Freebsd: >> Freebsd >> 4.2 Security Vulnerabilities
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-07-10
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
CVSS Score
7.5
EPSS Score
0.011
Published
2001-07-02
rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-06-27
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVSS Score
10.0
EPSS Score
0.352
Published
2001-06-18
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.
CVSS Score
6.2
EPSS Score
0.001
Published
2001-06-18
inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-05-03
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.
CVSS Score
7.5
EPSS Score
0.089
Published
2001-03-26
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space.
CVSS Score
7.2
EPSS Score
0.0
Published
2001-02-12
procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-02-12
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2001-02-12