Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.

Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_union...

Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.

A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly othe...

cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and a...

Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable.

Buffer overflow in FreeBSD lpd through long DNS hostnames.

Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain ...

The open() function in FreeBSD allows local attackers to write to arbitrary files.

The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the...

FreeBSD mmap function allows users to modify append-only or immutable files.

FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.

FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.

TCP RST denial of service in FreeBSD.

IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.

FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then w...

FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.

FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument.