Freebsd ≫ Freebsd

The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are...

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

The open() function in FreeBSD allows local attackers to write to arbitrary files.

File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).

The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sen...

Listening TCP ports are sequentially allocated, allowing spoofing attacks.

The rwho/rwhod service is running, which exposes machine status and user information.

Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the p...