Filtered by vendor Freebsd
Subscribe
Total
541 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0820 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. | |||||
CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 5.0 MEDIUM | N/A |
The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | |||||
CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. | |||||
CVE-2001-1155 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing. | |||||
CVE-1999-0912 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 2.1 LOW | N/A |
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files. | |||||
CVE-1999-1339 | 2 Freebsd, Linux | 2 Freebsd, Linux Kernel | 2024-02-28 | 5.0 MEDIUM | N/A |
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. | |||||
CVE-1999-0964 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable. | |||||
CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | |||||
CVE-1999-0129 | 7 Bsdi, Eric Allman, Freebsd and 4 more | 9 Bsd Os, Sendmail, Freebsd and 6 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||||
CVE-2000-0235 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges. | |||||
CVE-2000-0440 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option. | |||||
CVE-2001-1029 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2024-02-28 | 2.1 LOW | N/A |
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. | |||||
CVE-2001-1017 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords. | |||||
CVE-2000-0375 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 2.1 LOW | N/A |
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files. | |||||
CVE-2004-0435 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 3.6 LOW | N/A |
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | |||||
CVE-1999-0796 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 7.5 HIGH | N/A |
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. | |||||
CVE-2002-1221 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | |||||
CVE-1999-0823 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument. | |||||
CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | |||||
CVE-2002-0831 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 2.1 LOW | N/A |
The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end. |