CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-1400
https://notcve.org/view.php?id=CVE-2005-1400
06 May 2005 — The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:07.ldt.asc •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2005-1406
https://notcve.org/view.php?id=CVE-2005-1406
06 May 2005 — The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:08.kmem.asc •
CVSS: 7.2EPSS: 0%CPEs: 63EXPL: 0CVE-2005-0610
https://notcve.org/view.php?id=CVE-2005-0610
12 Apr 2005 — Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. • http://secunia.com/advisories/14903 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1036
https://notcve.org/view.php?id=CVE-2005-1036
10 Apr 2005 — FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:03.amd64.asc • CWE-909: Missing Initialization of Resource •
CVSS: 6.3EPSS: 0%CPEs: 104EXPL: 0CVE-2005-0988
https://notcve.org/view.php?id=CVE-2005-0988
06 Apr 2005 — Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt •
CVSS: 10.0EPSS: 1%CPEs: 63EXPL: 0CVE-2005-0708
https://notcve.org/view.php?id=CVE-2005-0708
05 Apr 2005 — The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information. • https://www.freebsd.org/security/advisories/FreeBSD-SA-05:02.sendfile.asc •
CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0CVE-2005-0109
https://notcve.org/view.php?id=CVE-2005-0109
05 Mar 2005 — Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt •
CVSS: 10.0EPSS: 27%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 25%CPEs: 33EXPL: 1CVE-1999-0513 – Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service
https://notcve.org/view.php?id=CVE-1999-0513
05 Jan 1998 — ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. • https://www.exploit-db.com/exploits/19117 •
CVSS: 9.1EPSS: 1%CPEs: 32EXPL: 0CVE-1999-0017
https://notcve.org/view.php?id=CVE-1999-0017
10 Dec 1997 — FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017 •