Vulnerabilities > BSD
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-12-12 | CVE-2014-7250 | Resource Management Errors vulnerability in multiple products The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | 5.0 |
| 2007-04-24 | CVE-2007-2191 | HTML Injection vulnerability in Freepbx 2.2.1/2.2Rc1 Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. | 6.8 |
| 2003-03-31 | CVE-2003-0144 | Local Buffer Overflow vulnerability in Multiple Vendor LPRM Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | 7.2 |
| 2001-12-31 | CVE-2001-1562 | Unspecified vulnerability in BSD NVI 1.79 Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename. | 7.2 |
| 2001-10-03 | CVE-2001-0670 | Buffer Overflow vulnerability in Multiple BSD Vendor lpd Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | 7.5 |
| 1999-12-31 | CVE-1999-1102 | lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | 2.1 |
| 1999-07-02 | CVE-1999-1394 | Unspecified vulnerability in BSD 4.4 BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device. | 2.1 |
| 1997-09-15 | CVE-1999-1214 | Credentials Management vulnerability in multiple products The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | 2.1 |
| 1995-03-03 | CVE-1999-1098 | Unspecified vulnerability in BSD Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing. | 5.0 |
| 1989-01-01 | CVE-1999-1471 | Unspecified vulnerability in BSD 4.2/4.3 Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field. | 7.2 |