Vulnerabilities > Freebsd

DATE CVE VULNERABILITY TITLE RISK
2017-10-17 CVE-2017-13084 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
6.8
2017-10-17 CVE-2017-13082 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
8.1
2017-10-17 CVE-2017-13081 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
5.3
2017-10-17 CVE-2017-13080 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
5.3
2017-10-17 CVE-2017-13079 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
5.3
2017-10-17 CVE-2017-13078 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
5.3
2017-10-17 CVE-2017-13077 Use of Insufficiently Random Values vulnerability in multiple products
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
6.8
2017-10-10 CVE-2015-5675 Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/9.3
The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileges or cause a denial of service (kernel panic).
local
low complexity
freebsd CWE-264
7.8
2017-10-05 CVE-2017-15037 Out-of-bounds Read vulnerability in Freebsd
In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character.
network
high complexity
freebsd CWE-125
8.1
2017-07-25 CVE-2015-1417 Resource Exhaustion vulnerability in Freebsd
The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 on systems with VNET enabled and at least 16 VNET instances allows remote attackers to cause a denial of service (mbuf consumption) via multiple concurrent TCP connections.
network
low complexity
freebsd CWE-400
7.5