This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Freebsd First view 2009-04-27
Product Freebsd Last view 2020-09-03
Version 6.4 Type Os
Update release_p4  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:freebsd:freebsd

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.5 2020-09-03 CVE-2020-24863

A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode.

5.5 2020-09-03 CVE-2020-24385

In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. During binary interaction, td->td_emuldata in sys/compat/linux/linux_emul.h is not getting initialized and returns NULL from em_find().

7.8 2020-03-14 CVE-2020-10566

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow.

7.8 2020-03-14 CVE-2020-10565

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhyve process, resulting in code execution as root on the host OS.

6.5 2020-02-20 CVE-2015-2923

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

7.5 2020-02-20 CVE-2012-5365

The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.

7.5 2020-02-20 CVE-2012-5363

The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.

9.8 2020-02-18 CVE-2014-3879

OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discarded and allows context-dependent attackers to bypass authentication via a login (1) without a password or (2) with an incorrect password.

7.5 2019-11-27 CVE-2011-2480

Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.

10 2018-12-04 CVE-2018-17160

In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. A guest OS using a firmware image can cause the bhyve process to crash, or possibly execute arbitrary code on the host as root.

7.5 2018-12-04 CVE-2018-17159

In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation.

7.5 2018-12-04 CVE-2018-17158

In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request.

9.8 2018-12-04 CVE-2018-17157

In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code.

5.9 2018-11-28 CVE-2018-17156

In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.inet.icmp.quotelen sysctl.

5.5 2018-09-28 CVE-2018-6925

In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash.

5.5 2018-09-28 CVE-2018-17155

In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts privileged kernel data.

5.5 2018-09-28 CVE-2018-17154

In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able to cause a denial of service.

7.1 2018-09-12 CVE-2018-6924

In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory.

7.8 2018-09-12 CVE-2017-1085

In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context.

7.5 2018-09-12 CVE-2017-1084

In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written process could be cause a stack overflow.

7.5 2018-09-12 CVE-2017-1083

In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow.

7.5 2018-09-12 CVE-2017-1082

In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack usage and potential overflow. Applications that use qsort to handle large data set may crash if the input follows the pathological pattern.

7.8 2018-05-08 CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.

5.5 2018-05-08 CVE-2018-6921

In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of privileged kernel data.

5.5 2018-05-08 CVE-2018-6920

In FreeBSD before 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE(r332321), and 10.4-RELEASE-p9, due to insufficient initialization of memory copied to userland in the Linux subsystem and Atheros wireless driver, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of privileged kernel data.

CWE : Common Weakness Enumeration

%idName
18% (8) CWE-200 Information Exposure
16% (7) CWE-20 Improper Input Validation
11% (5) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
6% (3) CWE-787 Out-of-bounds Write
6% (3) CWE-476 NULL Pointer Dereference
6% (3) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
6% (3) CWE-190 Integer Overflow or Wraparound
4% (2) CWE-362 Race Condition
4% (2) CWE-189 Numeric Errors
2% (1) CWE-416 Use After Free
2% (1) CWE-310 Cryptographic Issues
2% (1) CWE-287 Improper Authentication
2% (1) CWE-269 Improper Privilege Management
2% (1) CWE-264 Permissions, Privileges, and Access Controls
2% (1) CWE-125 Out-of-bounds Read
2% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers

Open Source Vulnerability Database (OSVDB)

id Description
64949 OPIE readrec.c __opiereadrec() Off-by-One Remote Code Execution
63646 J Programming Language libc dtoa Implementation Floating Point Parsing Memory...
63641 Matlab libc dtoa Implementation Floating Point Parsing Memory Corruption
63639 Apple Mac OS X libc dtoa Implementation Floating Point Parsing Memory Corruption
62402 K-Meleon libc dtoa Implementation Floating Point Parsing Memory Corruption
61189 Mozilla Sunbird libc dtoa Implementation Floating Point Parsing Memory Corrup...
61188 Flock Browser libc dtoa Implementation Floating Point Parsing Memory Corruption
61187 KDE kdelibs libc dtoa Implementation Floating Point Parsing Memory Corruption
61186 Opera libc dtoa Implementation Floating Point Parsing Memory Corruption
61091 Mozilla Multiple Products libc dtoa Implementation Floating Point Parsing Mem...
55603 libc gdtoa/misc.c dtoa() Implementation printf Function Array Overflow
55045 FreeBSD IPv6 SIOCSIFINFO_IN6 IOCTL Unprivileged Interface Property Manipulation
55044 FreeBSD Direct Pipe Write Page Set Computation Information Disclosure
53918 FreeBSD libc db(3) Interface Local Information Disclosure

ExploitDB Exploits

id Description
12762 FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)
10380 Sunbird 0.9 Array Overrun (code execution) 0day
10187 Opera 10.01 Remote Array Overrun
10186 K-Meleon 1.5.3 Remote Array Overrun
10185 SeaMonkey 1.1.8 Remote Array Overrun
10184 KDE KDELibs 4.3.3 Remote Array Overrun

