Filtered by vendor Freebsd
Subscribe
Total
530 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0863 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI. | |||||
CVE-2004-0370 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 2.1 LOW | N/A |
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic. | |||||
CVE-1999-0821 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 4.6 MEDIUM | N/A |
FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument. | |||||
CVE-2004-0435 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 3.6 LOW | N/A |
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | |||||
CVE-2002-0666 | 6 Apple, Freebsd, Frees Wan and 3 more | 12 Mac Os X, Mac Os X Server, Freebsd and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. | |||||
CVE-2001-0063 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges. | |||||
CVE-2000-0752 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments. | |||||
CVE-2000-0729 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 2.1 LOW | N/A |
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header. | |||||
CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | |||||
CVE-2003-1289 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2023-12-10 | 2.1 LOW | N/A |
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. | |||||
CVE-2002-2199 | 1 Freebsd | 1 Advanced Intrusion Detection Environment | 2023-12-10 | 4.6 MEDIUM | N/A |
The default aide.conf file in Advanced Intrusion Detection Environment (AIDE) before 0.7_1 on FreeBSD before 2002-08-28 does not properly check subdirectories, which could allow local users to bypass detection. | |||||
CVE-2000-1013 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||||
CVE-2004-0002 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 10.0 HIGH | N/A |
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. | |||||
CVE-2003-1230 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 6.4 MEDIUM | N/A |
The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic. | |||||
CVE-2002-2092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 3.7 LOW | N/A |
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | |||||
CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 4.6 MEDIUM | N/A |
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | |||||
CVE-1999-0061 | 4 Bsdi, Freebsd, Linux and 1 more | 4 Bsd Os, Freebsd, Linux Kernel and 1 more | 2023-12-10 | 5.1 MEDIUM | N/A |
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). | |||||
CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | |||||
CVE-2002-2222 | 2 Freebsd, Openbsd | 2 Ports Collection, Openbsd | 2023-12-10 | 5.1 MEDIUM | N/A |
isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence. | |||||
CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2023-12-10 | 7.2 HIGH | N/A |
xsoldier program allows local users to gain root access via a long argument. |