FreeBSD
by FreeBSD
Source repositories
CVEs (510)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-5550 | 0.03 | — | 0.01 | Oct 26, 2006 | The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | |||
| CVE-2006-5483 | 0.03 | — | 0.01 | Oct 24, 2006 | p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root. | |||
| CVE-2006-5482 | 0.03 | — | 0.01 | Oct 24, 2006 | ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX. | |||
| CVE-2006-4516 | 0.03 | — | 0.01 | Oct 12, 2006 | Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout… | |||
| CVE-2006-4178 | 0.03 | — | 0.01 | Sep 26, 2006 | Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large… | |||
| CVE-2004-0618 | 0.03 | — | 0.01 | Dec 6, 2004 | FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument. | |||
| CVE-2004-0114 | 0.03 | — | 0.01 | Mar 3, 2004 | The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local… | |||
| CVE-2003-0144 | 0.03 | — | 0.02 | Mar 31, 2003 | Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | |||
| CVE-2002-1125 | 0.03 | — | 0.01 | Sep 24, 2002 | FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory. | |||
| CVE-2002-0572 | 0.03 | — | 0.02 | Jul 3, 2002 | FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid… | |||
| CVE-2002-0004 | 0.03 | — | 0.01 | Feb 27, 2002 | Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||
| CVE-2001-1185 | 0.03 | — | 0.01 | Dec 10, 2001 | Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges. | |||
| CVE-2001-1029 | 0.03 | — | 0.01 | Sep 20, 2001 | libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome… | |||
| CVE-2001-0402 | 0.03 | — | 0.02 | Jun 18, 2001 | IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | |||
| CVE-2001-0093 | 0.03 | — | 0.01 | Feb 12, 2001 | Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | |||
| CVE-2000-0916 | 0.03 | — | 0.06 | Dec 19, 2000 | FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections. | |||
| CVE-2000-0993 | 0.03 | — | 0.02 | Dec 19, 2000 | Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | |||
| CVE-2000-0998 | 0.03 | — | 0.01 | Dec 11, 2000 | Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function. | |||
| CVE-2000-0584 | 0.03 | — | 0.06 | Jul 2, 2000 | Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||
| CVE-1999-1008 | 0.03 | — | 0.01 | May 17, 2000 | xsoldier program allows local users to gain root access via a long argument. |
- CVE-2006-5550Oct 26, 2006risk 0.03cvss —epss 0.01
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.
- CVE-2006-5483Oct 24, 2006risk 0.03cvss —epss 0.01
p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root.
- CVE-2006-5482Oct 24, 2006risk 0.03cvss —epss 0.01
ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.
- CVE-2006-4516Oct 12, 2006risk 0.03cvss —epss 0.01
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout…
- CVE-2006-4178Sep 26, 2006risk 0.03cvss —epss 0.01
Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large…
- CVE-2004-0618Dec 6, 2004risk 0.03cvss —epss 0.01
FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument.
- CVE-2004-0114Mar 3, 2004risk 0.03cvss —epss 0.01
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local…
- CVE-2003-0144Mar 31, 2003risk 0.03cvss —epss 0.02
Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.
- CVE-2002-1125Sep 24, 2002risk 0.03cvss —epss 0.01
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
- CVE-2002-0572Jul 3, 2002risk 0.03cvss —epss 0.02
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid…
- CVE-2002-0004Feb 27, 2002risk 0.03cvss —epss 0.01
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
- CVE-2001-1185Dec 10, 2001risk 0.03cvss —epss 0.01
Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.
- CVE-2001-1029Sep 20, 2001risk 0.03cvss —epss 0.01
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome…
- CVE-2001-0402Jun 18, 2001risk 0.03cvss —epss 0.02
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
- CVE-2001-0093Feb 12, 2001risk 0.03cvss —epss 0.01
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
- CVE-2000-0916Dec 19, 2000risk 0.03cvss —epss 0.06
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections.
- CVE-2000-0993Dec 19, 2000risk 0.03cvss —epss 0.02
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
- CVE-2000-0998Dec 11, 2000risk 0.03cvss —epss 0.01
Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function.
- CVE-2000-0584Jul 2, 2000risk 0.03cvss —epss 0.06
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
- CVE-1999-1008May 17, 2000risk 0.03cvss —epss 0.01
xsoldier program allows local users to gain root access via a long argument.
Page 8 of 26