Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:freebsd:freebsd:6.1:p24
There are 74 matching records.
Displaying matches 61 through 74.
Vuln ID Summary CVSS Severity
CVE-2008-0217

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.

Published: January 15, 2008; 9:00:00 PM -0500
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2007-6150

The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values.

Published: November 29, 2007; 8:46:00 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2007-3721

The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

Published: July 12, 2007; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2007-3722

The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

Published: July 12, 2007; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2007-0267

The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrupted directory entry (struct direct), related to the ufs_dirbad function. NOTE: a third party states that the FreeBSD issue does not cross privilege boundaries.

Published: January 16, 2007; 7:28:00 PM -0500
V3.x:(not available)
V2.0: 6.6 MEDIUM
CVE-2007-0229

Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

Published: January 12, 2007; 9:28:00 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2007-0166

The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/console.log during a jail start-up, or when file systems are mounted or unmounted, which allows local root users to overwrite arbitrary files, or mount/unmount files, outside of the jail via a symlink attack.

Published: January 11, 2007; 3:28:00 PM -0500
V3.x:(not available)
V2.0: 6.6 MEDIUM
CVE-2006-5824

Integer overflow in the ffs_rdextattr function in FreeBSD 6.1 allows local users to cause a denial of service (kernel panic) and trigger a heap-based buffer overflow via a crafted UFS filesystem, a different vulnerability than CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

Published: November 09, 2006; 6:07:00 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2006-5679

Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.

Published: November 03, 2006; 5:07:00 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2006-5482

ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.

Published: October 24, 2006; 6:07:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-5483

p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root.

Published: October 24, 2006; 6:07:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-4304

Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver.

Published: August 23, 2006; 9:04:00 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2006-2655

The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions.

Published: June 01, 2006; 9:02:00 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2006-1056

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Published: April 20, 2006; 6:02:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW