Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 7.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4358
freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade...
Freebsd Freebsd 8.0
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
NA
CVE-2009-4147
The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the (1) LD_LIBMAP, (2) LD_LIBRARY_PATH, (3) LD_LIBMAP_DISABLE, (4) LD_DEBUG, and (5) LD_ELF_HINTS_PATH environment variables, which allows local users to gain pr...
Freebsd Freebsd 7.1
Freebsd Freebsd 8.0
1 EDB exploit
NA
CVE-2009-4146
The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LD_PRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LD_PRELOAD variab...
Freebsd Freebsd 7.1
Freebsd Freebsd 7.2
Freebsd Freebsd 8.0
1 EDB exploit
NA
CVE-2009-2208
FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU.
Freebsd Freebsd 6.3
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3 Releng
Freebsd Freebsd 7.2
NA
CVE-2009-1935
Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 up to and including 7.2 and 6.3 up to and including 6.4 allows local users to bypass virtual-to-physical address looku...
Freebsd Freebsd 7.1
Freebsd Freebsd 7.2
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 6.3 Releng
NA
CVE-2009-1436
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 7.0
Freebsd Freebsd 6.3
Freebsd Freebsd 6.4
1 EDB exploit
1 Article
NA
CVE-2009-1041
The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value.
Freebsd Freebsd 7.0
Freebsd Freebsd 7.1
Freebsd Freebsd 7.2
1 EDB exploit
NA
CVE-2009-0641
sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote malicious users to execute arbitrary code by passing a crafted environment variab...
Freebsd Freebsd 7.1
Freebsd Freebsd 7.0
Freebsd Freebsd 7.0-release
Freebsd Freebsd 7.0 Beta4
Freebsd Freebsd 7.0 Releng
1 EDB exploit
NA
CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 prior to 6.4-STABLE, 6.3 prior to 6.3-RELEASE-p7, 6.4 prior to 6.4-RELEASE-p1, 7.0 prior to 7.0-RELEASE-p7, 7.1 prior to 7.1-RC2, and 7 prior to 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors relate...
Freebsd Freebsd 6.0
Freebsd Freebsd 6.3
Freebsd Freebsd 7.0
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
1 EDB exploit
7
CVSSv3
CVE-2008-5162
The arc4random function in the kernel in FreeBSD 6.3 up to and including 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for malicious users to predict the function's return values and conduct certain attacks ag...
Freebsd Freebsd 7.1
Freebsd Freebsd 6.3
Freebsd Freebsd 7.0
Freebsd Freebsd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »