified
2024-08-07 08:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "openbsd-add-weak-security(41157)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41157"
},
{
"name": "28819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28819"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"name": "27647",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka \"Algorithm A0\"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "openbsd-add-weak-security(41157)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41157"
},
{
"name": "28819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28819"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"name": "27647",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka \"Algorithm A0\"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "openbsd-add-weak-security(41157)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41157"
},
{
"name": "28819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28819"
},
{
"name": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf",
"refsource": "MISC",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"name": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"name": "27647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1148",
"datePublished": "2008-03-04T23:00:00",
"dateReserved": "2008-03-04T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6656 (GCVE-0-2006-6656)
Vulnerability from cvelistv5
Published
2006-12-20 02:00
Modified
2024-09-17 03:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2006-025",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"name": "1017292",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017292"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-20T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2006-025",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"name": "1017292",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017292"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2006-025",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"name": "1017292",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017292"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6656",
"datePublished": "2006-12-20T02:00:00Z",
"dateReserved": "2006-12-19T00:00:00Z",
"dateUpdated": "2024-09-17T03:43:24.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3654 (GCVE-0-2007-3654)
Vulnerability from cvelistv5
Published
2007-09-17 17:00
Modified
2024-08-07 14:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25682"
},
{
"name": "1018693",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018693"
},
{
"name": "NetBSD-SA2007-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-006.txt.asc"
},
{
"name": "netbsd-display-driver-dos(36598)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36598"
},
{
"name": "40810",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40810"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25682"
},
{
"name": "1018693",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018693"
},
{
"name": "NetBSD-SA2007-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-006.txt.asc"
},
{
"name": "netbsd-display-driver-dos(36598)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36598"
},
{
"name": "40810",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40810"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25682"
},
{
"name": "1018693",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018693"
},
{
"name": "NetBSD-SA2007-006",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-006.txt.asc"
},
{
"name": "netbsd-display-driver-dos(36598)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36598"
},
{
"name": "40810",
"refsource": "OSVDB",
"url": "http://osvdb.org/40810"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3654",
"datePublished": "2007-09-17T17:00:00",
"dateReserved": "2007-07-10T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4755 (GCVE-0-2010-4755)
Vulnerability from cvelistv5
Published
2011-03-02 19:00
Modified
2024-08-07 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:34.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
},
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "NetBSD-SA2010-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name": "8116",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8116"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
},
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "NetBSD-SA2010-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name": "8116",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8116"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp.c#rev1.21.6.1"
},
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"name": "http://securityreason.com/exploitalert/9223",
"refsource": "MISC",
"url": "http://securityreason.com/exploitalert/9223"
},
{
"name": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1"
},
{
"name": "http://cxib.net/stuff/glob-0day.c",
"refsource": "MISC",
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "NetBSD-SA2010-008",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc"
},
{
"name": "8116",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8116"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4755",
"datePublished": "2011-03-02T19:00:00",
"dateReserved": "2011-03-02T00:00:00",
"dateUpdated": "2024-08-07T03:55:34.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0734 (GCVE-0-2001-0734)
Vulnerability from cvelistv5
Published
2001-10-12 04:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bsd-sh3-sigreturn-privileges(6637)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6637"
},
{
"name": "NetBSD-SA2001-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-008.txt.asc"
},
{
"name": "2810",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2810"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bsd-sh3-sigreturn-privileges(6637)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6637"
},
{
"name": "NetBSD-SA2001-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-008.txt.asc"
},
{
"name": "2810",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2810"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bsd-sh3-sigreturn-privileges(6637)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6637"
},
{
"name": "NetBSD-SA2001-008",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-008.txt.asc"
},
{
"name": "2810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2810"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0734",
"datePublished": "2001-10-12T04:00:00",
"dateReserved": "2001-10-12T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3584 (GCVE-0-2008-3584)
Vulnerability from cvelistv5
Published
2008-09-11 14:00
Modified
2024-08-07 09:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1020749",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020749"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3467"
},
{
"name": "30838",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30838"
},
{
"name": "31597",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31597"
},
{
"name": "netbsd-pppoe-dos(44679)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44679"
},
{
"name": "NetBSD-SA2008-010",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-010.txt.asc"
},
{
"name": "ADV-2009-0633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1020749",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020749"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3467"
},
{
"name": "30838",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30838"
},
{
"name": "31597",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31597"
},
{
"name": "netbsd-pppoe-dos(44679)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44679"
},
{
"name": "NetBSD-SA2008-010",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-010.txt.asc"
},
{
"name": "ADV-2009-0633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3584",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1020749",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020749"
},
{
"name": "http://support.apple.com/kb/HT3467",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3467"
},
{
"name": "30838",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30838"
},
{
"name": "31597",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31597"
},
{
"name": "netbsd-pppoe-dos(44679)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44679"
},
{
"name": "NetBSD-SA2008-010",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-010.txt.asc"
},
{
"name": "ADV-2009-0633",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3584",
"datePublished": "2008-09-11T14:00:00",
"dateReserved": "2008-08-11T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2480 (GCVE-0-2011-2480)
Vulnerability from cvelistv5
Published
2019-11-27 18:53
Modified
2024-08-06 23:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- info disclosure
Summary
Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | FreeBSD, NetBSD | FreeBSD |
Version: before 8.2 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2480"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2011-2480"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160"
},
{
"name": "[oss-security] 20110620 Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2011/06/20/15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FreeBSD",
"vendor": "FreeBSD, NetBSD",
"versions": [
{
"status": "affected",
"version": "before 8.2"
}
]
},
{
"product": "NetBSD",
"vendor": "FreeBSD, NetBSD",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "info disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-27T18:53:37",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2480"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2011-2480"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160"
},
{
"name": "[oss-security] 20110620 Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.openwall.com/lists/oss-security/2011/06/20/15"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2480",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FreeBSD",
"version": {
"version_data": [
{
"version_value": "before 8.2"
}
]
}
},
{
"product_name": "NetBSD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "FreeBSD, NetBSD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "info disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2011-2480",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2480"
},
{
"name": "https://access.redhat.com/security/cve/cve-2011-2480",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2011-2480"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160"
},
{
"name": "[oss-security] 20110620 Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure",
"refsource": "MLIST",
"url": "https://www.openwall.com/lists/oss-security/2011/06/20/15"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2480",
"datePublished": "2019-11-27T18:53:37",
"dateReserved": "2011-06-15T00:00:00",
"dateUpdated": "2024-08-06T23:00:33.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1323 (GCVE-0-2004-1323)
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2004-010",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc"
},
{
"name": "13501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13501/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
},
{
"name": "netbsd-compat-gain-privileges(18564)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2004-010",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc"
},
{
"name": "13501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13501/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
},
{
"name": "netbsd-compat-gain-privileges(18564)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2004-010",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc"
},
{
"name": "13501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13501/"
},
{
"name": "http://gleg.net/advisory_netbsd2.shtml",
"refsource": "MISC",
"url": "http://gleg.net/advisory_netbsd2.shtml"
},
{
"name": "netbsd-compat-gain-privileges(18564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1323",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-06T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0666 (GCVE-0-2002-0666)
Vulnerability from cvelistv5
Published
2002-10-25 04:00
Modified
2024-08-08 02:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"tags": [
"vendor-advisory",
"x_refsource_BINDVIEW",
"x_transferred"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"tags": [
"vendor-advisory",
"x_refsource_BINDVIEW"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"refsource": "BINDVIEW",
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0666",
"datePublished": "2002-10-25T04:00:00",
"dateReserved": "2002-07-08T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0751 (GCVE-0-2000-0751)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-00:40",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"name": "RHSA-2000:050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"name": "20000705 Mopd contained a buffer overflow.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata.html#mopd"
},
{
"name": "1559",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1559"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-00:40",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"name": "RHSA-2000:050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"name": "20000705 Mopd contained a buffer overflow.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata.html#mopd"
},
{
"name": "1559",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1559"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:40",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"name": "RHSA-2000:050",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h",
"refsource": "MISC",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"name": "20000705 Mopd contained a buffer overflow.",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata.html#mopd"
},
{
"name": "1559",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1559"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0751",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-09-19T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0085 (GCVE-0-1999-0085)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "rwhod(119)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119"
},
{
"name": "rwhod-vuln(118)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/118"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "rwhod(119)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119"
},
{
"name": "rwhod-vuln(118)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/118"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "rwhod(119)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119"
},
{
"name": "rwhod-vuln(118)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/118"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0085",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0446 (GCVE-0-1999-0446)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7051",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7051",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7051",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0446",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0997 (GCVE-0-2000-0997)
Vulnerability from cvelistv5
Published
2000-11-29 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:32.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bsd-eeprom-format(5337)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"name": "1752",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1752"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bsd-eeprom-format(5337)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"name": "1752",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1752"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bsd-eeprom-format(5337)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5337"
},
{
"name": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch",
"refsource": "MISC",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"name": "1752",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1752"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0997",
"datePublished": "2000-11-29T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:32.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6014 (GCVE-0-2006-6014)
Vulnerability from cvelistv5
Published
2006-11-21 23:00
Modified
2024-09-16 16:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:12:31.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[current-users] 20061110 [Security Fix] ptrace insufficient bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/current-users/2006/11/10/0000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-11-21T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[current-users] 20061110 [Security Fix] ptrace insufficient bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/current-users/2006/11/10/0000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[current-users] 20061110 [Security Fix] ptrace insufficient bounds checking",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/current-users/2006/11/10/0000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6014",
"datePublished": "2006-11-21T23:00:00Z",
"dateReserved": "2006-11-21T00:00:00Z",
"dateUpdated": "2024-09-16T16:14:05.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0440 (GCVE-0-2000-0440)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:29.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1173",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1173"
},
{
"name": "NetBSD-SA2000-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-002.txt.asc"
},
{
"name": "20000506 [NHC20000504a.0: NetBSD Panics when sent unaligned IP options]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0088.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1173",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1173"
},
{
"name": "NetBSD-SA2000-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-002.txt.asc"
},
{
"name": "20000506 [NHC20000504a.0: NetBSD Panics when sent unaligned IP options]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0088.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1173",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1173"
},
{
"name": "NetBSD-SA2000-002",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-002.txt.asc"
},
{
"name": "20000506 [NHC20000504a.0: NetBSD Panics when sent unaligned IP options]",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0088.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0440",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:21:29.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5218 (GCVE-0-2006-5218)
Vulnerability from cvelistv5
Published
2006-10-09 22:00
Modified
2024-08-07 19:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openbsd-systracepreprepl-integer-overflow(29392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29392"
},
{
"name": "29570",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29570"
},
{
"name": "22324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22324"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2006-003.html"
},
{
"name": "20392",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20392"
},
{
"name": "1017009",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017009"
},
{
"name": "[3.9] 20061007 014: SECURITY FIX: October 7, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://openbsd.org/errata.html#systrace"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openbsd-systracepreprepl-integer-overflow(29392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29392"
},
{
"name": "29570",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29570"
},
{
"name": "22324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22324"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2006-003.html"
},
{
"name": "20392",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20392"
},
{
"name": "1017009",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017009"
},
{
"name": "[3.9] 20061007 014: SECURITY FIX: October 7, 2006",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://openbsd.org/errata.html#systrace"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openbsd-systracepreprepl-integer-overflow(29392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29392"
},
{
"name": "29570",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29570"
},
{
"name": "22324",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22324"
},
{
"name": "http://scary.beasts.org/security/CESA-2006-003.html",
"refsource": "MISC",
"url": "http://scary.beasts.org/security/CESA-2006-003.html"
},
{
"name": "20392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20392"
},
{
"name": "1017009",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017009"
},
{
"name": "[3.9] 20061007 014: SECURITY FIX: October 7, 2006",
"refsource": "OPENBSD",
"url": "http://openbsd.org/errata.html#systrace"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5218",
"datePublished": "2006-10-09T22:00:00",
"dateReserved": "2006-10-09T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0993 (GCVE-0-2000-0993)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:32.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001004 Re: OpenBSD Security Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97068555106135\u0026w=2"
},
{
"name": "1744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1744"
},
{
"name": "20001003 A format string vulnerability exists in the pw_error(3) function.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata27.html#pw_error"
},
{
"name": "NetBSD-SA2000-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc"
},
{
"name": "FreeBSD-SA-00:58",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc"
},
{
"name": "bsd-libutil-format(5339)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5339"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001004 Re: OpenBSD Security Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97068555106135\u0026w=2"
},
{
"name": "1744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1744"
},
{
"name": "20001003 A format string vulnerability exists in the pw_error(3) function.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata27.html#pw_error"
},
{
"name": "NetBSD-SA2000-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc"
},
{
"name": "FreeBSD-SA-00:58",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc"
},
{
"name": "bsd-libutil-format(5339)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5339"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001004 Re: OpenBSD Security Advisory",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97068555106135\u0026w=2"
