CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1017
https://notcve.org/view.php?id=CVE-2001-1017
rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:59.rmuser.v1.1.asc http://www.osvdb.org/1947 http://www.securityfocus.com/bid/3282 https://exchange.xforce.ibmcloud.com/vulnerabilities/7086 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1155
https://notcve.org/view.php?id=CVE-2001-1155
TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:56.tcp_wrappers.asc http://www.osvdb.org/5454 • CWE-863: Incorrect Authorization •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2001-1166
https://notcve.org/view.php?id=CVE-2001-1166
linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:55.procfs.asc http://www.iss.net/security_center/static/7017.php http://www.osvdb.org/1938 http://www.securityfocus.com/bid/3217 •
CVSS: 10.0EPSS: 0%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt http://archives.neohapsis.com/archives/hp/2001-q4/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 2CVE-2001-1180
https://notcve.org/view.php?id=CVE-2001-1180
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:42.signal.v1.1.asc http://archives.neohapsis.com/archives/bugtraq/2001-07/0179.html http://ciac.llnl.gov/ciac/bulletins/l-111.shtml http://www.kb.cert.org/vuls/id/943633 http://www.osvdb.org/1897 http://www.securityfocus.com/bid/3007 https://exchange.xforce.ibmcloud.com/vulnerabilities/6829 •