CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1880 – FreeBSD Security Advisory - FreeBSD-SA-16:03.linux
https://notcve.org/view.php?id=CVE-2016-1880
15 Jan 2016 — The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists." La capa de compatibilidad de Linux en el kernel en FreeBSD 9.3, 10.1 y 10.2 permite a usuarios locales leer porciones de la memoria del kernel y potencialmente obtener privilegios a través de vectores no especificados, relacionado con "manejo de listas robustas de futex de Lin... • http://www.securitytracker.com/id/1034675 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1881 – FreeBSD Security Advisory - FreeBSD-SA-16:04.linux
https://notcve.org/view.php?id=CVE-2016-1881
15 Jan 2016 — The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call. El kernel en FreeBSD 9.3, 10.1 y 10.2 permite a usuarios locales provocar una denegación de servicio (caída) o potencialmente obtener privilegios a través de una llamada de sistema setgroups de capa de compatibilidad de Linux. A programming error in the Linux compatibility layer setgroups(2) system call can lead to an u... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 19%CPEs: 3EXPL: 2CVE-2016-1879 – FreeBSD SCTP ICMPv6 - Error Processing
https://notcve.org/view.php?id=CVE-2016-1879
14 Jan 2016 — The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet. El módulo Stream Control Transmission Protocol (SCTP) en FreeBSD 9.3 en versiones anteriores a p33, 10.1 en versiones anteriores a p26 y 10.2 en versiones anteriores a p9, cuando el kernel está configurado ... • https://packetstorm.news/files/id/135369 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1882 – FreeBSD Security Advisory - FreeBSD-SA-16:05.tcp
https://notcve.org/view.php?id=CVE-2016-1882
14 Jan 2016 — FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options. FreeBSD 9.3 en versiones anteriores a p33, 10.1 en versiones anteriores a p26 y 10.2 en versiones anteriores a p9 permiten a atacantes remotos causar una denegación de servicio (caída de kernel) a través de vectores relacionados con la creación de una conexión TCP con las opciones sock... • http://www.securitytracker.com/id/1034677 • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5675 – FreeBSD Security Advisory - IRET Handler Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5675
26 Aug 2015 — The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileges or cause a denial of service (kernel panic). El manipulador IRET sys_amd64 en el kernel en FreeBSD 9.3 y 10.1 permite que usuarios locales obtengan privilegios o provoquen una denegación de servicio (pánico del kernel). If the kernel-mode IRET instruction generates an #SS or #NP exception, but the exception handler does not properly ensure that the right GS register base for kernel is reloaded, the userlan... • http://packetstormsecurity.com/files/133335/FreeBSD-Security-Advisory-IRET-Handler-Privilege-Escalation.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 0CVE-2015-1418 – FreeBSD Security Advisory - patch Shell Injection
https://notcve.org/view.php?id=CVE-2015-1418
06 Aug 2015 — The do_ed_script function in pch.c in GNU patch through 2.7.6, and patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1, allows remote attackers to execute arbitrary commands via a crafted patch file, because a '!' character can be passed to the ed program. La función do_ed_script en pch.c en GNU patch hasta la versión 2.7.6; y patch in FreeBSD en versiones 10.1 anteriores a la 10.1-RELEASE-p17, versiones 10.2 anteriores a la 1... • http://rachelbythebay.com/w/2018/04/05/bangpatch • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2015-5674 – FreeBSD Security Advisory - routed Denial of Service
https://notcve.org/view.php?id=CVE-2015-5674
06 Aug 2015 — The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 before 10.2-RC2-p1, 10.2-RC1 before 10.2-RC1-p2, 10.2 before 10.2-BETA2-p3, and 10.1 before 10.1-RELEASE-p17 allows remote authenticated users to cause a denial of service (assertion failure and daemon exit) via a query from a network that is not directly connected. Routed daemon en FreeBSD 9.3 anteriores a 9.3-RELEASE-p22, 10.2-RC2 anteriores a 10.2-RC2-p1, 10.2-RC1 anteriores a 10.2-RC1-p2, 10.2 anteriores a 10.2-BETA2-p3 y 10.1 anteriores ... • http://www.securityfocus.com/bid/76244 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1416 – FreeBSD Security Advisory - patch Shell Injection
https://notcve.org/view.php?id=CVE-2015-1416
28 Jul 2015 — Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file. El parche Larry Wall, el parche en FreeBSD en versiones 10.2-RC1 anteriores a la 10.2-RC1-p1, 10.2 anteriores a la 10.2-BETA2-p2, 10.1 anteriores a la 10.1-RELEASE-p16; Bitrig, el parche GNU en versiones anteriores a la 2.2.5 y posibl... • http://www.openwall.com/lists/oss-security/2015/07/30/9 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 4%CPEs: 56EXPL: 0CVE-2015-1417 – FreeBSD Security Advisory - TCP Reassembly Resource Exhaustion
https://notcve.org/view.php?id=CVE-2015-1417
28 Jul 2015 — The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 on systems with VNET enabled and at least 16 VNET instances allows remote attackers to cause a denial of service (mbuf consumption) via multiple concurrent TCP connections. El módulo inet en FreeBSD versión 10.2x anterior a 10.2-PRERELEASE, versión 10.2-BETA2-p2, versión 10.2-RC1-p1, versión 10.1x anterior a 10.... • http://www.securityfocus.com/bid/76112 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 5%CPEs: 1EXPL: 0CVE-2015-2923 – Debian Security Advisory 3175-2
https://notcve.org/view.php?id=CVE-2015-2923
08 Apr 2015 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. La implementación del protocolo Neighbor Discovery (ND) en la pila de IPv6 en FreeBSD versiones hasta 10.1, permite a atacantes remotos reconfigurar una configuración de hop-limit por medio de un valor hop_limit pequeño en un mensaje Router Advertisement (RA). The Neighbor Discover Protocol... • http://openwall.com/lists/oss-security/2015/04/04/2 • CWE-20: Improper Input Validation •