| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. |
| Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges. |
| A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered. |
| OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken. |
| Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. |
| Vacation program allows command execution by remote users through a sendmail command. |
| IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. |
| FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. |
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. |
| rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length. |
| Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands. |
| The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. |
| Buffer overflow in FreeBSD lpd through long DNS hostnames. |
| The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. |
