Filtered by vendor Freebsd
Subscribe
Total
514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0915 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 5.0 MEDIUM | N/A |
| fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. | |||||
| CVE-2000-0729 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 2.1 LOW | N/A |
| FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header. | |||||
| CVE-2001-1029 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2017-10-09 | 2.1 LOW | N/A |
| libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. | |||||
| CVE-2001-0796 | 2 Freebsd, Sgi | 2 Freebsd, Irix | 2017-10-09 | 5.0 MEDIUM | N/A |
| SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. | |||||
| CVE-2001-0710 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2017-10-09 | 5.0 MEDIUM | N/A |
| NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | |||||
| CVE-2001-0670 | 4 Bsd, Freebsd, Netbsd and 1 more | 4 Bsd, Freebsd, Netbsd and 1 more | 2017-10-09 | 7.5 HIGH | N/A |
| Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | |||||
| CVE-2001-0469 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 5.0 MEDIUM | N/A |
| rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length. | |||||
| CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 6 Linux, Freebsd, Licq and 3 more | 2017-10-09 | 7.5 HIGH | N/A |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
| CVE-2001-0402 | 3 Darren Reed, Freebsd, Openbsd | 3 Ipfilter, Freebsd, Openbsd | 2017-10-09 | 7.5 HIGH | N/A |
| IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | |||||
| CVE-2000-0489 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2017-10-09 | 2.1 LOW | N/A |
| FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. | |||||
| CVE-2000-0532 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 7.5 HIGH | N/A |
| A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered. | |||||
| CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2017-10-09 | 10.0 HIGH | N/A |
| time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||
| CVE-2001-0371 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 6.2 MEDIUM | N/A |
| Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. | |||||
| CVE-2001-0310 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 2.1 LOW | N/A |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. | |||||
| CVE-2001-0221 | 1 Freebsd | 1 Ja-xklock | 2017-10-09 | 7.2 HIGH | N/A |
| Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. | |||||
| CVE-2001-0196 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 5.0 MEDIUM | N/A |
| inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group. | |||||
| CVE-2010-4210 | 1 Freebsd | 1 Freebsd | 2017-10-04 | 7.2 HIGH | N/A |
| The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs. | |||||
| CVE-2009-1041 | 1 Freebsd | 1 Freebsd | 2017-09-28 | 7.2 HIGH | N/A |
| The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value. | |||||
| CVE-2009-0641 | 1 Freebsd | 1 Freebsd | 2017-09-28 | 9.3 HIGH | N/A |
| sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library. | |||||
| CVE-2008-2476 | 6 Force10, Freebsd, Juniper and 3 more | 6 Ftos, Freebsd, Jnos and 3 more | 2017-09-28 | 9.3 HIGH | N/A |
| The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). | |||||