Vulnerabilities > Freebsd
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-03 | CVE-2006-5679 | Numeric Errors vulnerability in Freebsd 6.1 Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. | 4.6 |
2006-10-26 | CVE-2006-5550 | Local Denial of Service vulnerability in FreeBSD Crypto The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | 4.9 |
2006-10-24 | CVE-2006-5483 | Local Denial of Service vulnerability in Freebsd 6.1 p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root. | 2.1 |
2006-10-24 | CVE-2006-5482 | Denial-Of-Service vulnerability in Freebsd 6.1 ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX. | 2.1 |
2006-10-12 | CVE-2006-4516 | Local Denial of Service vulnerability in Freebsd 6.0 Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call. | 4.9 |
2006-09-26 | CVE-2006-4178 | Local Denial of Service vulnerability in FreeBSD I386_Set_LDT() Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a different vulnerability than CVE-2006-4172. | 4.9 |
2006-09-26 | CVE-2006-4172 | Local Denial of Service vulnerability in FreeBSD I386_Set_LDT() Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178. | 7.2 |
2006-08-24 | CVE-2006-4304 | Buffer Overflow vulnerability in NetBSD In-Kernel PPP Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. | 10.0 |
2006-06-02 | CVE-2006-2655 | Unspecified vulnerability in Freebsd The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | 6.4 |
2006-06-02 | CVE-2006-2654 | Unspecified vulnerability in Freebsd Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. | 6.4 |