彙總 bsd 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 緩衝區溢位與拒絕服務,在 軟體部署與生產負載 使用場景中可能帶來 應用程式崩潰與檔案覆寫 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | [email protected] | 5.0 | 4.75% | 2014-12-11 | 2026-06-16 |
| CVE-2008-4609 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | [email protected] | 7.1 | 32.12% | 2008-10-20 | 2026-06-16 |
| CVE-2003-0144 | Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | [email protected] | 7.2 | 1.91% | 2003-03-31 | 2026-06-16 |
| CVE-2001-1562 | Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename. | [email protected] | 7.2 | 0.40% | 2001-12-31 | 2026-06-16 |
| CVE-2001-0670 | Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | [email protected] | 7.5 | 6.61% | 2001-10-03 | 2026-06-16 |
| CVE-1999-1102 | lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | [email protected] | 2.1 | 0.44% | 1999-12-31 | 2026-06-16 |
| CVE-1999-1394 | BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device. | [email protected] | 2.1 | 0.61% | 1999-07-02 | 2026-06-16 |
| CVE-1999-1214 | The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | [email protected] | 2.1 | 0.30% | 1997-09-15 | 2026-06-16 |
| CVE-1999-1098 | Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing. | [email protected] | 5.0 | 1.36% | 1995-03-03 | 2026-06-16 |
| CVE-1999-1471 | Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field. | [email protected] | 7.2 | 0.51% | 1989-01-01 | 2026-06-16 |