Total
537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0323 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2008-09-09 | 10.0 HIGH | N/A |
| FreeBSD mmap function allows users to modify append-only or immutable files. | |||||
| CVE-1999-0322 | 1 Freebsd | 1 Freebsd | 2008-09-09 | 2.1 LOW | N/A |
| The open() function in FreeBSD allows local attackers to write to arbitrary files. | |||||
| CVE-1999-0032 | 5 Bsdi, Freebsd, Next and 2 more | 5 Bsd Os, Freebsd, Nextstep and 2 more | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. | |||||
| CVE-1999-0096 | 3 Bsdi, Freebsd, Sco | 4 Bsd Os, Freebsd, Internet Faststart and 1 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Sendmail decode alias can be used to overwrite sensitive files. | |||||
| CVE-1999-0131 | 8 Bsdi, Digital, Eric Allman and 5 more | 9 Bsd Os, Osf 1, Sendmail and 6 more | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||||
| CVE-1999-0130 | 7 Bsdi, Caldera, Eric Allman and 4 more | 7 Bsd Os, Network Desktop, Sendmail and 4 more | 2008-09-09 | 7.2 HIGH | N/A |
| Local users can start Sendmail in daemon mode and gain root privileges. | |||||
| CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2008-09-09 | 7.5 HIGH | N/A |
| Vacation program allows command execution by remote users through a sendmail command. | |||||
| CVE-2008-0777 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 4.9 MEDIUM | N/A |
| The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files. | |||||
| CVE-2007-4304 | 2 Cerb, Freebsd | 2 Cerbng, Freebsd | 2008-09-05 | 6.2 MEDIUM | N/A |
| CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages". | |||||
| CVE-2007-4303 | 2 Cerb, Freebsd | 2 Cerbng, Freebsd | 2008-09-05 | 6.2 MEDIUM | N/A |
| Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb. | |||||
| CVE-2006-5483 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 2.1 LOW | N/A |
| p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root. | |||||
| CVE-2006-5482 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 2.1 LOW | N/A |
| ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX. | |||||
| CVE-2006-5550 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2008-09-05 | 4.9 MEDIUM | N/A |
| The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | |||||
| CVE-2005-2019 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions. | |||||
| CVE-2005-2068 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session. | |||||
| CVE-2005-1399 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 4.6 MEDIUM | N/A |
| FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver. | |||||
| CVE-2005-1400 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 4.6 MEDIUM | N/A |
| The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values. | |||||
| CVE-2005-0610 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. | |||||
| CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | |||||
| CVE-2002-0518 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. | |||||