Freebsd: >> Freebsd >> 2.0.5 Security Vulnerabilities
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool.
CVSS Score
5.0
EPSS Score
0.009
Published
2001-09-20
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-09-20
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVSS Score
10.0
EPSS Score
0.274
Published
2001-08-14
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
CVSS Score
10.0
EPSS Score
0.01
Published
2001-06-27
rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-06-27
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.
CVSS Score
6.2
EPSS Score
0.001
Published
2001-06-18
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
CVSS Score
7.5
EPSS Score
0.034
Published
2001-06-18
Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-09-16
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-05-29
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
CVSS Score
5.0
EPSS Score
0.014
Published
1999-12-30