Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Freebsd
(Freebsd)| Repositories |
• https://github.com/file/file
• https://github.com/torvalds/linux • https://github.com/php/php-src • https://github.com/libarchive/libarchive |
| #Vulnerabilities | 504 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-03-03 | CVE-2003-0078 | ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | Freebsd, Openbsd, Openssl | N/A | ||
| 2008-11-26 | CVE-2008-5162 | The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various network protocols, related to the Yarrow random number generator. | Freebsd | 7.0 | ||
| 1997-02-06 | CVE-1999-0046 | Buffer overflow of rlogin program using TERM environmental variable. | Bsd_os, Debian_linux, Ultrix, Freebsd, Hp\-Ux, Aix, Netbsd, Nextstep, Solaris, Sunos | N/A | ||
| 2005-05-02 | CVE-2005-1036 | FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. | Freebsd | 7.8 | ||
| 2003-08-27 | CVE-2003-0466 | Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | Mac_os_x, Mac_os_x_server, Freebsd, Netbsd, Openbsd, Wu_ftpd, Solaris, Wu\-Ftpd | 9.8 | ||
| 2002-12-31 | CVE-2002-1915 | tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | Freebsd, Netbsd, Openbsd | 5.5 | ||
| 1998-06-16 | CVE-1999-0783 | FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system. | Freebsd | 5.5 | ||
| 2002-07-03 | CVE-2002-0574 | Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. | Freebsd | N/A | ||
| 1999-09-05 | CVE-2000-0489 | FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. | Freebsd, Netbsd, Openbsd | N/A | ||
| 2008-09-11 | CVE-2008-2464 | The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value. | Freebsd, Kame, Netbsd | N/A |