all things security
Showing 1 - 25 of 40 RSS Feed

Files

netbsd.2002-004.openbsd
Posted Mar 14, 2002
Site netbsd.org

NetBSD Security Advisory 2002-004 - An off by one overflow has been discovered in the channel code of OpenSSH versions 2.0 - 3.0.2 can be used to execute code on systems running vulnerable OpenSSH clients and servers. NetBSD fixed this vulnerability in versions 1.5 - 1.5.2 and announced that the fix will be included in NetBSD 1.5.3.

tags | overflow
systems | netbsd
MD5 | 291044b69383ecbb2f0547d10986366f
netbsd.2002-002.gzip
Posted Mar 14, 2002
Site netbsd.org

NetBSD Security Advisory 2002-002 - A buffer overflow found in Gzip can under certain conditions be used to execute shellcode with elevated privileges, for example through certain FTP servers. NetBSD fixed this vulnerability for CURRENT, 1.5 - 1.5.2 and 1.4 - 1.4.3.

tags | overflow, shellcode
systems | netbsd
MD5 | bf1b7a1495a3800f257976abe0b220c6
NetBSD-SA2001-018.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-018 - A remote buffer overflow in BSD derived Line Printer Daemons can lead to a remote root compromise. This vulnerability affects NetBSD current, 1.5, 1.5.1 and 1.5.2.

tags | remote, overflow, root
systems | netbsd, bsd
MD5 | f3fdd6192469af9d256ffd05a0887f1d
NetBSD-SA2001-017.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-017 - Sendmail's incorrect command line argument check can lead to a local root privilege compromise. This vulnerability affects all sendmail versions between 8.10.0 to 8.11.5.

tags | local, root
systems | netbsd
MD5 | cfc7da87178731d6909560c889d8f5bd
NetBSD-SA2001-016.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-016 - The fts functions are provided for traversing UNIX file hierarchies. The NetBSD fts implementation can be tricked to follow symbolic links and can therefore be abused by local users. All NetBSD releases prior to July 9, 2001 are affected by this vulnerability.

tags | local
systems | netbsd, unix
MD5 | 5aaadd17aaa176e5313bc8ffddc587c5
NetBSD-SA2001-015.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-015 - Several buffer overflows found in the NetBSD kernel can enable local users to crash the system or gain superuser privileges. This vulnerability affects NetBSD-current, 1.4.*, 1.5, and 1.5.1.

tags | overflow, kernel, local
systems | netbsd
MD5 | 05e7d3511508a050b833e485517ece1f
NetBSD-SA2001-014.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-014 - Dump (/sbin/dump), which is setgid tty, does not drop its privileges correctly and can be used to execute commands with setgid tty privileges by using the RCMD_CMD environment variable. This vulnerability affects the NetBSD-1.4, 1.5, 1.5.1 and current branch.

systems | netbsd
MD5 | ca664a93a96fb15541c16aec000c6483
NetBSD-SA2001-013.txt.asc
Posted Feb 5, 2002
Site netbsd.org

NetBSD Security Advisory 2001-013 - The OpenSSL libcrypto includes a PRNG (pseudo random number generator) implementation. The logic used for PRNG was not strong enough, and allows attackers to guess the internal state of the PRNG. Therefore, attackers can predict future PRNG output. This vulnerability undermines the security level of cryptographic programs such as ssh and pgp.

systems | netbsd
MD5 | cdf99cb5c4800d795de5f7a8f19df567
NetBSD-SA2001-012.txt.asc
Posted Feb 5, 2002

NetBSD Security Advisory 2001-012 - A remotely exploitable buffer overflow found in BSD derived telnet daemons can be used to execute shell code with root privileges.

tags | overflow, shell, root
systems | netbsd, bsd
MD5 | 0929abe340f20ce04a6ae1169308c7d3
netbsd.2002-001.ptrace
Posted Jan 19, 2002
Site netbsd.org

NetBSD Security Advisory 2002-001 - A vulnerability found in the ptrace implementation on NetBSD 1.5.* , 1.4.* and CURRENT (prior to January 14, 2002) systems can result in race conditions where it is possible to use ptrace and SUID binaries to execute code with elevated privileges.

systems | netbsd
MD5 | 413f80cd0aca939c1288738bae4d6d12
netbsd.2000-018.ftpd
Posted Dec 22, 2000

NetBSD Security Advisory 2000-017 - A one-byte remote buffer overrun has been found in the ftp daemon which is believed to allow remote attackers to gain root access. A bad bounds check was found in the replydirname() function.

tags | remote, overflow, root
systems | netbsd
MD5 | f93622338e803ce4037d1ff8906b82ab
netbsd.2000-017.libkrb
Posted Dec 22, 2000

NetBSD Security Advisory 2000-017 - Kerberised telnetd and libkrb contain exploitable local root bugs. There were two problems - first, telnetd allowed the user to provide arbitrary environment variables, including several that cause programs to behave differently. There was also a possible buffer overflow in the Kerberos v4 library.

tags | overflow, arbitrary, local, root
systems | netbsd
MD5 | d384a4e203b28b7c9a7e980262a057ed
netbsd.2000-015.passwd
Posted Oct 31, 2000

NetBSD Security Advisory 2000-015 - The pw_error() function of the system libutil library, used by several programs including the setuid passwd program, was vulnerable to a format string attack resulting in local root compromise.

tags | local, root
systems | netbsd
MD5 | f634d664f3d25affe80b291ff5b5a617
netbsd.2000-014.global
Posted Oct 31, 2000

