The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
Max CVSS
1.9
EPSS Score
0.04%
Published
2014-06-04
Updated
2017-12-29
crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname.
Max CVSS
1.9
EPSS Score
0.04%
Published
2011-03-04
Updated
2018-10-09
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXXXXXXX temporary files.
Max CVSS
1.9
EPSS Score
0.04%
Published
2011-03-04
Updated
2018-10-09
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.
Max CVSS
1.2
EPSS Score
0.04%
Published
2010-08-20
Updated
2018-10-10
procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.
Max CVSS
1.2
EPSS Score
0.04%
Published
2002-12-31
Updated
2017-07-11
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.05%
Published
2001-02-16
Updated
2018-05-03
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
Max CVSS
1.9
EPSS Score
0.04%
Published
1996-04-18
Updated
2022-08-17
7 vulnerabilities found