Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 5.2 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2004-0126
The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.
Freebsd Freebsd 5.1
Freebsd Freebsd 5.2
Freebsd Freebsd 5.2.1
4.6
CVSSv2
CVE-2004-0919
The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordinates or (2) large coordinates.
Freebsd Freebsd 5.0
Freebsd Freebsd 5.1
Freebsd Freebsd 5.2
Freebsd Freebsd 5.2.1
7.2
CVSSv2
CVE-2006-4172
Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178.
Freebsd Freebsd 5.2
Freebsd Freebsd 5.4
Freebsd Freebsd
Freebsd Freebsd 5.2.1
Freebsd Freebsd 5.3
1 Github repository
4.9
CVSSv2
CVE-2006-4178
Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large l...
Freebsd Freebsd 5.4
Freebsd Freebsd
Freebsd Freebsd 5.2.1
Freebsd Freebsd 5.3
Freebsd Freebsd 5.2
1 EDB exploit
1 Github repository
3.6
CVSSv2
CVE-2004-0435
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and previous versions, and 4.10 and previous versions, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain change...
Freebsd Freebsd 4.8
Freebsd Freebsd 4.10
Freebsd Freebsd 4.9
Freebsd Freebsd 5.2
Freebsd Freebsd 5.2.1
Freebsd Freebsd 4.0
7.2
CVSSv2
CVE-2005-2218
The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process.
Freebsd Freebsd 5.1
Freebsd Freebsd 5.0
Freebsd Freebsd 5.2
Freebsd Freebsd 5.2.1
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
6.4
CVSSv2
CVE-2006-2654
Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it...
Freebsd Freebsd 5.0
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Freebsd Freebsd 6.0
Freebsd Freebsd 5.2.1
Freebsd Freebsd 5.4
Freebsd Freebsd 5.2
2.1
CVSSv2
CVE-2004-0370
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow malicious users to read kernel memory and cause a system panic.
Freebsd Freebsd 5.2
4.6
CVSSv2
CVE-2005-1400
The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values.
Freebsd Freebsd 4.11
Freebsd Freebsd 4.7
Freebsd Freebsd 4.8
Freebsd Freebsd 4.9
Freebsd Freebsd 4.10
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Freebsd Freebsd 5.2
Freebsd Freebsd 5.4
2.1
CVSSv2
CVE-2006-0055
The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
Freebsd Freebsd 4.11
Freebsd Freebsd 5.1
Freebsd Freebsd 5.3
Freebsd Freebsd 4.10
Freebsd Freebsd 5.0
Freebsd Freebsd 6.0
Freebsd Freebsd 5.4
Freebsd Freebsd 5.2
Freebsd Freebsd 5.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »