Freebsd: >> Freebsd Security Vulnerabilities
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
CVSS Score
1.2
EPSS Score
0.002
Published
2001-02-16
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space.
CVSS Score
7.2
EPSS Score
0.0
Published
2001-02-12
procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-02-12
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2001-02-12
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
CVSS Score
7.2
EPSS Score
0.004
Published
2001-02-12
Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-02-12
ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system.
CVSS Score
7.5
EPSS Score
0.007
Published
2001-01-09
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-01-09
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name.
CVSS Score
5.0
EPSS Score
0.009
Published
2000-12-19
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections.
CVSS Score
7.5
EPSS Score
0.083
Published
2000-12-19