5.2.1

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-31	CVE-2004-0919	Unspecified vulnerability in Freebsd The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordinates or (2) large coordinates. local low complexity freebsd	4.6
2004-12-06	CVE-2004-0618	Denial Of Service vulnerability in Freebsd 4.10/5.1/5.2.1 FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument. local low complexity freebsd	2.1
2004-11-23	CVE-2004-0081	OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. network low complexity cisco symantec hp avaya freebsd openbsd redhat sco apple 4d checkpoint lite neoteris novell openssl sgi stonesoft vmware bluecoat securecomputing dell tarantella sun	5.0
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5
2004-08-18	CVE-2004-0435	Buffer Cache Implementation vulnerability in FreeBSD Msync(2) System Call Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. local low complexity freebsd	3.6
2004-03-29	CVE-2004-0126	Unspecified vulnerability in Freebsd 5.1/5.2/5.2.1 The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail. local low complexity freebsd	4.6
2004-03-03	CVE-2004-0099	Unspecified vulnerability in Freebsd 5.1/5.2.1 mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions. local low complexity freebsd	4.6