See also

FREEBSD : FreeBSD 8.0

FREEBSD : FreeBSD 7.2

FREEBSD : FreeBSD7.0

FREEBSD : FreeBSD 6.4

FREEBSD : FreeBSD 7.1

FREEBSD : FreeBSD 6.3

FREEBSD : FreeBSD 6.2

FREEBSD : FreeBSD 5.5

FREEBSD : FreeBSD 6.0

FREEBSD : FreeBSD 4.11

Name: FREEBSD : FreeBSD 7.0

	setusercontext() privilege escalation in BSD systems
		Multiple application misbihave if different limits are set via setusercontext(), resulting in different exploitation scenarios.
7!	FreeBSD multiple security vulnerabilities updated since 07.09.2008
		mount / nmount syscall implementcation buffer overflow. amd64 CPU registers privilege escalation. DoS через ICMPv6.
	FreeBSD libc db functions information leak
		Uninitialized memory data can be written to database file.
7!	FreeBSD / Mac OS X integer overflow
		Integer overflow in kernel space on process timers.
9!	FreeBSD telnetd privilege escalation updated since 16.02.2009
		LD_xxx environment variable are not cleared on 'login' execution, makeing it's possible to execute code witi root privileges. For remote exploitation it's required to have ability to upload the file to remote system (via FTP, Web, etc).
	Multiple FTP servers unsafe fgets() vulnerability updated since 30.09.2008
		It's possible to embed additional commands into URLs.
6!	FreeBSD arc4random cryptographic weakness
		5 minutes after system start generated psudo-random sequences are weak.
	FreeBSD sendfile() privilege escalation
		Syscall allows read access to write-only files.
	FreeBSD pty hijacking
		'script' users openpty in insecure way, ptsname incorrectly extracts device name.
6!	FreeBSD libc / libbind memory corruption
		Off-by-one heap overflow in inet_network() .
6!	FreeBSD pseudo-random numbers generator weakness
		SAme PRNG sequence may be reproduced twice under some conditions.
	BSD systems securelevel protection bypass updated since 09.01.2006
		By mounting different filesystem it's possible to mask file flagged 'immutable'. It's possible to rollback system tiime by setting it to maximum value.