},
{
"name": "1744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1744"
},
{
"name": "20001003 A format string vulnerability exists in the pw_error(3) function.",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata27.html#pw_error"
},
{
"name": "NetBSD-SA2000-015",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc"
},
{
"name": "FreeBSD-SA-00:58",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc"
},
{
"name": "bsd-libutil-format(5339)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5339"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0993",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:32.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0015 (GCVE-0-1999-0015)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Teardrop IP denial of service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5579",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5579"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Teardrop IP denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5579",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5579"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Teardrop IP denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:5579",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5579"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0015",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0687 (GCVE-0-2009-0687)
Vulnerability from cvelistv5
Published
2009-08-11 10:00
Modified
2024-08-07 04:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/53608"
},
{
"name": "[4.3] 013: RELIABILITY FIX: April 11, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata43.html#013_pf"
},
{
"name": "NetBSD-SA2009-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-001.txt.asc"
},
{
"name": "8406",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8406"
},
{
"name": "openbsd-packetfilter-dos(49837)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49837"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt"
},
{
"name": "20090413 OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502634"
},
{
"name": "8581",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8581"
},
{
"name": "[4.4] 013: RELIABILITY FIX: April 11, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata44.html#013_pf"
},
{
"name": "ADV-2009-1015",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch"
},
{
"name": "[4.5] 002: RELIABILITY FIX: April 11, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata45.html#002_pf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "53608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/53608"
},
{
"name": "[4.3] 013: RELIABILITY FIX: April 11, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata43.html#013_pf"
},
{
"name": "NetBSD-SA2009-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-001.txt.asc"
},
{
"name": "8406",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8406"
},
{
"name": "openbsd-packetfilter-dos(49837)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49837"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt"
},
{
"name": "20090413 OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502634"
},
{
"name": "8581",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8581"
},
{
"name": "[4.4] 013: RELIABILITY FIX: April 11, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata44.html#013_pf"
},
{
"name": "ADV-2009-1015",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch"
},
{
"name": "[4.5] 002: RELIABILITY FIX: April 11, 2009",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata45.html#002_pf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-0687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53608",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/53608"
},
{
"name": "[4.3] 013: RELIABILITY FIX: April 11, 2009",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata43.html#013_pf"
},
{
"name": "NetBSD-SA2009-001",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-001.txt.asc"
},
{
"name": "8406",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8406"
},
{
"name": "openbsd-packetfilter-dos(49837)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49837"
},
{
"name": "http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt",
"refsource": "MISC",
"url": "http://www.helith.net/txt/multiple_vendor-PF_null_pointer_dereference.txt"
},
{
"name": "20090413 OpenBSD 4.3 up to OpenBSD-current: PF null pointer dereference - remote DoS (kernel panic)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502634"
},
{
"name": "8581",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8581"
},
{
"name": "[4.4] 013: RELIABILITY FIX: April 11, 2009",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata44.html#013_pf"
},
{
"name": "ADV-2009-1015",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1015"
},
{
"name": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch",
"refsource": "MISC",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/013_pf.patch"
},
{
"name": "[4.5] 002: RELIABILITY FIX: April 11, 2009",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata45.html#002_pf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-0687",
"datePublished": "2009-08-11T10:00:00",
"dateReserved": "2009-02-22T00:00:00",
"dateUpdated": "2024-08-07T04:40:05.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0710 (GCVE-0-2001-0710)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bsd-ip-fragments-dos(6636)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6636"
},
{
"name": "2799",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2799"
},
{
"name": "NetBSD-SA2001-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc"
},
{
"name": "FreeBSD-SA-01:52",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bsd-ip-fragments-dos(6636)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6636"
},
{
"name": "2799",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2799"
},
{
"name": "NetBSD-SA2001-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc"
},
{
"name": "FreeBSD-SA-01:52",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bsd-ip-fragments-dos(6636)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6636"
},
{
"name": "2799",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2799"
},
{
"name": "NetBSD-SA2001-006",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc"
},
{
"name": "FreeBSD-SA-01:52",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:52.fragment.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0710",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-29T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1145 (GCVE-0-2001-1145)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:08.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-01:40",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc"
},
{
"name": "5466",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5466"
},
{
"name": "3205",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3205"
},
{
"name": "20010530 029: SECURITY FIX: May 30, 2001",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata28.html"
},
{
"name": "NetBSD-SA2001-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html"
},
{
"name": "bsd-fts-race-condition(8715)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8715.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-01:40",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc"
},
{
"name": "5466",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5466"
},
{
"name": "3205",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3205"
},
{
"name": "20010530 029: SECURITY FIX: May 30, 2001",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata28.html"
},
{
"name": "NetBSD-SA2001-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html"
},
{
"name": "bsd-fts-race-condition(8715)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8715.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-01:40",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc"
},
{
"name": "5466",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5466"
},
{
"name": "3205",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3205"
},
{
"name": "20010530 029: SECURITY FIX: May 30, 2001",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata28.html"
},
{
"name": "NetBSD-SA2001-016",
"refsource": "NETBSD",
"url": "http://archives.neohapsis.com/archives/netbsd/2001-q3/0204.html"
},
{
"name": "bsd-fts-race-condition(8715)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8715.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1145",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:08.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0011 (GCVE-0-1999-0011)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2025-04-09 18:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"tags": [
"vendor-advisory",
"x_refsource_SUN",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-1999-0011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T18:22:05.623556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1067",
"description": "CWE-1067 Excessive Execution of Sequential Searches of Data Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T18:29:26.012Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"tags": [
"vendor-advisory",
"x_refsource_SUN"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980603-01-PX",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "HPSBUX9808-083",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0011",
"datePublished": "1999-09-29T04:00:00.000Z",
"dateReserved": "1999-06-07T00:00:00.000Z",
"dateUpdated": "2025-04-09T18:29:26.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1518 (GCVE-0-1999-1518)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/526"
},
{
"name": "19990715 Shared memory DoS\u0027s",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93207728118694\u0026w=2"
},
{
"name": "bsd-shared-memory-dos(2351)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2351"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/526"
},
{
"name": "19990715 Shared memory DoS\u0027s",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93207728118694\u0026w=2"
},
{
"name": "bsd-shared-memory-dos(2351)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2351"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/526"
},
{
"name": "19990715 Shared memory DoS\u0027s",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=93207728118694\u0026w=2"
},
{
"name": "bsd-shared-memory-dos(2351)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2351"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1518",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6387 (GCVE-0-2024-6387)
Vulnerability from cvelistv5
Published
2024-07-01 12:37
Modified
2025-07-24 13:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-364 - Signal Handler Race Condition
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► |
Version: 8.5p1 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6387",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T13:18:34.695298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T13:18:46.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-24T18:35:27.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
},
{
"url": "https://www.exploit-db.com/exploits/52269"
},
{
"url": "https://packetstorm.news/files/id/190587/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
},
{
"name": "RHSA-2024:4312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"name": "RHSA-2024:4340",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"name": "RHSA-2024:4389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"name": "RHSA-2024:4469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"name": "RHSA-2024:4474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"name": "RHSA-2024:4479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"name": "RHSA-2024:4484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
},
{
"name": "RHBZ#2294604",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"tags": [
"x_transferred"
],
"url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
},
{
"tags": [
"x_transferred"
],
"url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/AlmaLinux/updates/issues/629"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/4379"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/azurelinux/issues/9555"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oracle/oracle-linux/issues/149"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rapier1/hpn-ssh/issues/87"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/zgzhang/cve-2024-6387-poc"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=40843778"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
},
{
"tags": [
"x_transferred"
],
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
},
{
"tags": [
"x_transferred"
],
"url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2024-6387"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-6859-1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214119"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214118"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214120"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/20"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/18"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jul/19"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.openssh.com/",
"defaultStatus": "unaffected",
"packageName": "OpenSSH",
"repo": "https://anongit.mindrot.org/openssh.git",
"versions": [
{
"lessThanOrEqual": "9.7p1",
"status": "affected",
"version": "8.5p1",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-38.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-38.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream",
"cpe:/o:redhat:rhel_e4s:9.0::baseos"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-12.el9_0.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.2::baseos",
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.7p1-30.el9_2.4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8",
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "413.92.202407091321-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9",
"cpe:/a:redhat:openshift:4.14::el8"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "414.92.202407091253-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9",
"cpe:/a:redhat:openshift:4.15::el8"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "415.92.202407091355-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "rhcos",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "416.94.202407081958-0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:5"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 5",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:6"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ceph_storage:7"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Ceph Storage 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "openssh",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue."
}
],
"datePublic": "2024-07-01T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-364",
"description": "Signal Handler Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T13:11:10.801Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:4312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4312"
},
{
"name": "RHSA-2024:4340",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4340"
},
{
"name": "RHSA-2024:4389",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4389"
},
{
"name": "RHSA-2024:4469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4469"
},
{
"name": "RHSA-2024:4474",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4474"
},
{
"name": "RHSA-2024:4479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4479"
},
{
"name": "RHSA-2024:4484",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4484"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-6387"
},
{
"name": "RHBZ#2294604",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
},
{
"url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
},
{
"url": "https://www.openssh.com/txt/release-9.8"
},
{
"url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-27T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-07-01T08:00:00+00:00",
"value": "Made public."
}
],
"title": "Openssh: regresshion - race condition in ssh allows rce/dos",
"workarounds": [
{
"lang": "en",
"value": "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed."
}
],
"x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-6387",
"datePublished": "2024-07-01T12:37:25.431Z",
"dateReserved": "2024-06-27T13:41:03.421Z",
"dateUpdated": "2025-07-24T13:11:10.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6754 (GCVE-0-2007-6754)
Vulnerability from cvelistv5
Published
2012-07-25 19:00
Modified
2024-08-07 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to "integer rounding and overflow" errors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=167872"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to \"integer rounding and overflow\" errors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-03T16:14:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=167872"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to \"integer rounding and overflow\" errors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://svnweb.freebsd.org/base?view=revision\u0026revision=167872",
"refsource": "CONFIRM",
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=167872"
},
{
"name": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/",
"refsource": "MISC",
"url": "http://kqueue.org/blog/2012/03/05/memory-allocator-security-revisited/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6754",
"datePublished": "2012-07-25T19:00:00",
"dateReserved": "2012-07-25T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3014 (GCVE-0-2010-3014)
Vulnerability from cvelistv5
Published
2010-08-20 19:00
Modified
2024-08-07 02:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15\u0026r2=1.16\u0026only_with_tag=MAIN"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vsecurity.com/resources/advisory/20100816-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.freebsd.org/viewvc/base?view=revision\u0026revision=210997"
},
{
"name": "20100816 CVE-2010-3014: Coda Filesystem Kernel Memory Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/513151/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15\u0026r2=1.16\u0026only_with_tag=MAIN"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vsecurity.com/resources/advisory/20100816-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.freebsd.org/viewvc/base?view=revision\u0026revision=210997"
},
{
"name": "20100816 CVE-2010-3014: Coda Filesystem Kernel Memory Disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/513151/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15\u0026r2=1.16\u0026only_with_tag=MAIN",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15\u0026r2=1.16\u0026only_with_tag=MAIN"
},
{
"name": "http://www.vsecurity.com/resources/advisory/20100816-1/",
"refsource": "MISC",
"url": "http://www.vsecurity.com/resources/advisory/20100816-1/"
},
{
"name": "http://svn.freebsd.org/viewvc/base?view=revision\u0026revision=210997",
"refsource": "CONFIRM",
"url": "http://svn.freebsd.org/viewvc/base?view=revision\u0026revision=210997"
},
{
"name": "20100816 CVE-2010-3014: Coda Filesystem Kernel Memory Disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513151/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3014",
"datePublished": "2010-08-20T19:00:00",
"dateReserved": "2010-08-16T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6657 (GCVE-0-2006-6657)
Vulnerability from cvelistv5
Published
2006-12-20 02:00
Modified
2024-09-16 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2006-025",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"name": "1017292",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017292"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-20T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2006-025",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"name": "1017292",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017292"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2006-025",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-025.txt.asc"
},
{
"name": "1017292",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017292"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6657",
"datePublished": "2006-12-20T02:00:00Z",
"dateReserved": "2006-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T18:24:43.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45489 (GCVE-0-2021-45489)
Vulnerability from cvelistv5
Published
2021-12-25 01:03
Modified
2024-08-04 04:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-25T01:03:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://arxiv.org/pdf/2112.09604.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"name": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc",
"refsource": "MISC",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45489",
"datePublished": "2021-12-25T01:03:41",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:39:21.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0689 (GCVE-0-2009-0689)
Vulnerability from cvelistv5
Published
2009-07-01 12:26
Modified
2024-08-07 04:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-35/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516862"
},
{
"name": "20090625 Multiple Vendors libc/gdtoa printf(3) Array Overrun",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/63"
},
{
"name": "20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507979/100/0/threaded"
},
{
"name": "20091211 Thunderbird 2.0.0.23 (lib) Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/78"
},
{
"name": "RHSA-2010:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
},
{
"name": "20091211 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/75"
},
{
"name": "MDVSA-2009:330",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
},
{
"name": "39001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39001"
},
{
"name": "SUSE-SR:2009:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507977/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4225"
},
{
"name": "20091120 Opera 10.01 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/73"
},
{
"name": "20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/72"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-59.html"
},
{
"name": "ADV-2010-0094",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0094"
},
{
"name": "ADV-2010-0648",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0648"
},
{
"name": "ADV-2010-0650",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0650"
