Page 13 of 78 results (0.010 seconds)

CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 0

The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:07.ldt.asc •

CVSS: 4.6EPSS: 0%CPEs: 15EXPL: 0

The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:08.kmem.asc http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html http://secunia.com/advisories/17368 http://www.securityfocus.com/bid/13526 http://www.securityfocus.com/bid/15252 http://www.vupen.com/english/advisories/2005/2256 •

CVSS: 2.1EPSS: 0%CPEs: 61EXPL: 0

The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:04.ifconf.asc http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html http://secunia.com/advisories/14959 http://secunia.com/advisories/17368 http://www.osvdb.org/15514 http://www.securityfocus.com/bid/15252 http://www.vupen.com/english/advisories/2005/2256 https://exchange.xforce.ibmcloud.com/vulnerabilities/20114 • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 63EXPL: 0

Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. • http://secunia.com/advisories/14903 http://www.securityfocus.com/bid/13106 http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc • CWE-909: Missing Initialization of Resource •