Vulnerabilities > Freebsd
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0829 | Unspecified vulnerability in Freebsd Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | 4.6 |
2002-08-12 | CVE-2002-0824 | Link Following vulnerability in Freebsd Point-To-Point Protocol Daemon BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | 6.9 |
2002-08-12 | CVE-2002-0820 | Local Security vulnerability in Freebsd 4.6 FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. | 7.2 |
2002-08-12 | CVE-2002-0795 | Unspecified vulnerability in Freebsd 4.5 The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. | 2.1 |
2002-08-12 | CVE-2002-0794 | Denial of Service vulnerability in Freebsd 4.5 The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | 5.0 |
2002-08-12 | CVE-2002-0755 | Unspecified vulnerability in Freebsd 4.4/4.5 Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. | 7.2 |
2002-08-12 | CVE-2002-0754 | Privilege Escalation vulnerability in Kerberos 5 su Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. | 7.2 |
2002-08-12 | CVE-2002-0518 | Denial Of Service vulnerability in Freebsd 4.5 The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. | 5.0 |
2002-08-12 | CVE-2002-0414 | KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | 7.5 |
2002-08-12 | CVE-2002-0391 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | 9.8 |