| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing. |
| fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. |
| OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices. |
| Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. |
| Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. |
| Buffer overflow in FreeBSD angband allows local users to gain privileges. |
| FreeBSD gdc program allows local users to modify files via a symlink attack. |
| Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI. |
| FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files. |
| FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. |
| Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable. |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Vacation program allows command execution by remote users through a sendmail command. |
| File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
