CVE-2014-3711

namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
freebsdfreebsd
9.1
freebsdfreebsd
9.1:p4
freebsdfreebsd
9.1:p5
freebsdfreebsd
9.2
freebsdfreebsd
9.2:prerelease
freebsdfreebsd
9.2:rc1
freebsdfreebsd
9.2:rc2
freebsdfreebsd
9.3
freebsdfreebsd
9.3:rc1
freebsdfreebsd
9.3:rc2
freebsdfreebsd
10.0
freebsdfreebsd
10.0:rc1
freebsdfreebsd
10.0:rc2
freebsdfreebsd
10.1
freebsdfreebsd
10.1:rc1
freebsdfreebsd
10.1:rc2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/62218
http://www.debian.org/security/2014/dsa-3070
http://www.securitytracker.com/id/1031100
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc
http://secunia.com/advisories/62218
http://www.debian.org/security/2014/dsa-3070
http://www.securitytracker.com/id/1031100
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc