Filtered by vendor Freebsd Subscriptions
Filtered by product Freebsd Subscriptions
Total 513 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-5691 1 Freebsd 1 Freebsd 2013-10-24 N/A
The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in FreeBSD 8.3 through 9.2-STABLE do not validate SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR, and SIOCSIFNETMASK requests, which allows local users to perform link-layer actions, cause a denial of service (panic), or possibly gain privileges via a crafted application.
CVE-2013-5710 1 Freebsd 1 Freebsd 2013-10-24 N/A
The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance.
CVE-2010-2020 1 Freebsd 1 Freebsd 2012-11-06 N/A
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
CVE-2008-4247 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2012-10-23 N/A
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
CVE-2011-4062 1 Freebsd 1 Freebsd 2011-12-13 N/A
Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX socket.
CVE-2006-5679 1 Freebsd 1 Freebsd 2011-10-11 N/A
Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.
CVE-2010-4754 4 Apple, Freebsd, Netbsd and 1 more 4 Mac Os X, Freebsd, Netbsd and 1 more 2011-09-21 N/A
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-0318 1 Freebsd 1 Freebsd 2011-08-08 N/A
The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, which might allow local users to read or modify unauthorized files in opportunistic circumstances after a system crash or power failure.
CVE-2010-1938 2 Freebsd, Nrl 2 Freebsd, Opie 2011-07-29 N/A
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.
CVE-2007-0267 2 Apple, Freebsd 2 Mac Os X, Freebsd 2011-06-10 N/A
The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrupted directory entry (struct direct), related to the ufs_dirbad function. NOTE: a third party states that the FreeBSD issue does not cross privilege boundaries.
CVE-2005-1406 1 Freebsd 1 Freebsd 2011-03-08 N/A
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory.
CVE-2000-0235 1 Freebsd 1 Freebsd 2011-03-08 N/A
Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges.
CVE-2000-0092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2011-03-08 N/A
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVE-1999-0001 3 Bsdi, Freebsd, Openbsd 3 Bsd Os, Freebsd, Openbsd 2010-12-16 N/A
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
CVE-1999-0057 5 Eric Allman, Freebsd, Hp and 2 more 7 Vacation, Freebsd, Hp-ux and 4 more 2009-03-02 N/A
Vacation program allows command execution by remote users through a sendmail command.
CVE-2007-3722 1 Freebsd 1 Freebsd 2008-11-15 N/A
The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
CVE-2007-3721 1 Freebsd 1 Freebsd 2008-11-15 N/A
The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
CVE-2007-0166 1 Freebsd 1 Freebsd 2008-11-15 N/A
The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/console.log during a jail start-up, or when file systems are mounted or unmounted, which allows local root users to overwrite arbitrary files, or mount/unmount files, outside of the jail via a symlink attack.
CVE-2004-0002 1 Freebsd 1 Freebsd 2008-09-10 N/A
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function.
CVE-2003-0804 3 Apple, Freebsd, Openbsd 4 Mac Os X, Mac Os X Server, Freebsd and 1 more 2008-09-10 N/A
The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.