Medium
CVE-2001-1166
linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that pro…
Tag: FreeBSD
All CVEs associated with "FreeBSD". Page 4/4 • 425 CVEs.
Subscribe CVEs: RSS for “FreeBSD” · RSS (High+Critical only)
About “FreeBSD”
A curated feed of “FreeBSD”-related CVEs appears below. We currently track 425 CVEs for this tag (all time). In the last 365 days, 9 were published. Average CVSS is 6.3 (all time; 7.4 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection'), CWE-307 - Improper Restriction of Excessive Authentication Attempts, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').
In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2001-08-21
2001-08-17
Medium
CVE-2001-1145
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current…
2001-07-10
High
CVE-2001-1180
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child proces…
2001-06-27
Medium
CVE-2001-0469
rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length.
2001-06-18
Medium
CVE-2001-0371
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allow…
2001-06-02
Medium
CVE-2001-0230
Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges.
Low
CVE-2001-0310
sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort t…
2001-05-03
Medium
CVE-2001-0196
inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.
2001-03-26
High
CVE-2001-0183
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established con…
2001-03-12
Low
CVE-2000-0375
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
2001-02-16
Low
CVE-2000-0890
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
2001-02-12
High
CVE-2001-0061
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process…
Low
CVE-2001-0062
procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang.
High
CVE-2001-0063
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges.
High
CVE-2001-0093
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
High
CVE-2001-0094
Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local…
2001-01-09
High
CVE-2000-1167
ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system.
Medium
CVE-2000-1184
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental varia…
2000-12-19
Medium
CVE-2000-0915
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name.
High
CVE-2000-0916
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP c…
2000-12-11
High
CVE-2000-1011
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable.
High
CVE-2000-1012
The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
High
CVE-2000-1013
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
Medium
CVE-2000-1066
The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname.
2000-11-14
High
CVE-2000-0852
Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges.
2000-10-20
Low
CVE-2000-0729
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
High
CVE-2000-0749
Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system.
High
CVE-2000-0752
Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments.
2000-09-16
High
CVE-1999-0761
Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.
2000-06-12
Medium
CVE-2000-0535
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak…
2000-06-07
High
CVE-2000-0532
A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered.
Medium
CVE-2000-0534
The apsfilter software in the FreeBSD ports package does not properly read user filter configurations, which allows local users to execute commands as the lpd user.
2000-05-09
Low
CVE-2000-0387
The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files.
2000-04-10
High
CVE-2000-0294
Buffer overflow in healthd for FreeBSD allows local users to gain root privileges.
2000-02-21
Medium
CVE-2000-0163
asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file.
2000-01-01
High
CVE-1999-0964
Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable.
1999-12-31
Medium
CVE-1999-1339
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic…
1999-12-22
High
CVE-2000-0018
wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
1999-12-01
Medium
CVE-1999-0820
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands.
Medium
CVE-1999-0823
Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument.
Medium
CVE-1999-0826
Buffer overflow in FreeBSD angband allows local users to gain privileges.
High
CVE-1999-0855
Buffer overflow in FreeBSD gdc program.
Low
CVE-1999-0857
FreeBSD gdc program allows local users to modify files via a symlink attack.
High
CVE-1999-0963
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
1999-11-08
Medium
CVE-1999-0821
FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument.
Medium
CVE-1999-0863
Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.
1999-09-22
Low
CVE-1999-0912
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
1999-09-05
Low
CVE-2000-0489
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then…
1999-09-02
Low
CVE-1999-1564
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
1998-12-04
Critical
CVE-1999-0798
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
1998-11-04
High
CVE-1999-0052
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
1998-10-13
Medium
CVE-1999-0053
TCP RST denial of service in FreeBSD.
1998-06-16
Medium
CVE-1999-0783
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
1998-05-01
High
CVE-1999-0796
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.
1998-02-20
Critical
CVE-1999-0323
FreeBSD mmap function allows users to modify append-only or immutable files.
1998-02-01
Medium
CVE-1999-0305
The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when th…
1997-10-29
Low
CVE-1999-0322
The open() function in FreeBSD allows local attackers to write to arbitrary files.
1997-04-07
High
CVE-1999-1298
Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain…
1997-03-05
Critical
CVE-1999-0299
Buffer overflow in FreeBSD lpd through long DNS hostnames.
1996-12-19
High
CVE-1999-1385
Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable.
1996-07-16
High
CVE-1999-1301
A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly oth…
Low
CVE-1999-1572
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and…
1996-05-23
Medium
CVE-1999-1313
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.
1996-05-17
Low
CVE-1999-1314
Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_unio…
1990-05-09
High
CVE-2000-0388
Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.