| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| time server daemon timed allows remote attackers to cause a denial of service via malformed packets. |
| nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite. |
| OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. |
| Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. |
| A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs. |
| A buffer overflow in lsof allows local users to obtain root privilege. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). |
| A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. |
| A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory. |
| FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory. |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. |
| Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources. |
| Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames. |
| The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell. |
| Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges. |
| The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer. |
| The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. |
| Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. |
