Freebsd

Freebsd

503 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2003-0001

  • EPSS 3.45%
  • Published 17.01.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

2.1

CVE-2002-1667

  • EPSS 0.06%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed mem...

2.1

CVE-2002-1669

  • EPSS 0.05%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with world-searchable permissions, which may allow local users to modify world-writable parts of the package during installation.

1.2

CVE-2002-1674

  • EPSS 0.06%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.

5.5

CVE-2002-1915

  • EPSS 0.23%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.

3.7

CVE-2002-2092

  • EPSS 0.07%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.

7.5

CVE-2002-1219

  • EPSS 7.09%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

5

CVE-2002-1220

  • EPSS 19.18%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.

5

CVE-2002-1221

  • EPSS 3.66%
  • Published 29.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.

5

CVE-2002-0666

  • EPSS 0.74%
  • Published 04.11.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) ...