The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
Source: MITRE
Max CVSS
1.9
EPSS Score
0.04%
Published
2014-06-04
Updated
2017-12-29
crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname.
Source: Red Hat, Inc.
Max CVSS
1.9
EPSS Score
0.04%
Published
2011-03-04
Updated
2018-10-09
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXXXXXXX temporary files.
Source: Red Hat, Inc.
Max CVSS
1.9
EPSS Score
0.04%
Published
2011-03-04
Updated
2018-10-09
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.
Source: MITRE
Max CVSS
1.2
EPSS Score
0.04%
Published
2010-08-20
Updated
2018-10-10
procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.
Source: MITRE
Max CVSS
1.2
EPSS Score
0.04%
Published
2002-12-31
Updated
2017-07-11
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
Source: MITRE
Max CVSS
1.2
EPSS Score
0.05%
Published
2001-02-16
Updated
2018-05-03
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
Source: MITRE
Max CVSS
1.9
EPSS Score
0.04%
Published
1996-04-18
Updated
2022-08-17
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!