Vulnerabilities > Freebsd > Freebsd > 4.8

DATE CVE VULNERABILITY TITLE RISK
2003-10-20 CVE-2003-0688 The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
network
low complexity
redhat sendmail sgi compaq freebsd openbsd
5.0
5.0
2003-10-06 CVE-2003-0694 The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
network
low complexity
sendmail sgi apple compaq freebsd gentoo hp ibm netbsd sun turbolinux
critical
 10.0
10
2003-08-27 CVE-2003-0466 Off-by-one Error vulnerability in multiple products
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
network
low complexity
wuftpd redhat apple sun freebsd netbsd openbsd CWE-193
critical
 9.8
9.8