Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 7.0 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2009-0641
sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote malicious users to execute arbitrary code by passing a crafted environment variab...
Freebsd Freebsd 7.1
Freebsd Freebsd 7.0
Freebsd Freebsd 7.0-release
Freebsd Freebsd 7.0 Beta4
Freebsd Freebsd 7.0 Releng
1 EDB exploit
6.9
CVSSv2
CVE-2008-5162
The arc4random function in the kernel in FreeBSD 6.3 up to and including 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for malicious users to predict the function's return values and conduct certain attacks ag...
Freebsd Freebsd 7.1
Freebsd Freebsd 6.3
Freebsd Freebsd 7.0
Freebsd Freebsd
7.1
CVSSv2
CVE-2008-3530
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 up to and including 7.1, NetBSD 3.0 up to and including 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote malicious users to cause a den...
Freebsd Freebsd 6.3
Freebsd Freebsd 7.0
Freebsd Freebsd 7.1
7.2
CVSSv2
CVE-2009-1041
The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value.
Freebsd Freebsd 7.0
Freebsd Freebsd 7.1
Freebsd Freebsd 7.2
1 EDB exploit
4.9
CVSSv2
CVE-2008-0777
The sendfile system call in FreeBSD 5.5 up to and including 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
Freebsd Freebsd 7.0
Freebsd Freebsd 6.2
Freebsd Freebsd 5.5
Freebsd Freebsd 6.3
2.1
CVSSv2
CVE-2007-6150
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 up to and including 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that re...
Freebsd Freebsd 6.2
Freebsd Freebsd 6.3
Freebsd Freebsd 5.5
Freebsd Freebsd 6.1
Freebsd Freebsd 7.0
2.1
CVSSv2
CVE-2008-0216
The ptsname function in FreeBSD 6.0 up to and including 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another us...
Freebsd Freebsd 6.1
Freebsd Freebsd 7.0
Freebsd Freebsd 6.0
Freebsd Freebsd 6.2
Freebsd Freebsd 6.3
7.2
CVSSv2
CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 prior to 6.4-STABLE, 6.3 prior to 6.3-RELEASE-p7, 6.4 prior to 6.4-RELEASE-p1, 7.0 prior to 7.0-RELEASE-p7, 7.1 prior to 7.1-RC2, and 7 prior to 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors relate...
Freebsd Freebsd 6.0
Freebsd Freebsd 6.3
Freebsd Freebsd 7.0
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
1 EDB exploit
4.9
CVSSv2
CVE-2009-1436
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 7.0
Freebsd Freebsd 6.3
Freebsd Freebsd 6.4
1 EDB exploit
1 Article
6.9
CVSSv2
CVE-2008-0217
The script program in FreeBSD 5.0 up to and including 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.
Freebsd Freebsd 6.0
Freebsd Freebsd 6.1
Freebsd Freebsd 6.2
Freebsd Freebsd 7.0
Freebsd Freebsd 5.0
Freebsd Freebsd 5.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »