| CVE-2024-6387 |
|
High |
Jul 01, 2024 |
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals i
more...
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
less...
|
9.3, 9.2, 9.1, 8.2, 9.0, 8.1, 8.0, 7.1.2, 7.1.1, 7.1
|
| CVE-2006-5215 |
|
|
Oct 10, 2006 |
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, all
more...
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
less...
|
9.3, 9.2, 9.1, 8.2, 9.0, 8.1, 8.0, 7.1.2, 7.1.1, 7.1
|
| BDSA-2024-0359 |
|
Medium |
Feb 16, 2024 |
Implementations of DNSSEC, the Security Extensions of DNS, can be impacted by design features of the specification that could allow for the excessive c
more...
Implementations of DNSSEC, the Security Extensions of DNS, can be impacted by design features of the specification that could allow for the excessive consumption of CPU resources on a DNSSEC-validating resolver when using NSEC3.
Affected implementations can spend valuable CPU cycles on SHA1 hashing where an attacker is able to select or create a DNSSEC-signed zone with NSEC3 parameters that are configured in a way to be in excess of recommended best practices using extra iterations, and then launch a random subdomain attack against the zone.
Where an attacker is able to force a target to carry out this work, performance can be heavily impacted and result in availability issues for other clients.
less...
|
|
| BDSA-2024-0337 |
|
Medium |
Feb 15, 2024 |
Implementations of DNSSEC, the Security Extensions of DNS, can be impacted by design features of the specification that could allow for the excessive c
more...
Implementations of DNSSEC, the Security Extensions of DNS, can be impacted by design features of the specification that could allow for the excessive consumption of CPU resources on a DNSSEC-validating resolver.
The DNSSEC specification dictates that implementations evaluate all combinations of `DNSKEY` and `RRSIG` records in order to find matches. While this is standard, various implementations of the specification do not enforce any limit on the amount of work done to carry out this process. As a result of this, implementations can be susceptible to denial-of-service (DoS) problems if an attacker is able to craft a DNS zone with a large amount of `DNSKEY` and `RRSIG` records.
Where an attacker is able to force a target to carry out this work, performance can be heavily impacted and result in availability issues for other clients.
less...
|
|
| BDSA-2023-2660 |
|
Medium |
Oct 05, 2023 |
NetBSD is vulnerable to information disclosure. A local attacker could exploit this flaw before authentication via the `MLSD` or `MLST` commands in `ft
more...
NetBSD is vulnerable to information disclosure. A local attacker could exploit this flaw before authentication via the `MLSD` or `MLST` commands in `ftpd` in order to obtain sensitive information on the host filesystem.
less...
|
|
| BDSA-2023-0460 |
|
Medium |
Mar 06, 2023 |
NetBSD is vulnerable to a memory corruption issue due to the presence of a buffer overflow flaw in the `hfslib_reada_node_offsets()` function.
A victi
more...
NetBSD is vulnerable to a memory corruption issue due to the presence of a buffer overflow flaw in the `hfslib_reada_node_offsets()` function.
A victim user could be tricked into mounting a crafted image file in order to trigger the overflow which could potentially allow for the execution of arbitrary code, or cause system instability.
less...
|
|
