National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:freebsd:freebsd:9.3:p33
There are 71 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2017-13081

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Published: October 17, 2017; 09:29:00 AM -04:00
V3.0: 5.3 MEDIUM
    V2: 2.9 LOW
CVE-2017-13080

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Published: October 17, 2017; 09:29:00 AM -04:00
V3.0: 5.3 MEDIUM
    V2: 2.9 LOW
CVE-2017-13079

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Published: October 17, 2017; 09:29:00 AM -04:00
V3.0: 5.3 MEDIUM
    V2: 2.9 LOW
CVE-2017-13078

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Published: October 17, 2017; 09:29:00 AM -04:00
V3.0: 5.3 MEDIUM
    V2: 2.9 LOW
CVE-2017-13077

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: October 16, 2017; 10:29:00 PM -04:00
V3.0: 6.8 MEDIUM
    V2: 5.4 MEDIUM
CVE-2015-5675

The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileges or cause a denial of service (kernel panic).

Published: October 10, 2017; 12:29:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2017-15037

In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character.

Published: October 05, 2017; 03:29:00 AM -04:00
V3.0: 8.1 HIGH
    V2: 6.8 MEDIUM
CVE-2016-1888

The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."

Published: February 15, 2017; 10:59:00 AM -05:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2016-1883

The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors.

Published: February 15, 2017; 10:59:00 AM -05:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2016-1881

The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call.

Published: February 15, 2017; 10:59:00 AM -05:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2016-1880

The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists."

Published: February 15, 2017; 10:59:00 AM -05:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2015-5677

bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file.

Published: February 07, 2017; 10:59:00 AM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2016-5766

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.

Published: August 07, 2016; 06:59:13 AM -04:00
V3.0: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2016-1886

Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."

Published: May 25, 2016; 11:59:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2016-1885

Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow.

Published: April 11, 2016; 10:00:06 PM -04:00
V3.0: 6.2 MEDIUM
    V2: 4.9 MEDIUM
CVE-2016-1882

FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options.

Published: January 29, 2016; 02:59:08 PM -05:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2016-1879

The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet.

Published: January 29, 2016; 02:59:07 PM -05:00
V3.0: 7.5 HIGH
    V2: 7.8 HIGH
CVE-2015-3625

The NVIDIA GPU driver for FreeBSD R352 before 352.09, 346 before 346.72, R349 before 349.16, R343 before 343.36, R340 before 340.76, R337 before 337.25, R334 before 334.21, R331 before 331.113, and R304 before 304.125 allows local users with certain permissions to read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference.

Published: July 17, 2015; 08:59:00 PM -04:00
    V2: 7.2 HIGH
CVE-2015-1415

The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.

Published: April 10, 2015; 11:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2015-1414

Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.

Published: February 27, 2015; 10:59:00 AM -05:00
    V2: 7.8 HIGH