},
{
"name": "272909",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1"
},
{
"name": "ADV-2009-3299",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3299"
},
{
"name": "RHSA-2009:1601",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1601.html"
},
{
"name": "20091210 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508423/100/0/threaded"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "[debian-lts-announce] 20181101 [SECURITY] [DLA 1564-1] mono security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html"
},
{
"name": "SUSE-SR:2010:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"name": "RHSA-2014:0312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0312.html"
},
{
"name": "37683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37683"
},
{
"name": "38977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38977"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.opera.com/support/kb/view/942/"
},
{
"name": "20091030 Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/69"
},
{
"name": "RHSA-2010:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516396"
},
{
"name": "oval:org.mitre.oval:def:6528",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528"
},
{
"name": "37682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37682"
},
{
"name": "oval:org.mitre.oval:def:9541",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541"
},
{
"name": "38066",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38066"
},
{
"name": "USN-915-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-915-1"
},
{
"name": "20091210 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508417/100/0/threaded"
},
{
"name": "RHSA-2014:0311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0311.html"
},
{
"name": "ADV-2009-3297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3297"
},
{
"name": "20091211 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/76"
},
{
"name": "37431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37431"
},
{
"name": "20100108 MacOS X 10.5/10.6 libc/strtod(3) buffer overflow",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/81"
},
{
"name": "20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/71"
},
{
"name": "1022478",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022478"
},
{
"name": "APPLE-SA-2010-06-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c"
},
{
"name": "ADV-2009-3334",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3334"
},
{
"name": "20091211 Sunbird 0.9 Array Overrun (code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/77"
},
{
"name": "MDVSA-2009:294",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:294"
},
{
"name": "35510",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35510"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-02T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-35/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516862"
},
{
"name": "20090625 Multiple Vendors libc/gdtoa printf(3) Array Overrun",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/63"
},
{
"name": "20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507979/100/0/threaded"
},
{
"name": "20091211 Thunderbird 2.0.0.23 (lib) Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/78"
},
{
"name": "RHSA-2010:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
},
{
"name": "20091211 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/75"
},
{
"name": "MDVSA-2009:330",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
},
{
"name": "39001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39001"
},
{
"name": "SUSE-SR:2009:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507977/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4225"
},
{
"name": "20091120 Opera 10.01 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/73"
},
{
"name": "20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/72"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-59.html"
},
{
"name": "ADV-2010-0094",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0094"
},
{
"name": "ADV-2010-0648",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0648"
},
{
"name": "ADV-2010-0650",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0650"
},
{
"name": "272909",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1"
},
{
"name": "ADV-2009-3299",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3299"
},
{
"name": "RHSA-2009:1601",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1601.html"
},
{
"name": "20091210 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508423/100/0/threaded"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "[debian-lts-announce] 20181101 [SECURITY] [DLA 1564-1] mono security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html"
},
{
"name": "SUSE-SR:2010:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"name": "RHSA-2014:0312",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0312.html"
},
{
"name": "37683",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37683"
},
{
"name": "38977",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38977"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.opera.com/support/kb/view/942/"
},
{
"name": "20091030 Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/69"
},
{
"name": "RHSA-2010:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516396"
},
{
"name": "oval:org.mitre.oval:def:6528",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528"
},
{
"name": "37682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37682"
},
{
"name": "oval:org.mitre.oval:def:9541",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541"
},
{
"name": "38066",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38066"
},
{
"name": "USN-915-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-915-1"
},
{
"name": "20091210 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508417/100/0/threaded"
},
{
"name": "RHSA-2014:0311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0311.html"
},
{
"name": "ADV-2009-3297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3297"
},
{
"name": "20091211 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/76"
},
{
"name": "37431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37431"
},
{
"name": "20100108 MacOS X 10.5/10.6 libc/strtod(3) buffer overflow",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/81"
},
{
"name": "20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/71"
},
{
"name": "1022478",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022478"
},
{
"name": "APPLE-SA-2010-06-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c"
},
{
"name": "ADV-2009-3334",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3334"
},
{
"name": "20091211 Sunbird 0.9 Array Overrun (code execution)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/77"
},
{
"name": "MDVSA-2009:294",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:294"
},
{
"name": "35510",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35510"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-0689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gdtoa/gdtoaimp.h"
},
{
"name": "http://secunia.com/secunia_research/2009-35/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-35/"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=516862",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516862"
},
{
"name": "20090625 Multiple Vendors libc/gdtoa printf(3) Array Overrun",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/63"
},
{
"name": "20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507979/100/0/threaded"
},
{
"name": "20091211 Thunderbird 2.0.0.23 (lib) Remote Array Overrun (Arbitrary code execution)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/78"
},
{
"name": "RHSA-2010:0153",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
},
{
"name": "20091211 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/75"
},
{
"name": "MDVSA-2009:330",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:330"
},
{
"name": "39001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39001"
},
{
"name": "SUSE-SR:2009:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
},
{
"name": "20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507977/100/0/threaded"
},
{
"name": "http://support.apple.com/kb/HT4225",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4225"
},
{
"name": "20091120 Opera 10.01 Remote Array Overrun (Arbitrary code execution)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/73"
},
{
"name": "20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/72"
},
{
"name": "http://www.mozilla.org/security/announce/2009/mfsa2009-59.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2009/mfsa2009-59.html"
},
{
"name": "ADV-2010-0094",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0094"
},
{
"name": "ADV-2010-0648",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0648"
},
{
"name": "ADV-2010-0650",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0650"
},
{
"name": "272909",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1"
},
{
"name": "ADV-2009-3299",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3299"
},
{
"name": "RHSA-2009:1601",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1601.html"
},
{
"name": "20091210 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508423/100/0/threaded"
},
{
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "[debian-lts-announce] 20181101 [SECURITY] [DLA 1564-1] mono security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html"
},
{
"name": "SUSE-SR:2010:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"name": "RHSA-2014:0312",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0312.html"
},
{
"name": "37683",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37683"
},
{
"name": "38977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38977"
},
{
"name": "http://www.opera.com/support/kb/view/942/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/942/"
},
{
"name": "20091030 Multiple BSD printf(1) and multiple dtoa/*printf(3) vulnerabilities",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/69"
},
{
"name": "RHSA-2010:0154",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=516396",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=516396"
},
{
"name": "oval:org.mitre.oval:def:6528",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528"
},
{
"name": "37682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37682"
},
{
"name": "oval:org.mitre.oval:def:9541",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541"
},
{
"name": "38066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38066"
},
{
"name": "USN-915-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-915-1"
},
{
"name": "20091210 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508417/100/0/threaded"
},
{
"name": "RHSA-2014:0311",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0311.html"
},
{
"name": "ADV-2009-3297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3297"
},
{
"name": "20091211 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/76"
},
{
"name": "37431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37431"
},
{
"name": "20100108 MacOS X 10.5/10.6 libc/strtod(3) buffer overflow",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/81"
},
{
"name": "20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/71"
},
{
"name": "1022478",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022478"
},
{
"name": "APPLE-SA-2010-06-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gdtoa/misc.c"
},
{
"name": "ADV-2009-3334",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3334"
},
{
"name": "20091211 Sunbird 0.9 Array Overrun (code execution)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/77"
},
{
"name": "MDVSA-2009:294",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:294"
},
{
"name": "35510",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35510"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-0689",
"datePublished": "2009-07-01T12:26:00",
"dateReserved": "2009-02-22T00:00:00",
"dateUpdated": "2024-08-07T04:40:05.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0601 (GCVE-0-2009-0601)
Vulnerability from cvelistv5
Published
2009-02-16 20:00
Modified
2024-08-07 04:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090312 rPSA-2009-0040-1 tshark wireshark",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501763/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3150"
},
{
"name": "33690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33690"
},
{
"name": "SUSE-SR:2009:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"name": "1021697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021697"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2984"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0040"
},
{
"name": "ADV-2009-0370",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0370"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2009-01.html"
},
{
"name": "34264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090312 rPSA-2009-0040-1 tshark wireshark",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501763/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3150"
},
{
"name": "33690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33690"
},
{
"name": "SUSE-SR:2009:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"name": "1021697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021697"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2984"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0040"
},
{
"name": "ADV-2009-0370",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0370"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2009-01.html"
},
{
"name": "34264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090312 rPSA-2009-0040-1 tshark wireshark",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501763/100/0/threaded"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3150",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3150"
},
{
"name": "33690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33690"
},
{
"name": "SUSE-SR:2009:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"name": "1021697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021697"
},
{
"name": "https://issues.rpath.com/browse/RPL-2984",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2984"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0040",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0040"
},
{
"name": "ADV-2009-0370",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0370"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2009-01.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2009-01.html"
},
{
"name": "34264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0601",
"datePublished": "2009-02-16T20:00:00",
"dateReserved": "2009-02-16T00:00:00",
"dateUpdated": "2024-08-07T04:40:05.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0466 (GCVE-0-2003-0466)
Vulnerability from cvelistv5
Published
2003-08-01 04:00
Modified
2024-08-08 01:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:58:10.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106002488209129\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt"
},
{
"name": "9446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9446"
},
{
"name": "6602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6602"
},
{
"name": "oval:org.mitre.oval:def:1970",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970"
},
{
"name": "20060213 Latest wu-ftpd exploit :-s",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424852/100/0/threaded"
},
{
"name": "8315",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8315"
},
{
"name": "9423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9423"
},
{
"name": "20030731 wu-ftpd fb_realpath() off-by-one bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105967301604815\u0026w=2"
},
{
"name": "20030731 wu-ftpd fb_realpath() off-by-one bug",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html"
},
{
"name": "IMNX-2003-7+-019-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01"
},
{
"name": "RHSA-2003:246",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-246.html"
},
{
"name": "20060214 Re: Latest wu-ftpd exploit :-s",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/425061/100/0/threaded"
},
{
"name": "VU#743092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/743092"
},
{
"name": "RHSA-2003:245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-245.html"
},
{
"name": "SuSE-SA:2003:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html"
},
{
"name": "1001257",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1"
},
{
"name": "DSA-357",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-357"
},
{
"name": "20030804 wu-ftpd-2.6.2 off-by-one remote exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001702232325\u0026w=2"
},
{
"name": "1007380",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1007380"
},
{
"name": "MDKSA-2003:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:080"
},
{
"name": "libc-realpath-offbyone-bo(12785)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12785"
},
{
"name": "FreeBSD-SA-03:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001410028809\u0026w=2"
},
{
"name": "TLSA-2003-46",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-46.txt"
},
{
"name": "NetBSD-SA2003-011.txt.asc",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc"
},
{
"name": "9535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9535"
},
{
"name": "9447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106002488209129\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt"
},
{
"name": "9446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9446"
},
{
"name": "6602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6602"
},
{
"name": "oval:org.mitre.oval:def:1970",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970"
},
{
"name": "20060213 Latest wu-ftpd exploit :-s",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424852/100/0/threaded"
},
{
"name": "8315",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8315"
},
{
"name": "9423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9423"
},
{
"name": "20030731 wu-ftpd fb_realpath() off-by-one bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105967301604815\u0026w=2"
},
{
"name": "20030731 wu-ftpd fb_realpath() off-by-one bug",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html"
},
{
"name": "IMNX-2003-7+-019-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01"
},
{
"name": "RHSA-2003:246",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-246.html"
},
{
"name": "20060214 Re: Latest wu-ftpd exploit :-s",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/425061/100/0/threaded"
},
{
"name": "VU#743092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/743092"
},
{
"name": "RHSA-2003:245",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-245.html"
},
{
"name": "SuSE-SA:2003:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html"
},
{
"name": "1001257",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1"
},
{
"name": "DSA-357",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-357"
},
{
"name": "20030804 wu-ftpd-2.6.2 off-by-one remote exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001702232325\u0026w=2"
},
{
"name": "1007380",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1007380"
},
{
"name": "MDKSA-2003:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:080"
},
{
"name": "libc-realpath-offbyone-bo(12785)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12785"
},
{
"name": "FreeBSD-SA-03:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106001410028809\u0026w=2"
},
{
"name": "TLSA-2003-46",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-46.txt"
},
{
"name": "NetBSD-SA2003-011.txt.asc",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc"
},
{
"name": "9535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9535"
},
{
"name": "9447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9447"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106002488209129\u0026w=2"
},
{
"name": "http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt",
"refsource": "MISC",
"url": "http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt"
},
{
"name": "9446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9446"
},
{
"name": "6602",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6602"
},
{
"name": "oval:org.mitre.oval:def:1970",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970"
},
{
"name": "20060213 Latest wu-ftpd exploit :-s",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424852/100/0/threaded"
},
{
"name": "8315",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8315"
},
{
"name": "9423",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9423"
},
{
"name": "20030731 wu-ftpd fb_realpath() off-by-one bug",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105967301604815\u0026w=2"
},
{
"name": "20030731 wu-ftpd fb_realpath() off-by-one bug",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html"
},
{
"name": "IMNX-2003-7+-019-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01"
},
{
"name": "RHSA-2003:246",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-246.html"
},
{
"name": "20060214 Re: Latest wu-ftpd exploit :-s",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/425061/100/0/threaded"
},
{
"name": "VU#743092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/743092"
},
{
"name": "RHSA-2003:245",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-245.html"
},
{
"name": "SuSE-SA:2003:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html"
},
{
"name": "1001257",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1"
},
{
"name": "DSA-357",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-357"
},
{
"name": "20030804 wu-ftpd-2.6.2 off-by-one remote exploit.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106001702232325\u0026w=2"
},
{
"name": "1007380",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1007380"
},
{
"name": "MDKSA-2003:080",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:080"
},
{
"name": "libc-realpath-offbyone-bo(12785)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12785"
},
{
"name": "FreeBSD-SA-03:08",
"refsource": "FREEBSD",
"url": "http://marc.info/?l=bugtraq\u0026m=106001410028809\u0026w=2"
},
{
"name": "TLSA-2003-46",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/security/TLSA-2003-46.txt"
},
{
"name": "NetBSD-SA2003-011.txt.asc",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc"
},
{
"name": "9535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9535"
},
{
"name": "9447",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9447"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0466",
"datePublished": "2003-08-01T04:00:00",
"dateReserved": "2003-06-26T00:00:00",
"dateUpdated": "2024-08-08T01:58:10.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1165 (GCVE-0-2002-1165)
Vulnerability from cvelistv5
Published
2002-10-03 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "CLA-2002:532",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000532"
},
{
"name": "NetBSD-SA2002-023",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc"
},
{
"name": "20021001 iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103350914307274\u0026w=2"
},
{
"name": "sendmail-forward-bypass-smrsh(10232)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10232.php"
},
{
"name": "MDKSA-2002:083",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:083"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/smrsh.adv.txt"
},
{
"name": "5845",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5845"
},
{
"name": "7826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sendmail Consortium\u0027s Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) \"||\" sequences or (2) \"/\" characters, which are not properly filtered or verified."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-17T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "CLA-2002:532",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000532"
},
{
"name": "NetBSD-SA2002-023",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc"
},
{
"name": "20021001 iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103350914307274\u0026w=2"
},
{
"name": "sendmail-forward-bypass-smrsh(10232)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10232.php"
},
{
"name": "MDKSA-2002:083",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:083"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/smrsh.adv.txt"
},
{
"name": "5845",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5845"
},
{
"name": "7826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7826"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1165",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail Consortium\u0027s Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) \"||\" sequences or (2) \"/\" characters, which are not properly filtered or verified."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "CLA-2002:532",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000532"
},
{
"name": "NetBSD-SA2002-023",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc"
},
{
"name": "20021001 iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103350914307274\u0026w=2"
},
{
"name": "sendmail-forward-bypass-smrsh(10232)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10232.php"
},
{
"name": "MDKSA-2002:083",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2002:083"
},
{
"name": "http://www.sendmail.org/smrsh.adv.txt",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/smrsh.adv.txt"
},
{
"name": "5845",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5845"
},
{
"name": "7826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7826"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1165",
"datePublished": "2002-10-03T04:00:00",
"dateReserved": "2002-09-27T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1814 (GCVE-0-2006-1814)
Vulnerability from cvelistv5
Published
2006-04-18 10:00
Modified
2024-08-07 17:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:27:28.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015909"
},
{
"name": "24579",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24579"
},
{
"name": "bsd-sysctl-dos(25764)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25764"
},
{
"name": "17498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17498"
},
{
"name": "NetBSD-SA2006-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-013.txt.asc"
},
{
"name": "19616",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19616"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015909"
},
{
"name": "24579",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24579"
},
{
"name": "bsd-sysctl-dos(25764)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25764"
},
{
"name": "17498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17498"
},
{
"name": "NetBSD-SA2006-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-013.txt.asc"
},
{
"name": "19616",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19616"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015909",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015909"
},
{
"name": "24579",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24579"
},
{
"name": "bsd-sysctl-dos(25764)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25764"
},
{
"name": "17498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17498"
},
{
"name": "NetBSD-SA2006-013",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-013.txt.asc"
},
{
"name": "19616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19616"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1814",
"datePublished": "2006-04-18T10:00:00",
"dateReserved": "2006-04-17T00:00:00",
"dateUpdated": "2024-08-07T17:27:28.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0017 (GCVE-0-1999-0017)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:25:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0017",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0554 (GCVE-0-2001-0554)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:38.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2001:413",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000413"
},
{
"name": "MDKSA-2001:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3"
},
{
"name": "L-131",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/l-131.shtml"
},
{
"name": "SSRT0745U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml"
},
{
"name": "telnetd-option-telrcv-bo(6875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875"
},
{
"name": "809",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/809"
},
{
"name": "MSS-OAR-E01-2001:298",
"tags": [
"vendor-advisory",
"x_refsource_IBM",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3476"
},
{
"name": "20010725 Telnetd AYT overflow scanner",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/199496"
},
{
"name": "20010810 ADV/EXP: netkit \u003c=0.17 in.telnetd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/203000"
},
{
"name": "3064",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3064"
},
{
"name": "RHSA-2001:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-100.html"
},
{
"name": "SuSE-SA:2001:029",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html"
},
{
"name": "CSSA-2001-SCO.10",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt"
},
{
"name": "RHSA-2001:099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-099.html"
},
{
"name": "20020129 Cisco CatOS Telnet Buffer Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml"
},
{
"name": "HPSBUX0110-172",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html"
},
{
"name": "DSA-075",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2001/dsa-075"
},
{
"name": "20010718 multiple vendor telnet daemon vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/197804"
},
{
"name": "CA-2001-21",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2001-21.html"
},
{
"name": "FreeBSD-SA-01:49",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc"
},
{
"name": "CSSA-2001-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt"
},
{
"name": "DSA-070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2001/dsa-070"
},
{
"name": "20010725 SCO - Telnetd AYT overflow ?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/199541"
},
{
"name": "20010801-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P"
},
{
"name": "NetBSD-SA2001-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2001:413",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000413"
},
{
"name": "MDKSA-2001:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3"
},
{
"name": "L-131",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/l-131.shtml"
},
{
"name": "SSRT0745U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml"
},
{
"name": "telnetd-option-telrcv-bo(6875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875"
},
{
"name": "809",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/809"
},
{
"name": "MSS-OAR-E01-2001:298",
"tags": [
"vendor-advisory",
"x_refsource_IBM"
],
"url": "http://online.securityfocus.com/advisories/3476"
},
{
"name": "20010725 Telnetd AYT overflow scanner",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/199496"
},
{
"name": "20010810 ADV/EXP: netkit \u003c=0.17 in.telnetd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/203000"
},
{
"name": "3064",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3064"
},
{
"name": "RHSA-2001:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-100.html"
},
{
"name": "SuSE-SA:2001:029",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html"
},
{
"name": "CSSA-2001-SCO.10",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt"
},
{
"name": "RHSA-2001:099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-099.html"
},
{
"name": "20020129 Cisco CatOS Telnet Buffer Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml"
},
{
"name": "HPSBUX0110-172",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html"
},
{
"name": "DSA-075",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2001/dsa-075"
},
{
"name": "20010718 multiple vendor telnet daemon vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/197804"
},
{
"name": "CA-2001-21",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2001-21.html"
},
{
"name": "FreeBSD-SA-01:49",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc"
},
{
"name": "CSSA-2001-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt"
},
{
"name": "DSA-070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2001/dsa-070"
},
{
"name": "20010725 SCO - Telnetd AYT overflow ?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/199541"
},
{
"name": "20010801-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P"
},
{
"name": "NetBSD-SA2001-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2001:413",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000413"
},
{
"name": "MDKSA-2001:068",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3"
},
{
"name": "L-131",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/l-131.shtml"
},
{
"name": "SSRT0745U",
"refsource": "COMPAQ",
"url": "http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml"
},
{
"name": "telnetd-option-telrcv-bo(6875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875"
},
{
"name": "809",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/809"
},
{
"name": "MSS-OAR-E01-2001:298",
"refsource": "IBM",
"url": "http://online.securityfocus.com/advisories/3476"
},
{
"name": "20010725 Telnetd AYT overflow scanner",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/199496"
},
{
"name": "20010810 ADV/EXP: netkit \u003c=0.17 in.telnetd remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/203000"
},
{
"name": "3064",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3064"
},
{
"name": "RHSA-2001:100",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-100.html"
},
{
"name": "SuSE-SA:2001:029",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html"
},
{
"name": "CSSA-2001-SCO.10",
"refsource": "CALDERA",
"url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt"
},
{
"name": "RHSA-2001:099",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-099.html"
},
{
"name": "20020129 Cisco CatOS Telnet Buffer Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml"
},
{
"name": "HPSBUX0110-172",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html"
},
{
"name": "DSA-075",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-075"
},
{
"name": "20010718 multiple vendor telnet daemon vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/197804"
},
{
"name": "CA-2001-21",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-21.html"
},
{
"name": "FreeBSD-SA-01:49",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc"
},
{
"name": "CSSA-2001-030.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt"
},
{
"name": "DSA-070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-070"
},
{
"name": "20010725 SCO - Telnetd AYT overflow ?",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/199541"
},
{
"name": "20010801-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P"
},
{
"name": "NetBSD-SA2001-012",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0554",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-07-24T00:00:00",
"dateUpdated": "2024-08-08T04:21:38.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2134 (GCVE-0-2005-2134)
Vulnerability from cvelistv5
Published
2005-07-05 04:00
Modified
2024-09-17 01:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:15:37.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2005-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to \"unpaused\" in the same ioctl, which causes a divide-by-zero error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2005-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to \"unpaused\" in the same ioctl, which causes a divide-by-zero error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2005-002",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-002.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2134",
"datePublished": "2005-07-05T04:00:00Z",
"dateReserved": "2005-07-05T00:00:00Z",
"dateUpdated": "2024-09-17T01:01:35.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0513 (GCVE-0-1999-0513)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:45.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:44:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0513",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:45.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1215 (GCVE-0-2008-1215)
Vulnerability from cvelistv5
Published
2008-03-09 02:00
Modified
2024-08-07 08:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29238"
},
{
"name": "[4.2] 20080307 009: SECURITY FIX: March 7, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata42.html#009_ppp"
},
{
"name": "20080229 *BSD user-ppp local root (when conditions permit)",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/82/488980/30/0/threaded"
},
{
"name": "[4.1] 20080307 014: SECURITY FIX: March 7, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata41.html#014_ppp"
},
{
"name": "20080301 Re: *BSD user-ppp local root (when conditions permit)",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/82/489031/30/0/threaded"
},
{
"name": "28090",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28090"
},
{
"name": "userppp-commandexpandinterpret-bo(41034)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41034"
},
{
"name": "29234",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29234"
},
{
"name": "29240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29240"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing \"~\" characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29238"
},
{
"name": "[4.2] 20080307 009: SECURITY FIX: March 7, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata42.html#009_ppp"
},
{
"name": "20080229 *BSD user-ppp local root (when conditions permit)",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://www.securityfocus.com/archive/82/488980/30/0/threaded"
},
{
"name": "[4.1] 20080307 014: SECURITY FIX: March 7, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata41.html#014_ppp"
},
{
"name": "20080301 Re: *BSD user-ppp local root (when conditions permit)",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://www.securityfocus.com/archive/82/489031/30/0/threaded"
},
{
"name": "28090",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28090"
},
{
"name": "userppp-commandexpandinterpret-bo(41034)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41034"
},
{
"name": "29234",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29234"
},
{
"name": "29240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29240"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing \"~\" characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29238"
},
{
"name": "[4.2] 20080307 009: SECURITY FIX: March 7, 2008",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata42.html#009_ppp"
},
{
"name": "20080229 *BSD user-ppp local root (when conditions permit)",
"refsource": "VULN-DEV",
"url": "http://www.securityfocus.com/archive/82/488980/30/0/threaded"
},
{
"name": "[4.1] 20080307 014: SECURITY FIX: March 7, 2008",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata41.html#014_ppp"
},
{
"name": "20080301 Re: *BSD user-ppp local root (when conditions permit)",
"refsource": "VULN-DEV",
"url": "http://www.securityfocus.com/archive/82/489031/30/0/threaded"
},
{
"name": "28090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28090"
},
{
"name": "userppp-commandexpandinterpret-bo(41034)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41034"
},
{
"name": "29234",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29234"
},
{
"name": "29240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29240"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1215",
"datePublished": "2008-03-09T02:00:00",
"dateReserved": "2008-03-08T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0456 (GCVE-0-2000-0456)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1365",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1365"
},
{
"name": "1272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1272"
},
{
"name": "NetBSD-SA2000-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-005.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka \"cpu-hog\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1365",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1365"
},
{
"name": "1272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1272"
},
{
"name": "NetBSD-SA2000-005",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-005.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka \"cpu-hog\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1365",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1365"
},
{
"name": "1272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1272"
},
{
"name": "NetBSD-SA2000-005",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-005.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0456",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0217 (GCVE-0-2012-0217)
Vulnerability from cvelistv5
Published
2012-06-12 22:00
Modified
2024-08-06 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:19.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "TA12-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"name": "MS12-042",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"name": "28718",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"name": "NetBSD-SA2012-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "oval:org.mitre.oval:def:15596",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"name": "DSA-2501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.illumos.org/issues/2873"
},
{
"name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"name": "DSA-2508",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX133161"
},
{
"name": "46508",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"name": "VU#649219",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "FreeBSD-SA-12:04",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-08T10:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "TA12-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"name": "MS12-042",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"name": "28718",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"name": "NetBSD-SA2012-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "oval:org.mitre.oval:def:15596",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"name": "DSA-2501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.illumos.org/issues/2873"
},
{
"name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"name": "DSA-2508",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX133161"
},
{
"name": "46508",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"name": "VU#649219",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "FreeBSD-SA-12:04",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2012-0217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
},
{
"name": "TA12-164A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"name": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/",
"refsource": "CONFIRM",
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"name": "MS12-042",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"name": "28718",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=813428",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"name": "NetBSD-SA2012-003",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "oval:org.mitre.oval:def:15596",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"name": "DSA-2501",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"name": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/",
"refsource": "CONFIRM",
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"name": "https://www.illumos.org/issues/2873",
"refsource": "CONFIRM",
"url": "https://www.illumos.org/issues/2873"
},
{
"name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"name": "DSA-2508",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "http://support.citrix.com/article/CTX133161",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX133161"
},
{
"name": "46508",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"name": "http://smartos.org/2012/06/15/smartos-news-3/",
"refsource": "CONFIRM",
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"name": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012",
"refsource": "CONFIRM",
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"name": "VU#649219",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "FreeBSD-SA-12:04",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2012-0217",
"datePublished": "2012-06-12T22:00:00",
"dateReserved": "2011-12-14T00:00:00",
"dateUpdated": "2024-08-06T18:16:19.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0905 (GCVE-0-2006-0905)
Vulnerability from cvelistv5
Published
2006-03-23 11:00
Modified
2024-08-07 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:56.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24068",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24068"
},
{
"name": "1015809",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015809"
},
{
"name": "17191",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17191"
},
{
"name": "19366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19366"
},
{
"name": "NetBSD-SA2006-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc"
},
{
"name": "FreeBSD-SA-06:11",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc"
},
{
"name": "bsd-ipsec-replay(25398)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25398"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A \"programming error\" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"name": "24068",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24068"
},
{
"name": "1015809",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015809"
},
{
"name": "17191",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17191"
},
{
"name": "19366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19366"
},
{
"name": "NetBSD-SA2006-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc"
},
{
"name": "FreeBSD-SA-06:11",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc"
},
{
"name": "bsd-ipsec-replay(25398)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25398"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secteam@freebsd.org",
"ID": "CVE-2006-0905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A \"programming error\" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24068",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24068"
},
{
"name": "1015809",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015809"
},
{
"name": "17191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17191"
},
{
"name": "19366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19366"
},
{
"name": "NetBSD-SA2006-011",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc"
},
{
"name": "FreeBSD-SA-06:11",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc"
},
{
"name": "bsd-ipsec-replay(25398)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25398"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2006-0905",
"datePublished": "2006-03-23T11:00:00",
"dateReserved": "2006-02-28T00:00:00",
"dateUpdated": "2024-08-07T16:48:56.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8517 (GCVE-0-2014-8517)
Vulnerability from cvelistv5
Published
2014-11-17 16:00
Modified
2024-08-06 13:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:18:48.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2014-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-013.txt.asc"
},
{
"name": "62028",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62028"
},
{
"name": "43112",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43112/"
},
{
"name": "[oss-security] 20141028 Re: ftp(1) can be made execute arbitrary commands by malicious webserver",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q4/464"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/HT204244"
},
{
"name": "GLSA-201611-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-05"
},
{
"name": "openSUSE-SU-2014:1383",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00029.html"
},
{
"name": "APPLE-SA-2015-01-27-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name": "62260",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62260"
},
{
"name": "[oss-security] 20141028 ftp(1) can be made execute arbitrary commands by malicious webserver",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q4/459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-05T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2014-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-013.txt.asc"
},
{
"name": "62028",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62028"
},
{
"name": "43112",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43112/"
},
{
"name": "[oss-security] 20141028 Re: ftp(1) can be made execute arbitrary commands by malicious webserver",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q4/464"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/HT204244"
},
{
"name": "GLSA-201611-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-05"
},
{
"name": "openSUSE-SU-2014:1383",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00029.html"
},
{
"name": "APPLE-SA-2015-01-27-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name": "62260",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62260"
},
{
"name": "[oss-security] 20141028 ftp(1) can be made execute arbitrary commands by malicious webserver",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q4/459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2014-013",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-013.txt.asc"
},
{
"name": "62028",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62028"
},
{
"name": "43112",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43112/"
},
{
"name": "[oss-security] 20141028 Re: ftp(1) can be made execute arbitrary commands by malicious webserver",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q4/464"
},
{
"name": "http://support.apple.com/HT204244",
"refsource": "CONFIRM",
"url": "http://support.apple.com/HT204244"
},
{
"name": "GLSA-201611-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-05"
},
{
"name": "openSUSE-SU-2014:1383",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00029.html"
},
{
"name": "APPLE-SA-2015-01-27-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
},
{
"name": "62260",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62260"
},
{
"name": "[oss-security] 20141028 ftp(1) can be made execute arbitrary commands by malicious webserver",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q4/459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8517",
"datePublished": "2014-11-17T16:00:00",
"dateReserved": "2014-10-28T00:00:00",
"dateUpdated": "2024-08-06T13:18:48.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4783 (GCVE-0-2005-4783)
Vulnerability from cvelistv5
Published
2006-04-14 10:00
Modified
2024-09-17 03:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:22.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110\u0026r2=1.111\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727"
},
{
"name": "20729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20729"
},
{
"name": "NetBSD-SA2006-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-14T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110\u0026r2=1.111\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727"
},
{
"name": "20729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20729"
},
{
"name": "NetBSD-SA2006-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015132",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015132"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110\u0026r2=1.111\u0026f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c.diff?r1=1.110\u0026r2=1.111\u0026f=h"
},
{
"name": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727",
"refsource": "CONFIRM",
"url": "http://releng.netbsd.org/cgi-bin/req-3.cgi?show=727"
},
{
"name": "20729",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20729"
},
{
"name": "NetBSD-SA2006-001",
"refsource": "NETBSD",
"url": "http://www.packetstormsecurity.org/0601-advisories/NetBSD-SA2006-001.txt"
},
{
"name": "[netbsd-announce] 20051031 Announcing update 2.0.3 - source only",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/netbsd-announce/2005/10/31/0000.html"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/miscfs/kernfs/kernfs_vnops.c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4783",
"datePublished": "2006-04-14T10:00:00Z",
"dateReserved": "2006-04-13T00:00:00Z",
"dateUpdated": "2024-09-17T03:03:18.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45487 (GCVE-0-2021-45487)
Vulnerability from cvelistv5
Published
2021-12-25 01:04
Modified
2024-08-04 04:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-25T01:04:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://arxiv.org/pdf/2112.09604.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"name": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc",
"refsource": "MISC",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45487",
"datePublished": "2021-12-25T01:04:12",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:39:21.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-45488 (GCVE-0-2021-45488)
Vulnerability from cvelistv5
Published
2021-12-25 01:03
Modified
2024-08-04 04:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-25T01:03:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://arxiv.org/pdf/2112.09604.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"name": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc",
"refsource": "MISC",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2021-001.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45488",
"datePublished": "2021-12-25T01:03:58",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:39:21.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0257 (GCVE-0-2004-0257)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guninski.com/obsdmtu.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c"
},
{
"name": "20040205 OpenBSD IPv6 remote kernel crash",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107604603226564\u0026w=2"
},
{
"name": "20040204 Remote openbsd crash with ip6, yet still openbsd much better than windows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016704.html"
},
{
"name": "3825",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3825"
},
{
"name": "openbsd-ipv6-dos(15044)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15044"
},
{
"name": "9577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9577"
},
{
"name": "NetBSD-SA2004-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-002.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-20T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guninski.com/obsdmtu.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c"
},
{
"name": "20040205 OpenBSD IPv6 remote kernel crash",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107604603226564\u0026w=2"
},
{
"name": "20040204 Remote openbsd crash with ip6, yet still openbsd much better than windows",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016704.html"
},
{
"name": "3825",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3825"
},
{
"name": "openbsd-ipv6-dos(15044)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15044"
},
{
"name": "9577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9577"
},
{
"name": "NetBSD-SA2004-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-002.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.guninski.com/obsdmtu.html",
"refsource": "MISC",
"url": "http://www.guninski.com/obsdmtu.html"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c"
},
{
"name": "20040205 OpenBSD IPv6 remote kernel crash",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107604603226564\u0026w=2"
},
{
"name": "20040204 Remote openbsd crash with ip6, yet still openbsd much better than windows",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016704.html"
},
{
"name": "3825",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3825"
},
{
"name": "openbsd-ipv6-dos(15044)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15044"
},
{
"name": "9577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9577"
},
{
"name": "NetBSD-SA2004-002",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-002.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0257",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0750 (GCVE-0-2000-0750)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-00:40",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"name": "1558",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1558"
},
{
"name": "RHSA-2000:050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"name": "20000705 Mopd contained a buffer overflow.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata.html#mopd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-00:40",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"name": "1558",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1558"
},
{
"name": "RHSA-2000:050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"name": "20000705 Mopd contained a buffer overflow.",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata.html#mopd"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0750",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:40",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html"
},
{
"name": "1558",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1558"
},
{
"name": "RHSA-2000:050",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-050.html"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h",
"refsource": "MISC",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h"
},
{
"name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html"
},
{
"name": "20000705 Mopd contained a buffer overflow.",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata.html#mopd"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0750",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-09-19T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2476 (GCVE-0-2008-2476)
Vulnerability from cvelistv5
Published
2008-10-03 15:00
Modified
2024-08-07 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:29.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32406",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32406"
},
{
"name": "multiple-vendors-ndp-dos(45601)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3467"
},
{
"name": "[4.2] 015: SECURITY FIX: October 2, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata42.html#015_ndp"
},
{
"name": "ADV-2008-2751",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2751"
},
{
"name": "1021109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021109"
},
{
"name": "1020968",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020968"
},
{
"name": "32133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32133"
},
{
"name": "VU#472363",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/472363"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
},
{
"name": "32116",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32116"
},
{
"name": "1021132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021132"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
},
{
"name": "ADV-2008-2750",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2750"
},
{
"name": "ADV-2008-2752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2752"
},
{
"name": "31529",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31529"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
},
{
"name": "FreeBSD-SA-08:10",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
},
{
"name": "[4.3] 006: SECURITY FIX: October 2, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata43.html#006_ndp"
},
{
"name": "32112",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32112"
},
{
"name": "NetBSD-SA2008-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
},
{
"name": "oval:org.mitre.oval:def:5670",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
},
{
"name": "32117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32117"
},
{
"name": "ADV-2009-0633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "32406",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32406"
},
{
"name": "multiple-vendors-ndp-dos(45601)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3467"
},
{
"name": "[4.2] 015: SECURITY FIX: October 2, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata42.html#015_ndp"
},
{
"name": "ADV-2008-2751",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2751"
},
{
"name": "1021109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021109"
},
{
"name": "1020968",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020968"
},
{
"name": "32133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32133"
},
{
"name": "VU#472363",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/472363"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
},
{
"name": "32116",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32116"
},
{
"name": "1021132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021132"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
},
{
"name": "ADV-2008-2750",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2750"
},
{
"name": "ADV-2008-2752",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2752"
},
{
"name": "31529",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31529"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
},
{
"name": "FreeBSD-SA-08:10",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
},
{
"name": "[4.3] 006: SECURITY FIX: October 2, 2008",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata43.html#006_ndp"
},
{
"name": "32112",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32112"
},
{
"name": "NetBSD-SA2008-013",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
},
{
"name": "oval:org.mitre.oval:def:5670",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
},
{
"name": "32117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32117"
},
{
"name": "ADV-2009-0633",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-2476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32406",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32406"
},
{
"name": "multiple-vendors-ndp-dos(45601)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45601"
},
{
"name": "http://support.apple.com/kb/HT3467",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3467"
},
{
"name": "[4.2] 015: SECURITY FIX: October 2, 2008",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata42.html#015_ndp"
},
{
"name": "ADV-2008-2751",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2751"
},
{
"name": "1021109",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021109"
},
{
"name": "1020968",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020968"
},
{
"name": "32133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32133"
},
{
"name": "VU#472363",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/472363"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2RY7"
},
{
"name": "32116",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32116"
},
{
"name": "1021132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021132"
},
{
"name": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view",
"refsource": "MISC",
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2008-09-036\u0026viewMode=view"
},
{
"name": "ADV-2008-2750",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2750"
},
{
"name": "ADV-2008-2752",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2752"
},
{
"name": "31529",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31529"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7H2S68"
},
{
"name": "FreeBSD-SA-08:10",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:10.nd6.asc"
},
{
"name": "[4.3] 006: SECURITY FIX: October 2, 2008",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata43.html#006_ndp"
},
{
"name": "32112",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32112"
},
{
"name": "NetBSD-SA2008-013",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-013.txt.asc"
},
{
"name": "oval:org.mitre.oval:def:5670",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5670"
},
{
"name": "32117",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32117"
},
{
"name": "ADV-2009-0633",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-2476",
"datePublished": "2008-10-03T15:00:00",
"dateReserved": "2008-05-28T00:00:00",
"dateUpdated": "2024-08-07T09:05:29.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7250 (GCVE-0-2014-7250)
Vulnerability from cvelistv5
Published
2014-12-12 02:00
Modified
2024-08-06 12:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#07930208",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN07930208/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243"
},
{
"name": "JVNDB-2014-000134",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-12T02:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#07930208",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN07930208/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243"
},
{
"name": "JVNDB-2014-000134",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-7250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#07930208",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN07930208/index.html"
},
{
"name": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243",
"refsource": "MISC",
"url": "https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243"
},
{
"name": "JVNDB-2014-000134",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-7250",
"datePublished": "2014-12-12T02:00:00",
"dateReserved": "2014-09-30T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2530 (GCVE-0-2010-2530)
Vulnerability from cvelistv5
Published
2010-09-29 16:00
Modified
2024-09-16 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20100712 CVE request: NetSMB BSD kernel module (minor)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/12/6"
},
{
"name": "41557",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41557"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netsmb/smb_subr.c.diff?r1=1.34\u0026r2=1.35\u0026only_with_tag=MAIN\u0026f=h"
},
{
"name": "[oss-security] 20100716 Re: CVE request: NetSMB BSD kernel module (minor)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/16/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-29T16:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20100712 CVE request: NetSMB BSD kernel module (minor)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/12/6"
},
{
"name": "41557",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41557"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netsmb/smb_subr.c.diff?r1=1.34\u0026r2=1.35\u0026only_with_tag=MAIN\u0026f=h"
},
{
"name": "[oss-security] 20100716 Re: CVE request: NetSMB BSD kernel module (minor)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/07/16/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100712 CVE request: NetSMB BSD kernel module (minor)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/07/12/6"
},
{
"name": "41557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41557"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netsmb/smb_subr.c.diff?r1=1.34\u0026r2=1.35\u0026only_with_tag=MAIN\u0026f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netsmb/smb_subr.c.diff?r1=1.34\u0026r2=1.35\u0026only_with_tag=MAIN\u0026f=h"
},
{
"name": "[oss-security] 20100716 Re: CVE request: NetSMB BSD kernel module (minor)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/07/16/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2530",
"datePublished": "2010-09-29T16:00:00Z",
