Freebsd

Freebsd

503 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2006-0883

  • EPSS 1.97%
  • Published 07.03.2006 02:02:00
  • Last modified 03.04.2025 01:03:51

OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting mu...

7.8

CVE-2006-0900

  • EPSS 79.33%
  • Published 27.02.2006 19:06:00
  • Last modified 03.04.2025 01:03:51

nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite.

5

CVE-2006-0433

  • EPSS 1.36%
  • Published 02.02.2006 11:02:00
  • Last modified 03.04.2025 01:03:51

Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop).

2.1

CVE-2006-0379

  • EPSS 0.07%
  • Published 25.01.2006 22:03:00
  • Last modified 03.04.2025 01:03:51

FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory.

2.1

CVE-2006-0380

  • EPSS 0.08%
  • Published 25.01.2006 22:03:00
  • Last modified 03.04.2025 01:03:51

A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory.

5

CVE-2006-0381

  • EPSS 5.15%
  • Published 25.01.2006 22:03:00
  • Last modified 03.04.2025 01:03:51

A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via craft...

10

CVE-2006-0226

  • EPSS 17.28%
  • Published 19.01.2006 01:03:00
  • Last modified 03.04.2025 01:03:51

Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frame...

5

CVE-2006-0054

  • EPSS 3.09%
  • Published 11.01.2006 21:03:00
  • Last modified 03.04.2025 01:03:51

The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer.

2.1

CVE-2006-0055

  • EPSS 0.07%
  • Published 11.01.2006 21:03:00
  • Last modified 03.04.2025 01:03:51

The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.

4.3

CVE-2005-4351

Exploit
  • EPSS 0.13%
  • Published 31.12.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while th...