CVE-2006-0900 – FreeBSD 6.0 - 'nfsd' Remote Kernel Panic (Denial of Service)
https://notcve.org/view.php?id=CVE-2006-0900
nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite. • https://www.exploit-db.com/exploits/1540 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:10.nfs.asc http://lists.immunitysec.com/pipermail/dailydave/2006-February/002982.html http://secunia.com/advisories/19017 http://securityreason.com/securityalert/521 http://www.osvdb.org/23511 http://www.securityfocus.com/bid/16838 https://exchange.xforce.ibmcloud.com/vulnerabilities/24918 •
CVE-2006-0379
https://notcve.org/view.php?id=CVE-2006-0379
FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc http://secunia.com/advisories/18599 http://securitytracker.com/id?1015541 http://www.osvdb.org/22730 http://www.securityfocus.com/bid/16373 https://exchange.xforce.ibmcloud.com/vulnerabilities/24338 •
CVE-2006-0380
https://notcve.org/view.php?id=CVE-2006-0380
A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc http://secunia.com/advisories/18599 http://securitytracker.com/id?1015541 http://www.osvdb.org/22731 http://www.securityfocus.com/bid/16373 https://exchange.xforce.ibmcloud.com/vulnerabilities/24340 •
CVE-2006-0381
https://notcve.org/view.php?id=CVE-2006-0381
A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-004.txt.asc http://secunia.com/advisories/18609 http://securitytracker.com/id?1015542 http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104 http://www.osvdb.org/22732 http://www.securityfocus.com/bid/16375 https://exchange.xforce.ibmcloud.com/vulnerabilities/24337 •
CVE-2006-0226
https://notcve.org/view.php?id=CVE-2006-0226
Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05.80211.asc http://kernelwars.blogspot.com/2007/01/alive.html http://secunia.com/advisories/18353 http://securitytracker.com/id?1015518 http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson http://www.osvdb.org/22537 http://www.securityfocus.com/bid/16296 http://www.signedness.org/advisories/sps-0x1.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/24192 •