"dateReserved": "2010-06-30T00:00:00Z",
"dateUpdated": "2024-09-16T23:45:53.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1409 (GCVE-0-1999-1409)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "331",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/331"
},
{
"name": "19980703 more about \u0027at\u0027",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html"
},
{
"name": "NetBSD-SA1998-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc"
},
{
"name": "at-f-read-files(7577)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7577.php"
},
{
"name": "19980805 irix-6.2 \"at -f\" vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90233906612929\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "331",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/331"
},
{
"name": "19980703 more about \u0027at\u0027",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html"
},
{
"name": "NetBSD-SA1998-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc"
},
{
"name": "at-f-read-files(7577)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7577.php"
},
{
"name": "19980805 irix-6.2 \"at -f\" vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90233906612929\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/331"
},
{
"name": "19980703 more about \u0027at\u0027",
"refsource": "BUGTRAQ",
"url": "http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html"
},
{
"name": "NetBSD-SA1998-004",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc"
},
{
"name": "at-f-read-files(7577)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7577.php"
},
{
"name": "19980805 irix-6.2 \"at -f\" vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90233906612929\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1409",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1490 (GCVE-0-2002-1490)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2002-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc"
},
{
"name": "7566",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7566"
},
{
"name": "5722",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5722"
},
{
"name": "netbsd-tiocsctty-ioctl-bo(10115)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10115.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2002-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc"
},
{
"name": "7566",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7566"
},
{
"name": "5722",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5722"
},
{
"name": "netbsd-tiocsctty-ioctl-bo(10115)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10115.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2002-007",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc"
},
{
"name": "7566",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7566"
},
{
"name": "5722",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5722"
},
{
"name": "netbsd-tiocsctty-ioctl-bo(10115)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10115.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1490",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0297 (GCVE-0-1999-0297)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:12:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0297",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0914 (GCVE-0-2003-0914)
Vulnerability from cvelistv5
Published
2003-12-02 05:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:34.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57434",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434"
},
{
"name": "CSSA-2004-003.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt"
},
{
"name": "CSSA-2003-SCO.33",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt"
},
{
"name": "2003-0044",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt"
},
{
"name": "VU#734644",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/734644"
},
{
"name": "oval:org.mitre.oval:def:2011",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011"
},
{
"name": "DSA-409",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-409"
},
{
"name": "10542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10542"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "57434",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434"
},
{
"name": "CSSA-2004-003.0",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt"
},
{
"name": "CSSA-2003-SCO.33",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt"
},
{
"name": "2003-0044",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt"
},
{
"name": "VU#734644",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/734644"
},
{
"name": "oval:org.mitre.oval:def:2011",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011"
},
{
"name": "DSA-409",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-409"
},
{
"name": "10542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10542"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57434",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434"
},
{
"name": "CSSA-2004-003.0",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt"
},
{
"name": "CSSA-2003-SCO.33",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt"
},
{
"name": "2003-0044",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt"
},
{
"name": "VU#734644",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/734644"
},
{
"name": "oval:org.mitre.oval:def:2011",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011"
},
{
"name": "DSA-409",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-409"
},
{
"name": "10542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10542"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0914",
"datePublished": "2003-12-02T05:00:00",
"dateReserved": "2003-11-04T00:00:00",
"dateUpdated": "2024-08-08T02:12:34.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0157 (GCVE-0-2000-0157)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1999-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc"
},
{
"name": "992",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1999-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc"
},
{
"name": "992",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/992"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1999-012",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc"
},
{
"name": "992",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/992"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0157",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-02-23T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0094 (GCVE-0-2000-0094)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2000-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-001.txt.asc"
},
{
"name": "netbsd-procfs(3995)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3995"
},
{
"name": "940",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/940"
},
{
"name": "20760",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20760"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2000-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-001.txt.asc"
},
{
"name": "netbsd-procfs(3995)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3995"
},
{
"name": "940",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/940"
},
{
"name": "20760",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20760"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2000-001",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-001.txt.asc"
},
{
"name": "netbsd-procfs(3995)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3995"
},
{
"name": "940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/940"
},
{
"name": "20760",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20760"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0094",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-02-02T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0367 (GCVE-0-1999-0367)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NetBSD netstat command allows local users to access kernel memory.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7571",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7571"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NetBSD netstat command allows local users to access kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7571",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7571"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetBSD netstat command allows local users to access kernel memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7571",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7571"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0367",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1797 (GCVE-0-2006-1797)
Vulnerability from cvelistv5
Published
2006-04-18 10:00
Modified
2024-08-07 17:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:27:28.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17497",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17497"
},
{
"name": "NetBSD-SA2006-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html"
},
{
"name": "24578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24578"
},
{
"name": "1015908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015908"
},
{
"name": "bsd-siocgifalias-ioctl-dos(25766)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25766"
},
{
"name": "19615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19615"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17497",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17497"
},
{
"name": "NetBSD-SA2006-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html"
},
{
"name": "24578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24578"
},
{
"name": "1015908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015908"
},
{
"name": "bsd-siocgifalias-ioctl-dos(25766)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25766"
},
{
"name": "19615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19615"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17497",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17497"
},
{
"name": "NetBSD-SA2006-012",
"refsource": "NETBSD",
"url": "http://archives.neohapsis.com/archives/netbsd/2006-q2/0014.html"
},
{
"name": "24578",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24578"
},
{
"name": "1015908",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015908"
},
{
"name": "bsd-siocgifalias-ioctl-dos(25766)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25766"
},
{
"name": "19615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19615"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1797",
"datePublished": "2006-04-18T10:00:00",
"dateReserved": "2006-04-17T00:00:00",
"dateUpdated": "2024-08-07T17:27:28.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0046 (GCVE-0-1999-0046)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow of rlogin program using TERM environmental variable.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow of rlogin program using TERM environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:31:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow of rlogin program using TERM environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0046",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0053 (GCVE-0-2001-0053)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:54.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2000-018",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"name": "bsd-ftpd-replydirname-bo(5776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5776"
},
{
"name": "20001218 Trustix Security Advisory - ed, tcsh, and ftpd-BSD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html"
},
{
"name": "20001218",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/advisories/ftpd_replydirname.txt"
},
{
"name": "2124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2000-018",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"name": "bsd-ftpd-replydirname-bo(5776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5776"
},
{
"name": "20001218 Trustix Security Advisory - ed, tcsh, and ftpd-BSD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html"
},
{
"name": "20001218",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/advisories/ftpd_replydirname.txt"
},
{
"name": "2124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2000-018",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc"
},
{
"name": "bsd-ftpd-replydirname-bo(5776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5776"
},
{
"name": "20001218 Trustix Security Advisory - ed, tcsh, and ftpd-BSD",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0275.html"
},
{
"name": "20001218",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/advisories/ftpd_replydirname.txt"
},
{
"name": "2124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0053",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-02-01T00:00:00",
"dateUpdated": "2024-08-08T04:06:54.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1192 (GCVE-0-2002-1192)
Vulnerability from cvelistv5
Published
2002-10-15 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5837",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5837"
},
{
"name": "7181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7181"
},
{
"name": "NetBSD-SA2002-021",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc"
},
{
"name": "20020928 local exploitable overflow in rogue/FreeBSD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103342413220529\u0026w=2"
},
{
"name": "bsd-rogue-bo(10261)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10261"
},
{
"name": "7252",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7252"
},
{
"name": "6098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain \"games\" group privileges via malformed entries in a game save file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5837",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5837"
},
{
"name": "7181",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7181"
},
{
"name": "NetBSD-SA2002-021",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc"
},
{
"name": "20020928 local exploitable overflow in rogue/FreeBSD",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103342413220529\u0026w=2"
},
{
"name": "bsd-rogue-bo(10261)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10261"
},
{
"name": "7252",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7252"
},
{
"name": "6098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain \"games\" group privileges via malformed entries in a game save file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5837",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5837"
},
{
"name": "7181",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7181"
},
{
"name": "NetBSD-SA2002-021",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-021.txt.asc"
},
{
"name": "20020928 local exploitable overflow in rogue/FreeBSD",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103342413220529\u0026w=2"
},
{
"name": "bsd-rogue-bo(10261)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10261"
},
{
"name": "7252",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7252"
},
{
"name": "6098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1192",
"datePublished": "2002-10-15T04:00:00",
"dateReserved": "2002-10-08T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2393 (GCVE-0-2011-2393)
Vulnerability from cvelistv5
Published
2012-02-02 17:00
Modified
2024-09-16 20:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt"
},
{
"name": "20110405 ICMPv6 Router Announcement flooding denial of service affecting multiple systems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/Apr/86"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-02T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt"
},
{
"name": "20110405 ICMPv6 Router Announcement flooding denial of service affecting multiple systems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2011/Apr/86"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt",
"refsource": "MISC",
"url": "http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt"
},
{
"name": "20110405 ICMPv6 Router Announcement flooding denial of service affecting multiple systems",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Apr/86"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2393",
"datePublished": "2012-02-02T17:00:00Z",
"dateReserved": "2011-06-05T00:00:00Z",
"dateUpdated": "2024-09-16T20:32:12.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6652 (GCVE-0-2006-6652)
Vulnerability from cvelistv5
Published
2006-12-20 02:00
Modified
2024-08-07 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:33:59.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "NetBSD-SA2006-027",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc"
},
{
"name": "1017386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "netbsd-ftpd-glob-bo(30670)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30670"
},
{
"name": "31781",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/31781"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "23178",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23178"
},
{
"name": "20061201 NetBSD FTPD and ports ***REMOTE ROOOOOT HOLE***",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "21377",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21377"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "NetBSD-SA2006-027",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc"
},
{
"name": "1017386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "netbsd-ftpd-glob-bo(30670)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30670"
},
{
"name": "31781",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/31781"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "23178",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23178"
},
{
"name": "20061201 NetBSD FTPD and ports ***REMOTE ROOOOOT HOLE***",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "21377",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21377"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24966"
},
{
"name": "NetBSD-SA2006-027",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc"
},
{
"name": "1017386",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017386"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "netbsd-ftpd-glob-bo(30670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30670"
},
{
"name": "31781",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31781"
},
{
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "23178",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23178"
},
{
"name": "20061201 NetBSD FTPD and ports ***REMOTE ROOOOOT HOLE***",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "21377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21377"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6652",
"datePublished": "2006-12-20T02:00:00",
"dateReserved": "2006-12-19T00:00:00",
"dateUpdated": "2024-08-07T20:33:59.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2092 (GCVE-0-2002-2092)
Vulnerability from cvelistv5
Published
2005-08-05 04:00
Modified
2024-08-08 03:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-02:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc"
},
{
"name": "3891",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3891"
},
{
"name": "19475",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19475"
},
{
"name": "bsd-exec-race-condition(7945)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7945"
},
{
"name": "NetBSD-SA2002-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-02:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc"
},
{
"name": "3891",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3891"
},
{
"name": "19475",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19475"
},
{
"name": "bsd-exec-race-condition(7945)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7945"
},
{
"name": "NetBSD-SA2002-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-02:08",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:08.exec.asc"
},
{
"name": "3891",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3891"
},
{
"name": "19475",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19475"
},
{
"name": "bsd-exec-race-condition(7945)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7945"
},
{
"name": "NetBSD-SA2002-001",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-001.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2092",
"datePublished": "2005-08-05T04:00:00",
"dateReserved": "2005-08-05T00:00:00",
"dateUpdated": "2024-08-08T03:51:17.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6165 (GCVE-0-2006-6165)
Vulnerability from cvelistv5
Published
2006-11-29 01:00
Modified
2025-01-17 14:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:34.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061123 Re: Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452428/100/0/threaded"
},
{
"name": "20061122 Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/452371/100/0/threaded"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2006-6165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T19:58:55.438328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T14:08:58.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061123 Re: Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452428/100/0/threaded"
},
{
"name": "20061122 Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/452371/100/0/threaded"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6165",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061123 Re: Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452428/100/0/threaded"
},
{
"name": "20061122 Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452371/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6165",
"datePublished": "2006-11-29T01:00:00",
"dateReserved": "2006-11-28T00:00:00",
"dateUpdated": "2025-01-17T14:08:58.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0674 (GCVE-0-1999-0674)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/570"
},
{
"name": "J-067",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/j-067.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/570"
},
{
"name": "J-067",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/j-067.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0674",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/570"
},
{
"name": "J-067",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/j-067.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0674",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1146 (GCVE-0-2008-1146)
Vulnerability from cvelistv5
Published
2008-03-04 23:00
Modified
