Freebsd: Security Vulnerabilities
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
CVSS Score
5.0
EPSS Score
0.006
Published
2000-06-12
A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered.
CVSS Score
7.5
EPSS Score
0.009
Published
2000-06-07
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-05-29
xsoldier program allows local users to gain root access via a long argument.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-05-17
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
CVSS Score
5.0
EPSS Score
0.063
Published
2000-05-01
Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-03-27
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-02-28
asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file.
CVSS Score
4.6
EPSS Score
0.002
Published
2000-02-21
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVSS Score
6.2
EPSS Score
0.001
Published
2000-01-19
Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-01-01