Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistFreebsdCVELIST:CVE-2023-5978
HistoryNov 08, 2023 - 8:52 a.m.

CVE-2023-5978 Incorrect libcap_net limitation list manipulation

2023-11-0808:52:46
CWE-269
freebsd
www.cve.org
1
cve-2023-5978
freebsd 13-release
libcasper manipulation
domain names restrictions

0.0005 Low

EPSS

Percentile

17.8%

JSON

In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints. Β When only a listΒ of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed. Β This could permit the application to resolve domain names that were previously restricted.

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "modules": [
      "libcap_net"
    ],
    "product": "FreeBSD",
    "vendor": "FreeBSD",
    "versions": [
      {
        "lessThan": "p5",
        "status": "affected",
        "version": "13.2-RELEASE",
        "versionType": "release"
      }
    ]
  }
]

Related

freebsd 1
freebsd_advisory 1
cve 1
prion 1
nvd 1
nessus 1
freebsd
freebsd
FreeBSD -- Incorrect libcap_net limitation list manipulation
2023-11-08 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:16.cap_net
2023-11-08 00:00:00
cve
cve
CVE-2023-5978
2023-11-08 09:15:07
prion
prion
Design/Logic Flaw
2023-11-08 09:15:00
nvd
nvd
CVE-2023-5978
2023-11-08 09:15:07
nessus
nessus
FreeBSD : FreeBSD -- Incorrect libcap_net limitation list manipulation (f4464e49-7e04-11ee-8e38-002590c1f29c)
2023-11-08 00:00:00

0.0005 Low

EPSS

Percentile

17.8%

JSON
Related for CVELIST:CVE-2023-5978
freebsd1freebsd_advisory1cve1prion1nvd1nessus1