National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 70 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2001-0670

Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.

Published: October 03, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0710

NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.

Published: September 20, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-1029

libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.

Published: September 20, 2001; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2001-0554

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Published: August 14, 2001; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2001-0388

time server daemon timed allows remote attackers to cause a denial of service via malformed packets.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2001-0469

rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-0371

Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 6.2 MEDIUM
CVE-2001-0402

IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-1999-0761

Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.

Published: September 16, 2000; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2000-0461

The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.

Published: May 29, 2000; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-1999-1518

Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.

Published: July 15, 1999; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-1999-0405

A buffer overflow in lsof allows local users to obtain root privilege.

Published: February 18, 1999; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-1999-0052

IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.

Published: November 04, 1998; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-0796

FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.

Published: May 01, 1998; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

Published: January 05, 1998; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-0017

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

Published: December 10, 1997; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-1999-0322

The open() function in FreeBSD allows local attackers to write to arbitrary files.

Published: October 29, 1997; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-1999-1298

Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources.

Published: April 07, 1997; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-1999-0046

Buffer overflow of rlogin program using TERM environmental variable.

Published: February 06, 1997; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-1999-1385

Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable.

Published: December 19, 1996; 12:00:00 AM -05:00
V2: 7.2 HIGH