Vulnerabilities > Freebsd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-11-18 | CVE-2008-5142 | Link Following vulnerability in Freebsd Freebsd-Sendpr 3.113+5.3 sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file. | 6.9 |
| 2008-09-05 | CVE-2008-3531 | Buffer Errors vulnerability in Freebsd 7.0/7.1 Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error conditions." | 6.9 |
| 2008-03-09 | CVE-2008-1215 | Permissions, Privileges, and Access Controls vulnerability in multiple products Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters. | 4.6 |
| 2008-03-04 | CVE-2008-1148 | A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. | 6.8 |
| 2008-03-04 | CVE-2008-1146 | A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. | 6.8 |
| 2008-02-15 | CVE-2008-0777 | Permissions, Privileges, and Access Controls vulnerability in Freebsd The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files. | 4.9 |
| 2008-01-16 | CVE-2008-0217 | Permissions, Privileges, and Access Controls vulnerability in Freebsd The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script. | 6.9 |
| 2007-08-13 | CVE-2007-4304 | Local Security vulnerability in CerbNG CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages". | 6.2 |
| 2007-08-13 | CVE-2007-4303 | System Call Wrappers Concurrency vulnerability in CerbNG Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb. | 6.2 |
| 2007-07-15 | CVE-2007-3645 | Remote vulnerability in Freebsd Libarchive 2.2.3 archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follows a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive, which results in a NULL pointer dereference, a different issue than CVE-2007-3644. network freebsd | 4.3 |