CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2010-4210 – FreeBSD - 'pseudofs' Null Pointer Dereference Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-4210
20 Nov 2010 — The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs. La función pfs_getextattr en FreeBSD v7.x antes de v7.3-RELEASE y v8.x antes de v8.0 RC1 desbloquea un mutex que no ha sido cerrado anteriormente, lo que permit... • https://www.exploit-db.com/exploits/15206 • CWE-667: Improper Locking •
CVSS: 9.8EPSS: 64%CPEs: 44EXPL: 3CVE-2010-1938 – FreeBSD 8.0 - 'ftpd' (FreeBSD-SA-10:05) Off-By-One (PoC)
https://notcve.org/view.php?id=CVE-2010-1938
28 May 2010 — Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd. Error Off-by-oneen en la función __opiereadrec en readrec.c en libopie en OPIE v2.4.1-test1 y anteriores, utilizada en FreeBSD v6.4 hasta v8.1-PRERELEASE... • https://www.exploit-db.com/exploits/12762 • CWE-189: Numeric Errors •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2009-4358
https://notcve.org/view.php?id=CVE-2009-4358
20 Dec 2009 — freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade) operation. FreeBSD-update en FreeBSD v8.0, v7.2, v7.1, v6.4, y v6.3 utiliza permisos inseguros en su directorio de trabajo (/var/db/Freebsd-update por defecto), lo que permite leer las copias de archivos confidenciales a usuarios ... • http://secunia.com/advisories/37575 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2009-2649 – FreeBSD 6/8 - ata Device Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-2649
30 Jul 2009 — The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service (kernel panic) via a certain IOCTL request with a large count, which triggers a malloc call with a large value. El controlador IATA (ata) en FreeBSD v6.0 y v8.0, cuando está disponible la lectura en el directorio /dev, permite a usuarios locales provocar una denegación de servicio (kernel panic) a través de ciertas peticiones IOCTL con un "count" largo, que provoca una llamada... • https://www.exploit-db.com/exploits/9134 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 44%CPEs: 32EXPL: 14CVE-2009-0689 – K-Meleon 1.5.3 - Remote Array Overrun
https://notcve.org/view.php?id=CVE-2009-0689
01 Jul 2009 — Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision v... • https://www.exploit-db.com/exploits/10186 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2009-2208
https://notcve.org/view.php?id=CVE-2009-2208
24 Jun 2009 — FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU. FreeBSD v6.3, v6.4, v7.1, y v7.2 no respeta los permisos sobre SIOCSIFINFO_IN6 IOCTL, lo que permite a usuarios locales modificar o deshabilitar interfaces de red IPv6, como se ha desmostrado modificando el MTU. • http://secunia.com/advisories/35410 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 1CVE-2009-1935
https://notcve.org/view.php?id=CVE-2009-1935
18 Jun 2009 — Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pages via unspecified vectors. Desbordamiento de entero en la función pipe_build_write_buffer (sys/kern/sys_pipe.c) en la característica de escritura directa en la implementación del filtro en FreeBSD v7.1 hasta ... • http://osvdb.org/55044 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2009-1436 – FreeBSD 7.1 - libc Berkley DB Interface Uninitialized Memory Local Information Disclosure
https://notcve.org/view.php?id=CVE-2009-1436
27 Apr 2009 — The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file. La interfaz de base de datos en libc en FreeBSD 6.3, 6.4, 7.0, 7.1, y 7.2-PRERELEASE no inicializa correctamente la memoria para las estructuras de la base de datos Berkeley DB v1.85, lo cual permite a usuarios locales obtener información sensible mediante la lectura de un ... • https://www.exploit-db.com/exploits/32946 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 2CVE-2009-1041 – FreeBSD 7.0/7.1 - 'ktimer' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1041
24 Mar 2009 — The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value. La funcionalidad ktimer (sys/kern/kern_time.c) de FreeBSD v7.0, v7.1 y v7.2, permite a usuarios locales sobrescribir a su elección la memoria del kernel a través de un valor timer fuera de rango. • https://www.exploit-db.com/exploits/8261 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 8EXPL: 3CVE-2009-0641 – FreeBSD 7.0-RELEASE - Telnet Daemon Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-0641
18 Feb 2009 — sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library. sys_term.c en telnetd en FreeBSD v7.0-RELEASE y otras v7.x borra variables de entorno peligrosas con un método que solo fue valido en dis... • https://www.exploit-db.com/exploits/8055 • CWE-16: Configuration CWE-264: Permissions, Privileges, and Access Controls •