CVSS: 10.0EPSS: 35%CPEs: 51EXPL: 4CVE-2001-0247 – FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0247
24 May 2001 — Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. • https://www.exploit-db.com/exploits/20731 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0268
https://notcve.org/view.php?id=CVE-2001-0268
03 May 2001 — The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. • http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2001-0284
https://notcve.org/view.php?id=CVE-2001-0284
03 May 2001 — Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. • http://www.openbsd.org/errata.html#ipsec_ah •
CVSS: 7.5EPSS: 7%CPEs: 7EXPL: 3CVE-2000-0914 – OpenBSD 2.x - Pending ARP Request Remote Denial of Service
https://notcve.org/view.php?id=CVE-2000-0914
19 Dec 2000 — OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. • https://www.exploit-db.com/exploits/20271 •
CVSS: 7.5EPSS: 1%CPEs: 23EXPL: 0CVE-1999-0001
https://notcve.org/view.php?id=CVE-1999-0001
30 Dec 1999 — ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. ip_input.c en implementaciones de TCP/IP derivadas de BSD permiten a atacantes remotos causar una denegación de servicio (cuelgue o caída) mediante paquetes artesanales. • http://www.openbsd.org/errata23.html#tcpfix • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 27EXPL: 2CVE-1999-0674 – NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil' Modify The Internal Data Space
https://notcve.org/view.php?id=CVE-1999-0674
09 Aug 1999 — The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. • https://www.exploit-db.com/exploits/19447 •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-1999-0052
https://notcve.org/view.php?id=CVE-1999-0052
04 Nov 1998 — IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. • http://www.osvdb.org/908 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-1999-0303
https://notcve.org/view.php?id=CVE-1999-0303
21 May 1998 — Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303 •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-1999-0323
https://notcve.org/view.php?id=CVE-1999-0323
20 Feb 1998 — FreeBSD mmap function allows users to modify append-only or immutable files. • ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-1999-0305
https://notcve.org/view.php?id=CVE-1999-0305
01 Feb 1998 — The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. • http://www.openbsd.org/advisories/sourceroute.txt •