Vulnerabilities > Freebsd > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-08-18 | CVE-2004-0435 | Buffer Cache Implementation vulnerability in FreeBSD Msync(2) System Call Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | 3.6 |
2004-05-04 | CVE-2004-0370 | Local Memory Disclosure vulnerability in Freebsd 5.2 The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic. | 2.1 |
2003-12-31 | CVE-2003-1234 | Integer Overflow vulnerability in FreeBSD System Call f_count Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | 3.6 |
2003-12-31 | CVE-2003-1289 | Local Security vulnerability in BSD IBCS2 The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. | 2.1 |
2002-12-31 | CVE-2002-1667 | Denial-Of-Service vulnerability in Freebsd 4.5 The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory map created with MAP_ANON and MAP_NOSYNC flags. | 2.1 |
2002-12-31 | CVE-2002-1669 | Unspecified vulnerability in Freebsd 4.2/4.3/4.4 pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with world-searchable permissions, which may allow local users to modify world-writable parts of the package during installation. | 2.1 |
2002-12-31 | CVE-2002-1674 | Unspecified vulnerability in Freebsd procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to. | 1.2 |
2002-12-31 | CVE-2002-2092 | Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | 3.7 |
2002-09-24 | CVE-2002-1125 | Unspecified vulnerability in Freebsd FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory. | 2.1 |
2002-08-12 | CVE-2002-0795 | Unspecified vulnerability in Freebsd 4.5 The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. | 2.1 |