6.3.releng

DATE	CVE	VULNERABILITY TITLE	RISK
2009-06-25	CVE-2009-2208	Permissions, Privileges, and Access Controls vulnerability in Freebsd FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU. local low complexity freebsd CWE-264	3.6
2009-06-18	CVE-2009-1935	Numeric Errors vulnerability in Freebsd Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pages via unspecified vectors. local low complexity freebsd CWE-189	4.9
2008-03-04	CVE-2008-1148	A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. network apple dragonflybsd freebsd netbsd openbsd cosmicperl darwin navision	6.8
2008-03-04	CVE-2008-1146	A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. network apple dragonflybsd freebsd netbsd openbsd cosmicperl darwin navision	6.8