Search Results (602 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1402 2 Freebsd, Sun 3 Freebsd, Solaris, Sunos 2026-04-16 N/A
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
CVE-1999-1518 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2026-04-16 N/A
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
CVE-1999-0963 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
CVE-2002-1667 1 Freebsd 1 Freebsd 2026-04-16 N/A
The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory map created with MAP_ANON and MAP_NOSYNC flags.
CVE-2000-0532 1 Freebsd 1 Freebsd 2026-04-16 N/A
A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered.
CVE-2000-0594 3 Caldera, Freebsd, Mandrakesoft 6 Openlinux Desktop, Openlinux Ebuilder, Openlinux Edesktop and 3 more 2026-04-16 N/A
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
CVE-2000-0595 1 Freebsd 1 Freebsd 2026-04-16 N/A
libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory.
CVE-2000-0729 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
CVE-2002-0381 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 N/A
The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
CVE-2005-2019 1 Freebsd 1 Freebsd 2026-04-16 N/A
ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions.
CVE-2002-0973 1 Freebsd 1 Freebsd 2026-04-16 N/A
Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl.
CVE-2000-0916 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections.
CVE-2000-0963 4 Freebsd, Gnu, Immunix and 1 more 4 Freebsd, Ncurses, Immunix and 1 more 2026-04-16 N/A
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
CVE-2002-0830 1 Freebsd 1 Freebsd 2026-04-16 N/A
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop.
CVE-2000-1066 1 Freebsd 1 Freebsd 2026-04-16 N/A
The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname.
CVE-2003-1474 1 Freebsd 1 Slashem-tty 2026-04-16 N/A
slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris.
CVE-2001-0063 1 Freebsd 1 Freebsd 2026-04-16 N/A
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges.
CVE-2001-0196 1 Freebsd 1 Freebsd 2026-04-16 N/A
inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.
CVE-2003-1230 1 Freebsd 1 Freebsd 2026-04-16 N/A
The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2026-04-16 N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.