U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:freebsd:freebsd:7.0:p6:*:*:*:*:*:*
  • CPE Name Search: true
There are 85 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2010-2530

Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.

Published: September 29, 2010; 1:00:04 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2010-3014

The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.

Published: August 20, 2010; 4:00:02 PM -0400
V3.x:(not available)
V2.0: 1.2 LOW
CVE-2010-1938

Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd.

Published: May 28, 2010; 2:30:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-4502

The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses.

Published: December 31, 2009; 1:30:01 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-3048

Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file."

Published: September 02, 2009; 1:30:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-1436

The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.

Published: April 27, 2009; 2:00:00 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2009-1041

The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value.

Published: March 26, 2009; 1:51:47 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2009-0641

sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library.

Published: February 20, 2009; 1:47:48 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0601

Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.

Published: February 16, 2009; 3:30:03 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2008-5736

Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.

Published: December 26, 2008; 1:30:03 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Published: October 20, 2008; 1:59:26 PM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2008-4247

ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.

Published: September 25, 2008; 3:25:18 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-2464

The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value.

Published: September 10, 2008; 9:10:39 PM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2008-3530

sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.

Published: September 05, 2008; 12:08:00 PM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2008-3531

Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions."

Published: September 05, 2008; 12:08:00 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2008-3890

The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call.

Published: September 05, 2008; 12:08:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2008-2427

Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.

Published: June 24, 2008; 3:41:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-1391

Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec.

Published: March 27, 2008; 1:44:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-1215

Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters.

Published: March 08, 2008; 9:44:00 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2008-0777

The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.

Published: February 14, 2008; 9:00:00 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM