Vulnerabilities > Freebsd > Freebsd > 4.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-02-27 | CVE-2002-0004 | Heap Overflow vulnerability in AT Maliciously Formatted Time Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | 7.2 |
2001-10-03 | CVE-2001-0670 | Buffer Overflow vulnerability in Multiple BSD Vendor lpd Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | 7.5 |
2001-09-20 | CVE-2001-1029 | libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. | 2.1 |
2001-09-20 | CVE-2001-0710 | NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | 5.0 |
2001-09-04 | CVE-2001-1017 | Unspecified vulnerability in Freebsd 4.2/4.3 rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords. | 7.2 |
2001-08-23 | CVE-2001-1155 | Incorrect Authorization vulnerability in Freebsd 4.1.1/4.2/4.3 TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing. | 9.8 |
2001-08-21 | CVE-2001-1166 | Unspecified vulnerability in Freebsd linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. | 5.0 |
2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
2001-07-10 | CVE-2001-1180 | Unspecified vulnerability in Freebsd FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child. | 7.2 |
2001-07-02 | CVE-2001-0439 | licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | 7.5 |