Freebsd: >> Freebsd >> 3.3 Security Vulnerabilities
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVSS Score
10.0
EPSS Score
0.352
Published
2001-06-18
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.
CVSS Score
6.2
EPSS Score
0.001
Published
2001-06-18
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
CVSS Score
7.5
EPSS Score
0.034
Published
2001-06-18
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.
CVSS Score
7.5
EPSS Score
0.089
Published
2001-03-26
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-12-19
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-12-11
The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
CVSS Score
7.2
EPSS Score
0.0
Published
2000-12-11
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
CVSS Score
7.2
EPSS Score
0.0
Published
2000-12-11
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-10-20
Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-10-20