Filtered by vendor Freebsd
Subscribe
Search
Total
525 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0610 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. | |||||
| CVE-2003-1474 | 1 Freebsd | 1 Slashem-tty | 2008-09-05 | 7.2 HIGH | N/A |
| slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris. | |||||
| CVE-2002-1915 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2008-09-05 | 2.1 LOW | N/A |
| tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | |||||
| CVE-2002-0755 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. | |||||
| CVE-2002-0518 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. | |||||
| CVE-2002-0754 | 2 Freebsd, Kth | 3 Freebsd, Heimdal, Heimdal | 2008-09-05 | 7.2 HIGH | N/A |
| Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. | |||||
| CVE-2002-0574 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. | |||||
| CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | |||||
| CVE-2002-0795 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 2.1 LOW | N/A |
| The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. | |||||
| CVE-2002-0062 | 4 Debian, Freebsd, Redhat and 1 more | 4 Debian Linux, Freebsd, Linux and 1 more | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | |||||
| CVE-2002-0381 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | |||||
| CVE-2002-0414 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2008-09-05 | 7.5 HIGH | N/A |
| KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | |||||
| CVE-2001-1185 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 6.2 MEDIUM | N/A |
| Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges. | |||||
| CVE-2001-1166 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. | |||||
| CVE-2001-1155 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.5 HIGH | N/A |
| TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing. | |||||
| CVE-2001-0093 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | |||||
| CVE-2000-0916 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.5 HIGH | N/A |
| FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections. | |||||
| CVE-2000-0998 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function. | |||||
| CVE-2000-1012 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||||
| CVE-2000-1013 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||||
| CVE-2000-0752 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments. | |||||
| CVE-1999-1301 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.5 HIGH | N/A |
| A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs. | |||||
| CVE-1999-1564 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 2.1 LOW | N/A |
| FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes. | |||||
| CVE-1999-0053 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| TCP RST denial of service in FreeBSD. | |||||
| CVE-1999-0299 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 9.3 HIGH | N/A |
| Buffer overflow in FreeBSD lpd through long DNS hostnames. | |||||