Freebsd : Security Vulnerabilities (CVSS score between 1 and 1.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2014-3956 |
200 |
|
+Info |
2014-06-04 |
2017-12-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. |
2 |
CVE-2011-1074 |
200 |
|
Dir. Trav. +Info |
2011-03-04 |
2018-10-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname. |
3 |
CVE-2011-1073 |
59 |
|
|
2011-03-04 |
2018-10-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXXXXXXX temporary files. |
4 |
CVE-2010-3014 |
200 |
|
+Info |
2010-08-20 |
2018-10-10 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read. |
5 |
CVE-2002-1674 |
|
|
DoS |
2002-12-31 |
2017-07-11 |
1.2 |
None |
Local |
High |
Not required |
None |
None |
Partial |
procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to. |
6 |
CVE-2000-0890 |
|
|
|
2001-02-16 |
2018-05-03 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack. |
7 |
CVE-1999-0078 |
|
|
Exec Code |
1996-04-18 |
2022-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
Total number of vulnerabilities :
7
Page :
1
(This Page)