Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:freebsd:freebsd:7.0:rc2:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-2530 |
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call. Published: September 29, 2010; 1:00:04 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2010-3014 |
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read. Published: August 20, 2010; 4:00:02 PM -0400 |
V3.x:(not available) V2.0: 1.2 LOW |
CVE-2010-1938 |
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd. Published: May 28, 2010; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-4502 |
The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses. Published: December 31, 2009; 1:30:01 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-3048 |
Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file." Published: September 02, 2009; 1:30:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1436 |
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file. Published: April 27, 2009; 2:00:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-1041 |
The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value. Published: March 26, 2009; 1:51:47 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2009-0641 |
sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library. Published: February 20, 2009; 1:47:48 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0601 |
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. Published: February 16, 2009; 3:30:03 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2008-4609 |
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Published: October 20, 2008; 1:59:26 PM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2008-4247 |
ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser. Published: September 25, 2008; 3:25:18 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-2464 |
The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value. Published: September 10, 2008; 9:10:39 PM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2008-3530 |
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message. Published: September 05, 2008; 12:08:00 PM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2008-3531 |
Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions." Published: September 05, 2008; 12:08:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2008-3890 |
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call. Published: September 05, 2008; 12:08:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2008-2427 |
Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file. Published: June 24, 2008; 3:41:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-1391 |
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec. Published: March 27, 2008; 1:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1215 |
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters. Published: March 08, 2008; 9:44:00 PM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2008-0777 |
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files. Published: February 14, 2008; 9:00:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-0216 |
The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user. Published: January 15, 2008; 9:00:00 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |