TCP Connections to a Broadcast Address on BSD-Based Systems

BSD-based TCP/IP code has a bug with respect to creating TCP connections to a broadcast address. This bug can potentially be a security vulnerability when firewall administrators assume that the TCP implementation works correctly and do not block broadcast addresses. If good security practices ha...

Broadcast IP TCP connection in BSD systems

TCP SYN packets to broadcast address are accepted...

CVE-2001-0554

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT Are You There, which is not properly handled by the telrcv function...

CVE-2001-0670

Buffer overflow in BSD line printer daemon in.lpd or lpd in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue...

CVE-1999-1102

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times...

CVE-1999-1214

The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID...

CVE-1999-1402

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket...

CVE-1999-1098

Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing...

CVE-2001-0554

CVE-2001-0554 affects netkit-telnetd (Telnet daemon) on BSD-based systems, via a buffer overflow in in.telnetd/telrcv handling (triggered by certain Telnet options such as AYT). OpenVAS entries describe a remote attacker potentially causing denial of service or gaining remote code execution; at l...

CVE-1999-1098

The CVE-1999-1098 entry describes a vulnerability in the BSD Telnet client that uses encryption and Kerberos 4 authentication, enabling remote attackers to decrypt the session by sniffing traffic. Reported impact is partial confidentiality loss with a CVSS v2 base score of 5.0 (Network vector, Lo...

CVE-1999-1214

The CVE-1999-1214 issue affects the 4.4 BSD kernel’s asynchronous I/O facility. It does not validate credentials when setting the recipient of I/O notification, allowing a local user to trigger a signal to an arbitrary process ID via specific ioctl/fcntl calls, causing a denial of service. The do...

CVE-1999-1102

The CVE-1999-1102 entry concerns lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1 and other BSD-based systems. The vulnerability arises from a symlink-related attack in lpr that enables local users to create or overwrite arbitrary files after the program is invoked 1000 times. Root cause is a symlink hand...

CVE-2001-0670

CVE-2001-0670 is a remote buffer overflow in the BSD line printer daemon (in.lpd/lpd) that can allow an attacker to execute arbitrary code with elevated privileges. The vulnerability is triggered by a crafted, incomplete print job followed by a request to display the printer queue, and the attack...

Проблемы с KAME IPSec в *BSD (protection bypass)

Не проверяется политика для передаваемых пакетов в режиме туннелирования...

xtell 1.91.1/2.6.1 - Multiple Remote Buffer Overflow Vulnerabilities

// source: https://www.securityfocus.com/bid/4193/info xtell is a simple network messaging program. It may be used to transmit terminal messages between users and machines. xtell is available for Linux, BSD and most other Unix based operating systems. Multiple buffer overflow vulnerabilities have...

CVE-2001-1541

Buffer overflow in Unix-to-Unix Copy Protocol UUCP in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument...

SuSE Security Announcement: lprold

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: lprold Announcement-ID: SuSE-SA:2001:033 Date: Wed Oct 10 11:03:12 GMT 2001 Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1, 7.2 Vulnerability Type: bufferoverflow/local privilege escalation Severity 1-10: 6 SuSE default...

CVE-2001-0670

Buffer overflow in BSD line printer daemon in.lpd or lpd in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue...

CVE-1999-1471

Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field...

CVE-1999-1518

Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits e.g., as specified with rlimits using mmap or shmget to allocate memory and cause page faults...