CVSS: 2.1EPSS: 0%CPEs: 61EXPL: 0CVE-2005-1126
https://notcve.org/view.php?id=CVE-2005-1126
The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:04.ifconf.asc http://lists.apple.com/archives/security-announce/2005/Oct/msg00000.html http://secunia.com/advisories/14959 http://secunia.com/advisories/17368 http://www.osvdb.org/15514 http://www.securityfocus.com/bid/15252 http://www.vupen.com/english/advisories/2005/2256 https://exchange.xforce.ibmcloud.com/vulnerabilities/20114 • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 63EXPL: 0CVE-2005-0610
https://notcve.org/view.php?id=CVE-2005-0610
Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. • http://secunia.com/advisories/14903 http://www.securityfocus.com/bid/13106 http://www.vuxml.org/freebsd/22f00553-a09d-11d9-a788-0001020eed82.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1036
https://notcve.org/view.php?id=CVE-2005-1036
FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc • CWE-909: Missing Initialization of Resource •
CVSS: 3.7EPSS: 0%CPEs: 104EXPL: 0CVE-2005-0988
https://notcve.org/view.php?id=CVE-2005-0988
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://rhn.redhat.com/errata/RHSA-2005-357.html http://secunia.com/advisories/18100 http://secunia.com/advisories/21253 http://secunia.com/advisories/22033 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1 http://www& •
CVSS: 10.0EPSS: 0%CPEs: 63EXPL: 0CVE-2005-0708 – FreeBSD-SA-05:02.sendfile Exploit
https://notcve.org/view.php?id=CVE-2005-0708
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information. • https://www.freebsd.org/security/advisories/FreeBSD-SA-05:02.sendfile.asc •