NetBSD Security Advisory 2000-014 - Global-3.55 and below allows remote users to execute arbitrary commands.

tags | remote, arbitrary
systems | netbsd
MD5 | c38744eb0fb2359557661cb05f567323
netbsd.2000-013.cfengine
Posted Oct 31, 2000

NetBSD Security Advisory 2000-013 - The cfd daemon in GNU CFEngine port contains several format string vulnerabilities in syslog() calls. This could permit remote hosts to inject the network daemon with a message causing a segmentation fault. As cfd is almost always run as root due to its nature (centralized configuration management), this could lead to a root compromise.

tags | remote, root, vulnerability
systems | netbsd
MD5 | a6351835c1becca10936e3df82798fb5
netbsd.2000-012.nis
Posted Oct 31, 2000

NetBSD Security Advisory 2000-012 - NIS client nodes may be vulnerable to a remote buffer overflow attack. If the node is configured to use NIS for hostname lookups, and a rogue NIS server is in a position to respond to a hostname lookup request, a malformed response could cause a denial of service due to abnormal program termination. In the worst case, an account could be hijacked.

tags | remote, denial of service, overflow
systems | netbsd
MD5 | aed4f69f73adaec524d1676994403ef2
netbsd.2000-011.netscape
Posted Aug 9, 2000
Site netbsd.org

NetBSD Security Advisory 2000-011 - Netscape's processing of JPEG comments trusted the length parameter for comment fields; by manipulating this value, it is possible to cause netscape to read in an excessive amount of data, overwriting memory. Specially designed data could allow a remote site to execute arbitrary code as the user of netscape. This vulnerability has been fixed in Netscape 4.74.

tags | remote, arbitrary
systems | netbsd
MD5 | fb01873632110638308094b21199954f
netbsd.2000-010.wu-ftpd
Posted Jul 13, 2000
Site netbsd.org

NetBSD Security Advisory 2000-010 - wu-ftpd versions prior to 2.6.1 contain known security holes which allow unauthorized remote users to gain root access.

tags | remote, root
systems | netbsd
MD5 | ce73fe0fe169379d254e81e7a73bcb87
netbsd.2000-009.ftpd.setproctitle
Posted Jul 13, 2000
Site netbsd.org

NetBSD Security Advisory 2000-009 - An improper use of the setproctitle() library function by ftpd may allow a malicious remote ftp client to subvert an FTP server, including possibly getting remote root access to a system.

tags | remote, root
systems | netbsd
MD5 | 7fe0b1d6f17047fc22c101f0ea3a1edc
netbsd.2000-008.dhcpclient
Posted Jul 13, 2000
Site netbsd.org

NetBSD Security Advisory 2000-008 - The DHCP client program, dhclient(8), did not correctly handle DHCP options it receives in DHCP response messages, possibly permitting a rogue dhcp server to send maliciously formed options which resulted in a remote root compromise.

tags | remote, root
systems | netbsd
MD5 | 719678e99bf7abe2e93a69875e7f0a5d
netbsd.2000-007.urandom
Posted Jun 23, 2000

NetBSD Security Advisory 2000-007 - If /dev/urandom is not present and functioning correctly, des_init_random_number_generator seeds the random number generator with constant data, causing the generation of keys which are easy to determine. The following programs which are included in the NetBSD distribution are impacted by this bug: telnet, telnetd, kadmin, kdb_edit, kdb_init, kerberos, and ksrvutil.

systems | netbsd
MD5 | f5835cdf027ae9e0d8f2101160864cc9
netbsd.2000-006.ftpchroot
Posted Jun 1, 2000

NetBSD Security Advisory 2000-006 - Untrusted local processes can hog cpu and kernel memory by tricking the kernel into running exclusively on their behalf, denying other processes the CPU.

tags | kernel, local
systems | netbsd
MD5 | 6805e4d1e8eeae8ff316502ad6fe5dfe
netbsd.2000-005.cpu-hog
Posted Jun 1, 2000

NetBSD Security Advisory 2000-005 - Untrusted local processes can hog cpu and kernel memory by tricking the kernel into running exclusively on their behalf, denying other processes the CPU.

tags | kernel, local
systems | netbsd
MD5 | 9068fabf8d12d34c31c12d820100f32a
netbsd.2000-004.semaphore
Posted Jun 1, 2000

NetBSD Security Advisory 2000-004 - An undocumented system call permits any user process to lock up the entire semaphore subsystem, preventing processes using semaphores from locking or unlocking them, and preventing processes holding semaphores from exiting.

systems | netbsd
MD5 | 8113384b76d2a42786fe67eb1c07ed8d
netbsd.2000-003.xlock
Posted May 31, 2000

NetBSD Security Advisory 2000-003 - Exploitable vulnerability in xlockmore. Xlock can be manipulated to print /etc/shadow.

systems | netbsd
MD5 | 9dfd16ad9a3cef0c35b97d4c8d0152ca
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
Equifax Removes Webpage After Malware Issue
Posted Oct 12, 2017

tags | headline, malware, fraud, flaw, adobe
Malware Checks Into Hyatt Hotels Again
Posted Oct 12, 2017

tags | headline, privacy, malware, bank, cybercrime, data loss, fraud
Rick And Morty Episode? Nope, Another CoinMiner
Posted Oct 12, 2017

tags | headline, fraud, cryptography
Judge Says US Government Has No Right To Rummage Through Anti-Trump Protest Website Logs
Posted Oct 12, 2017

tags | headline, government, privacy, usa, fraud
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close