Vulnerabilities > Freebsd > Freebsd > 6.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-24 | CVE-2006-4304 | Buffer Overflow vulnerability in NetBSD In-Kernel PPP Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. | 10.0 |
2006-06-02 | CVE-2006-2655 | Unspecified vulnerability in Freebsd The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | 6.4 |
2006-06-02 | CVE-2006-2654 | Unspecified vulnerability in Freebsd Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. | 6.4 |
2006-03-23 | CVE-2006-1283 | Unspecified vulnerability in Freebsd opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd. | 7.2 |
2006-03-23 | CVE-2006-0905 | A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks. | 7.5 |
2006-02-27 | CVE-2006-0900 | Remote NFS RPC Request Denial of Service vulnerability in Freebsd 6.0 nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite. | 7.8 |
2006-01-25 | CVE-2006-0381 | Remote Denial Of Service vulnerability in Freebsd 5.3/5.4/6.0 A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. | 5.0 |
2006-01-25 | CVE-2006-0380 | Local Kernel Memory Disclosure vulnerability in Freebsd 5.4/6.0 A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory. | 2.1 |
2006-01-25 | CVE-2006-0379 | Local Kernel Memory Disclosure vulnerability in Freebsd 5.4/6.0 FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory. | 2.1 |
2006-01-19 | CVE-2006-0226 | Remote Buffer Overflow vulnerability in Freebsd 6.0 Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames. | 10.0 |