Freebsd

Freebsd

503 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2006-0883

  • EPSS 1.97%
  • Veröffentlicht 07.03.2006 02:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting mu...

7.8

CVE-2006-0900

  • EPSS 79.33%
  • Veröffentlicht 27.02.2006 19:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite.

5

CVE-2006-0433

  • EPSS 1.36%
  • Veröffentlicht 02.02.2006 11:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop).

2.1

CVE-2006-0379

  • EPSS 0.07%
  • Veröffentlicht 25.01.2006 22:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory.

2.1

CVE-2006-0380

  • EPSS 0.08%
  • Veröffentlicht 25.01.2006 22:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory.

5

CVE-2006-0381

  • EPSS 5.15%
  • Veröffentlicht 25.01.2006 22:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via craft...

10

CVE-2006-0226

  • EPSS 17.28%
  • Veröffentlicht 19.01.2006 01:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frame...

5

CVE-2006-0054

  • EPSS 3.09%
  • Veröffentlicht 11.01.2006 21:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer.

2.1

CVE-2006-0055

  • EPSS 0.07%
  • Veröffentlicht 11.01.2006 21:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.

4.3

CVE-2005-4351

Exploit
  • EPSS 0.13%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while th...