Vulnerabilities > Freebsd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-06-02 | CVE-2006-2654 | Unspecified vulnerability in Freebsd Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. | 6.4 |
| 2006-03-07 | CVE-2006-0883 | Resource Management Errors vulnerability in multiple products OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. | 5.0 |
| 2006-02-02 | CVE-2006-0433 | Remote Denial Of Service vulnerability in FreeBSD TCP SACK Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). | 5.0 |
| 2006-01-25 | CVE-2006-0381 | Remote Denial Of Service vulnerability in Freebsd 5.3/5.4/6.0 A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. | 5.0 |
| 2005-12-31 | CVE-2005-4351 | Local Security vulnerability in kernel The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. | 4.3 |
| 2005-08-05 | CVE-2005-2359 | Authentication Constant Key Usage vulnerability in BSD IPsec Session AES-XCBC-MAC The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session. | 5.0 |
| 2005-07-05 | CVE-2005-2068 | Unspecified vulnerability in Freebsd FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session. | 5.0 |
| 2005-07-05 | CVE-2005-2019 | Unspecified vulnerability in Freebsd 5.4 ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions. | 5.0 |
| 2005-05-31 | CVE-2005-0356 | Remote Denial Of Service vulnerability in Multiple Vendor TCP Timestamp PAWS Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | 5.0 |
| 2005-05-06 | CVE-2005-1406 | Local Kernel Memory Disclosure vulnerability in FreeBSD The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. | 4.6 |