Vulnerabilities > Freebsd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-09-24 | CVE-2002-0973 | Buffer Overflow vulnerability in FreeBSD System Call Signed Integer Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl. | 4.6 |
| 2002-08-12 | CVE-2002-0830 | Denial Of Service vulnerability in Multiple Vendor BSD NFS Zero-Length RPC Message Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. | 5.0 |
| 2002-08-12 | CVE-2002-0829 | Unspecified vulnerability in Freebsd Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | 4.6 |
| 2002-08-12 | CVE-2002-0824 | Link Following vulnerability in Freebsd Point-To-Point Protocol Daemon BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | 6.9 |
| 2002-08-12 | CVE-2002-0794 | Denial of Service vulnerability in Freebsd 4.5 The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | 5.0 |
| 2002-08-12 | CVE-2002-0518 | Denial Of Service vulnerability in Freebsd 4.5 The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. | 5.0 |
| 2002-06-25 | CVE-2002-0381 | The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | 5.0 |
| 2001-12-10 | CVE-2001-1185 | Unspecified vulnerability in Freebsd 4.4 Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges. | 6.2 |
| 2001-12-06 | CVE-2001-0796 | Denial of Service vulnerability in SGI IRIX IGMP Multicast Packet SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. | 5.0 |
| 2001-09-20 | CVE-2001-0710 | NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | 5.0 |