Vulnerabilities > Freebsd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-05-02 | CVE-2014-3001 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.0 The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a jailed device node process. | 5.8 |
| 2014-04-16 | CVE-2014-1453 | Resource Management Errors vulnerability in Freebsd The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authenticated users to cause a denial of service (deadlock) via vectors involving a thread that uses the correct locking order. | 4.0 |
| 2013-11-21 | CVE-2013-6834 | Improper Input Validation vulnerability in Freebsd The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | 4.9 |
| 2013-11-21 | CVE-2013-6833 | Improper Input Validation vulnerability in Freebsd The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | 4.9 |
| 2013-11-21 | CVE-2013-6832 | Information Exposure vulnerability in Freebsd The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | 4.9 |
| 2013-09-30 | CVE-2013-0211 | Numeric Errors vulnerability in multiple products Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. | 5.0 |
| 2013-09-23 | CVE-2013-5666 | Information Exposure vulnerability in Freebsd 9.2 The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information (kernel memory) via a length greater than the length of the file. | 4.7 |
| 2013-09-23 | CVE-2013-5691 | Permissions, Privileges, and Access Controls vulnerability in Freebsd The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in FreeBSD 8.3 through 9.2-STABLE do not validate SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR, and SIOCSIFNETMASK requests, which allows local users to perform link-layer actions, cause a denial of service (panic), or possibly gain privileges via a crafted application. | 6.9 |
| 2013-07-29 | CVE-2013-4851 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 8.3/9.0/9.1 The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entries on the basis of group information sent by the client, which allows remote attackers to bypass file permissions on NFS filesystems via crafted requests. | 6.4 |
| 2013-07-02 | CVE-2013-2171 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 9.0/9.1 The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain privileges via a crafted application that leverages read permissions, and makes mmap and ptrace system calls. | 6.9 |