National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:freebsd:freebsd:2.2.5
There are 87 matching records.
Displaying matches 81 through 87.
Vuln ID Summary CVSS Severity

Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.

Published: September 16, 2000; 12:00:00 AM -04:00
    V2: 7.2 HIGH

The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.

Published: May 29, 2000; 12:00:00 AM -04:00
    V2: 2.1 LOW

ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.

Published: December 30, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM

Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.

Published: July 15, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM

A buffer overflow in lsof allows local users to obtain root privilege.

Published: February 18, 1999; 12:00:00 AM -05:00
    V2: 7.2 HIGH

The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections.

Published: February 01, 1998; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

Published: May 17, 1997; 12:00:00 AM -04:00
    V2: 2.1 LOW