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-10-03 Name : Gentoo Security Advisory GLSA 201209-24 (PostgreSQL)
File : nvt/glsa_201209_24.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-25 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-08-30 Name : Fedora Update for postgresql FEDORA-2012-12165
File : nvt/gb_fedora_2012_12165_postgresql_fc17.nasl
2012-08-30 Name : Fedora Update for postgresql FEDORA-2012-12156
File : nvt/gb_fedora_2012_12156_postgresql_fc16.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11755
File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11182
File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30 Name : Fedora Update for php FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_php_fc17.nasl
2012-08-30 Name : Fedora Update for php FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_php_fc17.nasl
2012-08-30 Name : Fedora Update for postgresql FEDORA-2012-8924
File : nvt/gb_fedora_2012_8924_postgresql_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-9386
File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-30 Name : Fedora Update for maniadrive FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_maniadrive_fc17.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-10 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD18.nasl
2012-08-10 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD16.nasl
2012-08-10 Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8)
File : nvt/deb_2508_1.nasl

Snort® IPS/IDS

Date Description
2018-07-10 Microsoft Windows Interrupt Service Routine stack rollback attempt
RuleID : 46910 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows Interrupt Service Routine stack rollback attempt
RuleID : 46909 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows processor modification return to user-mode attempt
RuleID : 46908 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows processor modification return to user-mode attempt
RuleID : 46907 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows malicious CONTEXT structure creation attempt
RuleID : 46906 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows malicious CONTEXT structure creation attempt
RuleID : 46905 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows SYSTEM token stealing attempt
RuleID : 46904 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows SYSTEM token stealing attempt
RuleID : 46903 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46835 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46834 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows ROP gadget locate attempt
RuleID : 46833 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows ROP gadget locate attempt
RuleID : 46832 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46831 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46830 - Type : OS-WINDOWS - Revision : 1
2014-01-10 PHP truncated crypt function attempt
RuleID : 23896 - Type : SERVER-WEBAPP - Revision : 4
2014-01-10 PHP truncated crypt function attempt
RuleID : 23895 - Type : SERVER-WEBAPP - Revision : 5
2014-01-10 truncated crypt function attempt
RuleID : 23894 - Type : SERVER-WEBAPP - Revision : 7
2014-01-10 Mozilla products floating point buffer overflow attempt
RuleID : 21155 - Type : BROWSER-FIREFOX - Revision : 6
2014-01-10 Mozilla products floating point buffer overflow attempt
RuleID : 21154 - Type : BROWSER-FIREFOX - Revision : 6
2014-01-10 Multiple vendors OPIE off-by-one stack buffer overflow attempt
RuleID : 17155 - Type : SERVER-OTHER - Revision : 13

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO
2018-12-11 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_32498c8ffc8411e8be12a4badb2f4699.nasl - Type: ACT_GATHER_INFO
2018-11-30 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_sa-18-13_nfs.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security update.
File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote Debian host is missing a security update.
File: debian_DLA-1564.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1263.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO
2018-09-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_a67c122ab69311e8ac58a4badb2f4699.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0132-a.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0037-a.nasl - Type: ACT_GATHER_INFO
2018-07-18 Name: The remote Virtuozzo host is missing multiple security updates.
File: Virtuozzo_VZA-2018-048.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2164.nasl - Type: ACT_GATHER_INFO
2018-06-15 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_ioctl_call.nasl - Type: ACT_GATHER_INFO
2018-06-05 Name: The remote Debian host is missing a security update.
File: debian_DLA-1392.nasl - Type: ACT_GATHER_INFO
2018-06-05 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_13_5.nasl - Type: ACT_GATHER_INFO
2018-06-05 Name: The remote host is missing a macOS or Mac OS X security update that fixes mul...
File: macosx_SecUpd2018-003.nasl - Type: ACT_GATHER_INFO
2018-05-31 Name: The remote Virtuozzo host is missing multiple security updates.
File: Virtuozzo_VZA-2018-037.nasl - Type: ACT_GATHER_INFO
2018-05-31 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-1318.nasl - Type: ACT_GATHER_INFO
2018-05-30 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1023.nasl - Type: ACT_GATHER_INFO
2018-05-30 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1023.nasl - Type: ACT_GATHER_INFO
2018-05-29 Name: The remote Debian host is missing a security update.
File: debian_DLA-1383.nasl - Type: ACT_GATHER_INFO
2018-05-29 Name: The remote Fedora host is missing a security update.
File: fedora_2018-7cd077ddd3.nasl - Type: ACT_GATHER_INFO
2018-05-17 Name: The remote Fedora host is missing a security update.
File: fedora_2018-98684f429b.nasl - Type: ACT_GATHER_INFO
2018-05-16 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1121.nasl - Type: ACT_GATHER_INFO