BSD
by BSD
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-4609 | 0.03 | — | 0.32 | Oct 20, 2008 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate… | |||
| CVE-2002-0824 | 0.03 | — | 0.01 | Aug 12, 2002 | BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | |||
| CVE-2000-1103 | 0.03 | — | 0.01 | Jan 9, 2001 | rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line. | |||
| CVE-1999-1394 | 0.03 | — | 0.01 | Jul 2, 1999 | BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device. | |||
| CVE-2001-0670 | 0.01 | — | 0.07 | Oct 3, 2001 | Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | |||
| CVE-2014-7250 | 0.00 | — | 0.05 | Dec 12, 2014 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | |||
| CVE-2000-1208 | 0.00 | — | 0.00 | Aug 12, 2002 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | |||
| CVE-1999-1102 | 0.00 | — | 0.00 | Dec 31, 1999 | lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | |||
| CVE-1999-1214 | 0.00 | — | 0.00 | Sep 15, 1997 | The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | |||
| CVE-1999-1098 | 0.00 | — | 0.01 | Mar 3, 1995 | Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing. | |||
| CVE-1999-1471 | 0.00 | — | 0.01 | Jan 1, 1989 | Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field. |
- CVE-2008-4609Oct 20, 2008risk 0.03cvss —epss 0.32
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate…
- CVE-2002-0824Aug 12, 2002risk 0.03cvss —epss 0.01
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.
- CVE-2000-1103Jan 9, 2001risk 0.03cvss —epss 0.01
rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.
- CVE-1999-1394Jul 2, 1999risk 0.03cvss —epss 0.01
BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.
- CVE-2001-0670Oct 3, 2001risk 0.01cvss —epss 0.07
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.
- CVE-2014-7250Dec 12, 2014risk 0.00cvss —epss 0.05
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
- CVE-2000-1208Aug 12, 2002risk 0.00cvss —epss 0.00
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
- CVE-1999-1102Dec 31, 1999risk 0.00cvss —epss 0.00
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
- CVE-1999-1214Sep 15, 1997risk 0.00cvss —epss 0.00
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
- CVE-1999-1098Mar 3, 1995risk 0.00cvss —epss 0.01
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
- CVE-1999-1471Jan 1, 1989risk 0.00cvss —epss 0.01
Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.