Filtered by vendor Freebsd Subscriptions
Filtered by product Freebsd Subscriptions
Total 537 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0061 4 Bsdi, Freebsd, Linux and 1 more 4 Bsd Os, Freebsd, Linux Kernel and 1 more 2024-11-21 N/A
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).
CVE-1999-0057 5 Eric Allman, Freebsd, Hp and 2 more 7 Vacation, Freebsd, Hp-ux and 4 more 2024-11-21 N/A
Vacation program allows command execution by remote users through a sendmail command.
CVE-1999-0053 1 Freebsd 1 Freebsd 2024-11-21 N/A
TCP RST denial of service in FreeBSD.
CVE-1999-0052 3 Bsdi, Freebsd, Openbsd 3 Bsd Os, Freebsd, Openbsd 2024-11-21 7.5 High
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
CVE-1999-0046 10 Bsdi, Debian, Digital and 7 more 10 Bsd Os, Debian Linux, Ultrix and 7 more 2024-11-21 N/A
Buffer overflow of rlogin program using TERM environmental variable.
CVE-1999-0040 7 Bsdi, Freebsd, Hp and 4 more 10 Bsd Os, Freebsd, Hp-ux and 7 more 2024-11-21 N/A
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
CVE-1999-0037 2 Freebsd, Redhat 2 Freebsd, Linux 2024-11-21 N/A
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
CVE-1999-0032 5 Bsdi, Freebsd, Next and 2 more 5 Bsd Os, Freebsd, Nextstep and 2 more 2024-11-21 N/A
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
CVE-1999-0023 6 Bsdi, Freebsd, Ibm and 3 more 10 Bsd Os, Freebsd, Aix and 7 more 2024-11-21 N/A
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
CVE-1999-0022 6 Bsdi, Freebsd, Hp and 3 more 7 Bsd Os, Freebsd, Hp-ux and 4 more 2024-11-21 7.8 High
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
CVE-1999-0017 9 Caldera, Freebsd, Gnu and 6 more 11 Openlinux, Freebsd, Inet and 8 more 2024-11-21 N/A
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-1999-0001 3 Bsdi, Freebsd, Openbsd 3 Bsd Os, Freebsd, Openbsd 2024-11-21 N/A
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
CVE-2024-45289 1 Freebsd 1 Freebsd 2024-11-13 7.5 High
The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option.
CVE-2024-8178 1 Freebsd 1 Freebsd 2024-09-06 9.3 Critical
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.
CVE-2024-45063 1 Freebsd 1 Freebsd 2024-09-06 9.8 Critical
The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.
CVE-2024-42416 1 Freebsd 1 Freebsd 2024-09-06 8.4 High
The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.
CVE-2024-43110 1 Freebsd 1 Freebsd 2024-09-06 8.4 High
The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.