CVSS: 7.5EPSS: 2%CPEs: 11EXPL: 2CVE-2001-0183 – FreeBSD 3.x/4.x - 'ipfw' Filtering Evasion
https://notcve.org/view.php?id=CVE-2001-0183
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection. • https://www.exploit-db.com/exploits/20593 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:08.ipfw.asc http://www.ciac.org/ciac/bulletins/l-029.shtml http://www.osvdb.org/1743 http://www.security-express.com/archives/bugtraq/2001-01/0424.html http://www.securityfocus.com/bid/2293 https://exchange.xforce.ibmcloud.com/vulnerabilities/5998 •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2000-1184
https://notcve.org/view.php?id=CVE-2000-1184
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:69.telnetd.v1.1.asc http://www.osvdb.org/6083 https://exchange.xforce.ibmcloud.com/vulnerabilities/5959 •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2000-1011
https://notcve.org/view.php?id=CVE-2000-1011
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc http://www.osvdb.org/6070 https://exchange.xforce.ibmcloud.com/vulnerabilities/5638 •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2000-1013
https://notcve.org/view.php?id=CVE-2000-1013
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2000-0916 – Linux Kernel 2.2 - Predictable TCP Initial Sequence Number
https://notcve.org/view.php?id=CVE-2000-0916
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections. • https://www.exploit-db.com/exploits/19522 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:52.tcp-iss.asc http://www.securityfocus.com/bid/1766 •