FreeBSD
by FreeBSD
Source repositories
CVEs (510)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0230 | 0.00 | — | 0.00 | Jun 2, 2001 | Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges. | |||
| CVE-2001-0196 | 0.00 | — | 0.02 | May 3, 2001 | inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group. | |||
| CVE-2001-0235 | 0.00 | — | 0.00 | Mar 26, 2001 | Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running. | |||
| CVE-2000-0375 | 0.00 | — | 0.00 | Mar 12, 2001 | The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files. | |||
| CVE-2001-0128 | 0.00 | — | 0.00 | Mar 12, 2001 | Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||
| CVE-2000-0890 | 0.00 | — | 0.00 | Feb 16, 2001 | periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-0061 | 0.00 | — | 0.00 | Feb 12, 2001 | procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains… | |||
| CVE-2001-0063 | 0.00 | — | 0.00 | Feb 12, 2001 | procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges. | |||
| CVE-2001-0094 | 0.00 | — | 0.00 | Feb 12, 2001 | Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges. | |||
| CVE-2001-0062 | 0.00 | — | 0.00 | Feb 12, 2001 | procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang. | |||
| CVE-2000-1184 | 0.00 | — | 0.02 | Jan 9, 2001 | telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file. | |||
| CVE-2000-1167 | 0.00 | — | 0.02 | Jan 9, 2001 | ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system. | |||
| CVE-2000-0915 | 0.00 | — | 0.02 | Dec 19, 2000 | fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. | |||
| CVE-2000-0963 | 0.00 | — | 0.01 | Dec 19, 2000 | Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | |||
| CVE-2000-1011 | 0.00 | — | 0.00 | Dec 11, 2000 | Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. | |||
| CVE-2000-1066 | 0.00 | — | 0.02 | Dec 11, 2000 | The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname. | |||
| CVE-2000-1013 | 0.00 | — | 0.00 | Dec 11, 2000 | The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||
| CVE-2000-1012 | 0.00 | — | 0.00 | Dec 11, 2000 | The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||
| CVE-2000-0852 | 0.00 | — | 0.00 | Nov 14, 2000 | Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges. | |||
| CVE-2000-0752 | 0.00 | — | 0.00 | Oct 20, 2000 | Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments. |
- CVE-2001-0230Jun 2, 2001risk 0.00cvss —epss 0.00
Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges.
- CVE-2001-0196May 3, 2001risk 0.00cvss —epss 0.02
inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.
- CVE-2001-0235Mar 26, 2001risk 0.00cvss —epss 0.00
Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running.
- CVE-2000-0375Mar 12, 2001risk 0.00cvss —epss 0.00
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
- CVE-2001-0128Mar 12, 2001risk 0.00cvss —epss 0.00
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
- CVE-2000-0890Feb 16, 2001risk 0.00cvss —epss 0.00
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-0061Feb 12, 2001risk 0.00cvss —epss 0.00
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains…
- CVE-2001-0063Feb 12, 2001risk 0.00cvss —epss 0.00
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges.
- CVE-2001-0094Feb 12, 2001risk 0.00cvss —epss 0.00
Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges.
- CVE-2001-0062Feb 12, 2001risk 0.00cvss —epss 0.00
procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang.
- CVE-2000-1184Jan 9, 2001risk 0.00cvss —epss 0.02
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file.
- CVE-2000-1167Jan 9, 2001risk 0.00cvss —epss 0.02
ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system.
- CVE-2000-0915Dec 19, 2000risk 0.00cvss —epss 0.02
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name.
- CVE-2000-0963Dec 19, 2000risk 0.00cvss —epss 0.01
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
- CVE-2000-1011Dec 11, 2000risk 0.00cvss —epss 0.00
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable.
- CVE-2000-1066Dec 11, 2000risk 0.00cvss —epss 0.02
The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname.
- CVE-2000-1013Dec 11, 2000risk 0.00cvss —epss 0.00
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
- CVE-2000-1012Dec 11, 2000risk 0.00cvss —epss 0.00
The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
- CVE-2000-0852Nov 14, 2000risk 0.00cvss —epss 0.00
Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges.
- CVE-2000-0752Oct 20, 2000risk 0.00cvss —epss 0.00
Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments.
Page 23 of 26