Freebsd: >> Freebsd >> 6.2 Security Vulnerabilities
The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/console.log during a jail start-up, or when file systems are mounted or unmounted, which allows local root users to overwrite arbitrary files, or mount/unmount files, outside of the jail via a symlink attack.
CVSS Score
6.6
EPSS Score
0.001
Published
2007-01-11
Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability
CVSS Score
4.4
EPSS Score
0.001
Published
2006-12-08
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment
CVSS Score
7.8
EPSS Score
0.0
Published
2006-11-29
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-04-20
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-07-23
BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-07-02
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-03-12
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
CVSS Score
1.2
EPSS Score
0.002
Published
2001-02-16
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
CVSS Score
10.0
EPSS Score
0.005
Published
1998-12-04
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
CVSS Score
4.6
EPSS Score
0.001
Published
1998-11-18