2024-08-07 08:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "28819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28819"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"name": "27647",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka \"Algorithm X3\"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD\u0027s modification of BIND."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "28819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28819"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"name": "27647",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka \"Algorithm X3\"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD\u0027s modification of BIND."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080206 A paper by Amit Klein (Trusteer): \"OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability\"",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487658"
},
{
"name": "28819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28819"
},
{
"name": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf",
"refsource": "MISC",
"url": "http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf"
},
{
"name": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securityreviews/5PP0H0UNGW.html"
},
{
"name": "openbsd-prng-dns-spoofing(40329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40329"
},
{
"name": "27647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1146",
"datePublished": "2008-03-04T23:00:00",
"dateReserved": "2008-03-04T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2793 (GCVE-0-2009-2793)
Vulnerability from cvelistv5
Published
2009-09-18 22:00
Modified
2024-08-07 06:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:35.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090916 Iret #GP on pre-commit handling failure: the NetBSD case (CVE-2009-2793)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/506531/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090916 Iret #GP on pre-commit handling failure: the NetBSD case (CVE-2009-2793)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/506531/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090916 Iret #GP on pre-commit handling failure: the NetBSD case (CVE-2009-2793)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506531/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2793",
"datePublished": "2009-09-18T22:00:00",
"dateReserved": "2009-08-17T00:00:00",
"dateUpdated": "2024-08-07T06:07:35.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4247 (GCVE-0-2008-4247)
Vulnerability from cvelistv5
Published
2008-09-25 19:00
Modified
2024-08-07 10:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:34.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1021112",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51\u0026r2=1.52\u0026f=h"
},
{
"name": "1020946",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020946"
},
{
"name": "20080926 multiple vendor ftpd - Cross-site request forgery",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/56"
},
{
"name": "33341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33341"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3115"
},
{
"name": "NetBSD-SA2008-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-014.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y"
},
{
"name": "32068",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32068"
},
{
"name": "FreeBSD-SA-08:12",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:12.ftpd.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "32070",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c.diff?r1=1.183\u0026r2=1.184\u0026f=h"
},
{
"name": "4313",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4313"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-10-07T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1021112",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51\u0026r2=1.52\u0026f=h"
},
{
"name": "1020946",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020946"
},
{
"name": "20080926 multiple vendor ftpd - Cross-site request forgery",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/56"
},
{
"name": "33341",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33341"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3115"
},
{
"name": "NetBSD-SA2008-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-014.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y"
},
{
"name": "32068",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32068"
},
{
"name": "FreeBSD-SA-08:12",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:12.ftpd.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "32070",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c.diff?r1=1.183\u0026r2=1.184\u0026f=h"
},
{
"name": "4313",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4313"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1021112",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021112"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51\u0026r2=1.52\u0026f=h",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51\u0026r2=1.52\u0026f=h"
},
{
"name": "1020946",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020946"
},
{
"name": "20080926 multiple vendor ftpd - Cross-site request forgery",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/56"
},
{
"name": "33341",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33341"
},
{
"name": "http://bugs.proftpd.org/show_bug.cgi?id=3115",
"refsource": "MISC",
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3115"
},
{
"name": "NetBSD-SA2008-014",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-014.txt.asc"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y"
},
{
"name": "32068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32068"
},
{
"name": "FreeBSD-SA-08:12",
"refsource": "FREEBSD",
"url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-08:12.ftpd.asc"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "32070",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32070"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c.diff?r1=1.183\u0026r2=1.184\u0026f=h",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c.diff?r1=1.183\u0026r2=1.184\u0026f=h"
},
{
"name": "4313",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4313"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4247",
"datePublished": "2008-09-25T19:00:00",
"dateReserved": "2008-09-25T00:00:00",
"dateUpdated": "2024-08-07T10:08:34.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6730 (GCVE-0-2006-6730)
Vulnerability from cvelistv5
Published
2006-12-26 23:00
Modified
2024-08-07 20:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:34:00.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061215 Re: The (in)security of Xorg and DRI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454510/100/0/threaded"
},
{
"name": "[Xorg] 20040613 DRI merging",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg/2004-June/000927.html"
},
{
"name": "20061218 Re: The (in)security of Xorg and DRI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454706/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cansecwest.com/slides06/csw06-duflot.ppt"
},
{
"name": "20061214 The (in)security of Xorg and DRI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454379/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061215 Re: The (in)security of Xorg and DRI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454510/100/0/threaded"
},
{
"name": "[Xorg] 20040613 DRI merging",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg/2004-June/000927.html"
},
{
"name": "20061218 Re: The (in)security of Xorg and DRI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454706/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cansecwest.com/slides06/csw06-duflot.ppt"
},
{
"name": "20061214 The (in)security of Xorg and DRI",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454379/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061215 Re: The (in)security of Xorg and DRI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454510/100/0/threaded"
},
{
"name": "[Xorg] 20040613 DRI merging",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg/2004-June/000927.html"
},
{
"name": "20061218 Re: The (in)security of Xorg and DRI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454706/100/0/threaded"
},
{
"name": "http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf",
"refsource": "MISC",
"url": "http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf"
},
{
"name": "http://www.cansecwest.com/slides06/csw06-duflot.ppt",
"refsource": "MISC",
"url": "http://www.cansecwest.com/slides06/csw06-duflot.ppt"
},
{
"name": "20061214 The (in)security of Xorg and DRI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454379/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6730",
"datePublished": "2006-12-26T23:00:00",
"dateReserved": "2006-12-26T00:00:00",
"dateUpdated": "2024-08-07T20:34:00.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1920 (GCVE-0-2011-1920)
Vulnerability from cvelistv5
Published
2011-05-23 22:00
Modified
2024-08-06 22:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:46:00.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673"
},
{
"name": "47878",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47878"
},
{
"name": "[oss-security] 20110516 CVE Request -- pmake -- Use of insecure temporary file for \u0027depend\u0027 target",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/2"
},
{
"name": "[oss-security] 20110516 Re: CVE Request -- pmake -- Use of insecure temporary file for \u0027depend\u0027 target",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705100"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239\u0026r2=1.240\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192\u0026r2=1.193\u0026f=h"
},
{
"name": "pmake-depend-symlink(67495)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673"
},
{
"name": "47878",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47878"
},
{
"name": "[oss-security] 20110516 CVE Request -- pmake -- Use of insecure temporary file for \u0027depend\u0027 target",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/2"
},
{
"name": "[oss-security] 20110516 Re: CVE Request -- pmake -- Use of insecure temporary file for \u0027depend\u0027 target",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/16/8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705100"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=705090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239\u0026r2=1.240\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192\u0026r2=1.193\u0026f=h"
},
{
"name": "pmake-depend-symlink(67495)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67495"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1920",
"datePublished": "2011-05-23T22:00:00",
"dateReserved": "2011-05-09T00:00:00",
"dateUpdated": "2024-08-06T22:46:00.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0314 (GCVE-0-2000-0314)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "7574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7574"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "7574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7574"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990213 traceroute as a flooder",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "7574",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7574"
},
{
"name": "NetBSD-SA1999-004",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0314",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0010 (GCVE-0-1999-0010)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980603-01-PX",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "HPSBUX9808-083",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0010",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0114 (GCVE-0-2004-0114)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bsd-shmat-gain-privileges(15061)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15061"
},
{
"name": "9586",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9586"
},
{
"name": "3836",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3836"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/errata33.html#sysvshm"
},
{
"name": "20040205 [PINE-CERT-20040201] reference count overflow in shmat()",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107608375207601\u0026w=2"
},
{
"name": "FreeBSD-SA-04:02",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pine.nl/press/pine-cert-20040201.txt"
},
{
"name": "NetBSD-SA2004-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-004.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment\u0027s reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bsd-shmat-gain-privileges(15061)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15061"
},
{
"name": "9586",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9586"
},
{
"name": "3836",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3836"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/errata33.html#sysvshm"
},
{
"name": "20040205 [PINE-CERT-20040201] reference count overflow in shmat()",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107608375207601\u0026w=2"
},
{
"name": "FreeBSD-SA-04:02",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pine.nl/press/pine-cert-20040201.txt"
},
{
"name": "NetBSD-SA2004-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-004.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment\u0027s reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bsd-shmat-gain-privileges(15061)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15061"
},
{
"name": "9586",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9586"
},
{
"name": "3836",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3836"
},
{
"name": "http://www.openbsd.org/errata33.html#sysvshm",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/errata33.html#sysvshm"
},
{
"name": "20040205 [PINE-CERT-20040201] reference count overflow in shmat()",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107608375207601\u0026w=2"
},
{
"name": "FreeBSD-SA-04:02",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:02.shmat.asc"
},
{
"name": "http://www.pine.nl/press/pine-cert-20040201.txt",
"refsource": "MISC",
"url": "http://www.pine.nl/press/pine-cert-20040201.txt"
},
{
"name": "NetBSD-SA2004-004",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-004.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0114",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2004-02-03T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0462 (GCVE-0-2000-0462)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1366",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1366"
},
{
"name": "NetBSD-SA2000-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc"
},
{
"name": "1273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1273"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1366",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1366"
},
{
"name": "NetBSD-SA2000-006",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc"
},
{
"name": "1273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1273"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1366",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1366"
},
{
"name": "NetBSD-SA2000-006",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc"
},
{
"name": "1273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1273"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0462",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0628 (GCVE-0-1999-0628)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The rwho/rwhod service is running, which exposes machine status and user information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:45.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The rwho/rwhod service is running, which exposes machine status and user information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:51:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0628",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rwho/rwhod service is running, which exposes machine status and user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0628",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:45.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4776 (GCVE-0-2005-4776)
Vulnerability from cvelistv5
Published
2006-04-13 10:00
Modified
2024-09-16 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:22.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[source-changes] 20050913 CVS commit: [netbsd-3] src/sys/compat/freebsd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/09/13/0024.html"
},
{
"name": "NetBSD-SA2005-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-008.txt.asc"
},
{
"name": "20757",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20757"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-04-13T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[source-changes] 20050913 CVS commit: [netbsd-3] src/sys/compat/freebsd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/source-changes/2005/09/13/0024.html"
},
{
"name": "NetBSD-SA2005-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-008.txt.asc"
},
{
"name": "20757",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20757"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[source-changes] 20050913 CVS commit: [netbsd-3] src/sys/compat/freebsd",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/source-changes/2005/09/13/0024.html"
},
{
"name": "NetBSD-SA2005-008",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-008.txt.asc"
},
{
"name": "20757",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20757"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4776",
"datePublished": "2006-04-13T10:00:00Z",
"dateReserved": "2006-04-13T00:00:00Z",
"dateUpdated": "2024-09-16T17:58:04.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1335 (GCVE-0-2008-1335)
Vulnerability from cvelistv5
Published
2008-03-13 18:00
Modified
2024-08-07 08:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019533",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019533"
},
{
"name": "NetBSD-SA2008-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc"
},
{
"name": "29180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29180"
},
{
"name": "28045",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28045"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-04T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019533",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019533"
},
{
"name": "NetBSD-SA2008-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc"
},
{
"name": "29180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29180"
},
{
"name": "28045",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28045"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019533",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019533"
},
{
"name": "NetBSD-SA2008-002",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-002.txt.asc"
},
{
"name": "29180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29180"
},
{
"name": "28045",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28045"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1335",
"datePublished": "2008-03-13T18:00:00",
"dateReserved": "2008-03-13T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0422 (GCVE-0-1999-0422)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the \"noexec\" flag set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:31:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the \"noexec\" flag set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0422",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0653 (GCVE-0-2003-0653)
Vulnerability from cvelistv5
Published
2003-08-05 04:00
Modified
2024-09-16 23:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:58:11.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2003-010",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-010.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required \"PKTHDR\" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-08-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2003-010",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-010.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required \"PKTHDR\" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2003-010",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-010.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0653",
"datePublished": "2003-08-05T04:00:00Z",
"dateReserved": "2003-08-04T00:00:00Z",
"dateUpdated": "2024-09-16T23:41:06.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000374 (GCVE-0-2017-1000374)
Vulnerability from cvelistv5
Published
2017-06-19 16:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "99176",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A flaw exists in NetBSD\u0027s implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-22T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "99176",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99176"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000374",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw exists in NetBSD\u0027s implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "99176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99176"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000374",
"datePublished": "2017-06-19T16:00:00",
"dateReserved": "2017-06-19T00:00:00",
"dateUpdated": "2024-08-05T22:00:41.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2242 (GCVE-0-2007-2242)
Vulnerability from cvelistv5
Published
2007-04-25 16:00
Modified
2024-08-07 13:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:27.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-07:03.ipv6",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc"
},
{
"name": "24978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24978"
},
{
"name": "26703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26703"
},
{
"name": "RHSA-2007:0347",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"
},
{
"name": "25770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25770"
},
{
"name": "26664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "20070508 FLEA-2007-0016-1: kernel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467939/30/6690/threaded"
},
{
"name": "28806",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28806"
},
{
"name": "23615",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23615"
},
{
"name": "oval:org.mitre.oval:def:9574",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=306375"
},
{
"name": "26651",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26651"
},
{
"name": "[3.9] 20070423 022: SECURITY FIX: April 23, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://openbsd.org/errata39.html#022_route6"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "MDKSA-2007:216",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf"
},
{
"name": "1017949",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017949"
},
{
"name": "[4.0] 20070423 012: SECURITY FIX: April 23, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://openbsd.org/errata40.html#012_route6"
},
{
"name": "25288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25288"
},
{
"name": "ADV-2007-1563",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1563"
},
{
"name": "25083",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25083"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "ADV-2007-2270",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2270"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name": "25068",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25068"
},
{
"name": "SUSE-SA:2008:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html"
},
{
"name": "VU#267289",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/267289"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "USN-508-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-508-1"
},
{
"name": "ADV-2007-3050",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3050"
},
{
"name": "25691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25691"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1310"
},
{
"name": "25033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25033"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305712"
},
{
"name": "openbsd-ipv6-type0-dos(33851)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33851"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26133"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-07:03.ipv6",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc"
},
{
"name": "24978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24978"
},
{
"name": "26703",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26703"
},
{
"name": "RHSA-2007:0347",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"
},
{
"name": "25770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25770"
},
{
"name": "26664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "20070508 FLEA-2007-0016-1: kernel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467939/30/6690/threaded"
},
{
"name": "28806",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28806"
},
{
"name": "23615",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23615"
},
{
"name": "oval:org.mitre.oval:def:9574",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=306375"
},
{
"name": "26651",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26651"
},
{
"name": "[3.9] 20070423 022: SECURITY FIX: April 23, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://openbsd.org/errata39.html#022_route6"
},
{
"name": "MDKSA-2007:171",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "MDKSA-2007:216",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf"
},
{
"name": "1017949",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017949"
},
{
"name": "[4.0] 20070423 012: SECURITY FIX: April 23, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://openbsd.org/errata40.html#012_route6"
},
{
"name": "25288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25288"
},
{
"name": "ADV-2007-1563",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1563"
},
{
"name": "25083",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25083"
},
{
"name": "26620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26620"
},
{
"name": "ADV-2007-2270",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2270"
},
{
"name": "MDKSA-2007:196",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name": "25068",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25068"
},
{
"name": "SUSE-SA:2008:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html"
},
{
"name": "VU#267289",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/267289"
},
{
"name": "USN-486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "USN-508-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-508-1"
},
{
"name": "ADV-2007-3050",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3050"
},
{
"name": "25691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25691"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1310"
},
{
"name": "25033",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25033"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305712"
},
{
"name": "openbsd-ipv6-type0-dos(33851)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33851"
},
{
"name": "26133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26133"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-07:03.ipv6",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc"
},
{
"name": "24978",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24978"
},
{
"name": "26703",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26703"
},
{
"name": "RHSA-2007:0347",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"
},
{
"name": "25770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25770"
},
{
"name": "26664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26664"
},
{
"name": "SUSE-SA:2007:051",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
},
{
"name": "20070508 FLEA-2007-0016-1: kernel",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467939/30/6690/threaded"
},
{
"name": "28806",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28806"
},
{
"name": "23615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23615"
},
{
"name": "oval:org.mitre.oval:def:9574",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=306375",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306375"
},
{
"name": "26651",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26651"
},
{
"name": "[3.9] 20070423 022: SECURITY FIX: April 23, 2007",
"refsource": "OPENBSD",
"url": "http://openbsd.org/errata39.html#022_route6"
},
{
"name": "MDKSA-2007:171",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"
},
{
"name": "MDKSA-2007:216",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
},
{
"name": "http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf",
"refsource": "MISC",
"url": "http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf"
},
{
"name": "1017949",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017949"
},
{
"name": "[4.0] 20070423 012: SECURITY FIX: April 23, 2007",
"refsource": "OPENBSD",
"url": "http://openbsd.org/errata40.html#012_route6"
},
{
"name": "25288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25288"
},
{
"name": "ADV-2007-1563",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1563"
},
{
"name": "25083",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25083"
},
{
"name": "26620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26620"
},
{
"name": "ADV-2007-2270",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2270"
},
{
"name": "MDKSA-2007:196",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
},
{
"name": "20070615 rPSA-2007-0124-1 kernel xen",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471457"
},
{
"name": "25068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25068"
},
{
"name": "SUSE-SA:2008:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html"
},
{
"name": "VU#267289",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/267289"
},
{
"name": "USN-486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-486-1"
},
{
"name": "USN-508-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-508-1"
},
{
"name": "ADV-2007-3050",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3050"
},
{
"name": "25691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25691"
},
{
"name": "https://issues.rpath.com/browse/RPL-1310",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1310"
},
{
"name": "25033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25033"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305712",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305712"
},
{
"name": "openbsd-ipv6-type0-dos(33851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33851"
},
{
"name": "26133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26133"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2242",
"datePublished": "2007-04-25T16:00:00",
"dateReserved": "2007-04-25T00:00:00",
"dateUpdated": "2024-08-07T13:33:27.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0001 (GCVE-0-2003-0001)
Vulnerability from cvelistv5
Published
2003-01-08 05:00
Modified
2024-08-08 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030117 Re: More information regarding Etherleak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"
},
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "9962",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9962"
},
{
"name": "RHSA-2003:088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "20030110 More information regarding Etherleak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104222046632243\u0026w=2"
},
{
"name": "VU#412115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/412115"
},
{
"name": "20030106 Etherleak: Ethernet frame padding information leakage (A010603-1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"
},
{
"name": "oval:org.mitre.oval:def:2665",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"
},
{
"name": "20030110 More information regarding Etherleak",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"
},
{
"name": "RHSA-2003:025",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"
},
{
"name": "7996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7996"
},
{
"name": "A010603-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE",
"x_transferred"
],
"url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"
},
{
"name": "1040185",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040185"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030117 Re: More information regarding Etherleak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"
},
{
"name": "1031583",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "9962",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9962"
},
{
"name": "RHSA-2003:088",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "20030110 More information regarding Etherleak",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104222046632243\u0026w=2"
},
{
"name": "VU#412115",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/412115"
},
{
"name": "20030106 Etherleak: Ethernet frame padding information leakage (A010603-1)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"
},
{
"name": "oval:org.mitre.oval:def:2665",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"
},
{
"name": "20030110 More information regarding Etherleak",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"
},
{
"name": "RHSA-2003:025",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"
},
{
"name": "7996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7996"
},
{
"name": "A010603-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE"
],
"url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"
},
{
"name": "1040185",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040185"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030117 Re: More information regarding Etherleak",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/307564/30/26270/threaded"
},
{
"name": "1031583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031583"
},
{
"name": "9962",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9962"
},
{
"name": "RHSA-2003:088",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-088.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "20030110 More information regarding Etherleak",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104222046632243\u0026w=2"
},
{
"name": "VU#412115",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/412115"
},
{
"name": "20030106 Etherleak: Ethernet frame padding information leakage (A010603-1)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/305335/30/26420/threaded"
},
{
"name": "oval:org.mitre.oval:def:2665",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665"
},
{
"name": "20030110 More information regarding Etherleak",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html"
},
{
"name": "RHSA-2003:025",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-025.html"
},
{
"name": "7996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7996"
},
{
"name": "A010603-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2003/a010603-1.txt"
},
{
"name": "1040185",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040185"
},
{
"name": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf",
"refsource": "MISC",
"url": "http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0001",
"datePublished": "2003-01-08T05:00:00",
"dateReserved": "2003-01-02T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0434 (GCVE-0-1999-0434)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:45.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "359",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/359"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-04-20T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "359",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/359"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/359"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0434",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:45.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5384 (GCVE-0-2014-5384)
Vulnerability from cvelistv5
Published
2014-08-21 22:00
Modified
2024-08-06 11:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-14:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"name": "1030458",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030458"
},
{
"name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-08-21T21:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-14:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"name": "1030458",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030458"
},
{
"name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-14:15",
"refsource": "FREEBSD",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14:15.iconv.asc"
},
{
"name": "1030458",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030458"
},
{
"name": "[source-changes] 20140624 CVS commit: src/lib/libc/citrus",
"refsource": "MLIST",
"url": "http://mail-index.netbsd.org/source-changes/2014/06/24/msg055822.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5384",
"datePublished": "2014-08-21T22:00:00",
"dateReserved": "2014-08-21T00:00:00",
"dateUpdated": "2024-08-06T11:41:49.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1476 (GCVE-0-2002-1476)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "NetBSD-SA2002-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc"
},
{
"name": "7565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7565"
},
{
"name": "5724",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5724"
},
{
"name": "netbsd-libc-setlocale-bo(10159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10159.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "NetBSD-SA2002-012",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc"
},
{
"name": "7565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7565"
},
{
"name": "5724",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5724"
},
{
"name": "netbsd-libc-setlocale-bo(10159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10159.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "NetBSD-SA2002-012",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-012.txt.asc"
},
{
"name": "7565",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7565"
},
{
"name": "5724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5724"
},
{
"name": "netbsd-libc-setlocale-bo(10159)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10159.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1476",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0418 (GCVE-0-2011-0418)
Vulnerability from cvelistv5
Published
2011-05-24 23:00
Modified
2024-08-06 21:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c#rev1.28"
},
{
"name": "ADV-2011-1273",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/1273"
},
{
"name": "MDVSA-2011:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:094"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=1.27\u0026r2=1.28\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704283"
},
{
"name": "47671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47671"
},
{
"name": "20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/97"
},
{
"name": "8228",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-22T09:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c#rev1.28"
},
{
"name": "ADV-2011-1273",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/1273"
},
{
"name": "MDVSA-2011:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:094"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=1.27\u0026r2=1.28\u0026f=h"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704283"
},
{
"name": "47671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47671"
},
{
"name": "20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/97"
},
{
"name": "8228",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-0418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c#rev1.28",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c#rev1.28"
},
{
"name": "ADV-2011-1273",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1273"
},
{
"name": "MDVSA-2011:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:094"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=1.27\u0026r2=1.28\u0026f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=1.27\u0026r2=1.28\u0026f=h"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=704283",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=704283"
},
{
"name": "47671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47671"
},
{
"name": "20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/97"
},
{
"name": "8228",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8228"
},
{
"name": "http://www.pureftpd.org/project/pure-ftpd/news",
"refsource": "CONFIRM",
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-0418",
"datePublished": "2011-05-24T23:00:00",
"dateReserved": "2011-01-11T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1091 (GCVE-0-2001-1091)
Vulnerability from cvelistv5
Published
2002-03-15 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:07.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bsd-dump-tty-privileges(7037)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7037"
},
{
"name": "NetBSD-SA2001-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-014.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "bsd-dump-tty-privileges(7037)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7037"
},
{
"name": "NetBSD-SA2001-014",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-014.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bsd-dump-tty-privileges(7037)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7037"
},
{
"name": "NetBSD-SA2001-014",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-014.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1091",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:07.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0145 (GCVE-0-2006-0145)
Vulnerability from cvelistv5
Published
2006-01-09 23:00
Modified
2024-08-07 16:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18712"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html"
},
{
"name": "405",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/405"
},
{
"name": "16173",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16173"
},
{
"name": "18388",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18388"
},
{
"name": "22293",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22293"
},
{
"name": "NetBSD-SA2006-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc"
},
{
"name": "netbsd-kernfs-memory-disclosure(24035)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24035"
},
{
"name": "20060202 [SLAB] NetBSD / OpenBSD kernfs_xread patch evasion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423827/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18712"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html"
},
{
"name": "405",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/405"
},
{
"name": "16173",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16173"
},
{
"name": "18388",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18388"
},
{
"name": "22293",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22293"
},
{
"name": "NetBSD-SA2006-001",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc"
},
{
"name": "netbsd-kernfs-memory-disclosure(24035)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24035"
},
{
"name": "20060202 [SLAB] NetBSD / OpenBSD kernfs_xread patch evasion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423827/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18712"
},
{
"name": "http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html",
"refsource": "MISC",
"url": "http://www.securitylab.net/research/2006/02/advisory_netbsd_openbsd_kernfs.html"
},
{
"name": "405",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/405"
},
{
"name": "16173",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16173"
},
{
"name": "18388",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18388"
},
{
"name": "22293",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22293"
},
{
"name": "NetBSD-SA2006-001",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-001.txt.asc"
},
{
"name": "netbsd-kernfs-memory-disclosure(24035)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24035"
},
{
"name": "20060202 [SLAB] NetBSD / OpenBSD kernfs_xread patch evasion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423827/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0145",
"datePublished": "2006-01-09T23:00:00",
"dateReserved": "2006-01-09T00:00:00",
"dateUpdated": "2024-08-07T16:25:33.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1374 (GCVE-0-2004-1374)
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:36:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gleg.net/advisory_netbsd2.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gleg.net/advisory_netbsd2.shtml",
"refsource": "MISC",
"url": "http://gleg.net/advisory_netbsd2.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1374",
"datePublished": "2005-01-19T05:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}