Filtered by vendor Freebsd
Subscribe
Total
528 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0002 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 10.0 HIGH | N/A |
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function. | |||||
CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2024-02-04 | 6.4 MEDIUM | N/A |
Listening TCP ports are sequentially allocated, allowing spoofing attacks. | |||||
CVE-1999-0855 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in FreeBSD gdc program. | |||||
CVE-2000-0535 | 2 Freebsd, Openssl | 2 Freebsd, Openssl | 2024-02-04 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken. | |||||
CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2024-02-04 | 6.9 MEDIUM | N/A |
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | |||||
CVE-2001-0796 | 2 Freebsd, Sgi | 2 Freebsd, Irix | 2024-02-04 | 5.0 MEDIUM | N/A |
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. | |||||
CVE-1999-1564 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes. | |||||
CVE-2002-1674 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 1.2 LOW | N/A |
procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to. | |||||
CVE-1999-1314 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_union commands. | |||||
CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | |||||
CVE-1999-1298 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.5 HIGH | N/A |
Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources. | |||||
CVE-2000-0388 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable. | |||||
CVE-2000-1011 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. | |||||
CVE-2004-0370 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic. | |||||
CVE-2001-0093 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | |||||
CVE-2000-0729 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header. | |||||
CVE-2004-1471 | 6 Cvs, Freebsd, Gentoo and 3 more | 6 Cvs, Freebsd, Linux and 3 more | 2024-02-04 | 7.1 HIGH | N/A |
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | |||||
CVE-2003-1289 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-02-04 | 2.1 LOW | N/A |
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. | |||||
CVE-1999-1402 | 2 Freebsd, Sun | 3 Freebsd, Solaris, Sunos | 2024-02-04 | 2.1 LOW | N/A |
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | |||||
CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. |