exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 190 RSS Feed

Files from The FreeBSD Project

Email addresssecurity at freebsd.org
First Active2000-04-11
Last Active2006-10-04
FreeBSD Security Advisory 2002.44
Posted Jan 9, 2003
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:44 - FreeBSD 4.3 and later is vulnerable to a local denial service attack due to a bug in the fpathconf system call which crashes the system by repeatedly calling fpathconf on a file descriptor until the reference count wraps to a negative value, then closing the file descriptor. See Pine-cert-20030101.txt for more information.

tags | local
systems | freebsd
SHA-256 | aacf0c83903b87562681466b20bcaa250cf0fb40cfd75e49cd68e3de7dbd5952
FreeBSD Security Advisory 2002.43
Posted Nov 19, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:43.bind - BIND 8 has two vulnerabilities. The BIND SIG Cached RR overflow allows a remote attacker to force a server with recursion enabled to execute arbitrary code with the privileges of the name server process. The BIND OPT DoS and BIND SIG Expiry Time DoS may cause a remote name server to crash.

tags | remote, overflow, arbitrary, vulnerability
systems | freebsd
SHA-256 | c6ffc36a671f6f5c4df06000d02ae9e77bad3e00ca4d79496cd912a7b2c3ff54
FreeBSD Security Advisory 2002.41
Posted Nov 17, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:41 - The sendmail Restricted Shell command (smrsh) contains errors in the handling of command arguments with "||" or spaces which allow the execution of commands outside of those in its target directory. Since command arguments may be specified in local users' .forward' files, the smrsh restrictions may be bypassed using such files that are specially crafted.

tags | shell, local
systems | freebsd
SHA-256 | 6f435e71ca899851ba23f0f5dac3c950a42b07a1bbd6700c4fab2e2199250a74
FreeBSD Security Advisory 2002.42
Posted Nov 13, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:42 - Several libc functions --- including getaddrinfo(), gethostbyname(), getnetbyname(), and others --- utilize the DNS resolver functions res_search, res_query, and/or res_send which contain buffer overflow vulnerabilities which allow remote denial of service attacks against many applications.

tags | remote, denial of service, overflow, vulnerability
systems | freebsd
SHA-256 | 1cdf791d166fa98998ba12602cfd1fd958f9553e41b786d6a8431d56df284d9b
FreeBSD Security Advisory 2002.40
Posted Nov 13, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:40 - The Kerberos administrative servers, kadmind and k5admind contain stack overflows that allow remote code execution as root from non-authenticated attackers. According to the MIT security team, there is evidence that this bug is being actively exploited.

tags | remote, overflow, root, code execution
systems | freebsd
SHA-256 | a53b924c7f8aa4c605768a128d5b3a18c94db514f6e304190e2a87c9e3175aef
FreeBSD Security Advisory 2002.39
Posted Sep 17, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:39 - The kvm(3) library, which provides a uniform interface for accessing kernel virtual memory images, leaves open file descriptors to /dev/mem and /dev/kmem, allowing other processes to read kernel memory and disclose sensitive information. Affected applications include asmon, ascpu, bubblemon, wmmon, and wmnet2.

tags | kernel
systems | freebsd
SHA-256 | f72b00ab99acc2936edb12f08a3e65add79a59f5621825156f3b6c59c5e8ac0d
FreeBSD Security Advisory 2002.38
Posted Aug 20, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:38 - Several FreeBSD system calls can be called with large negative arguments, causing the kernel to return a large portion of kernel memory. Such memory often contains sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way. Terminal buffers often include user entered passwords.

tags | kernel
systems | freebsd
SHA-256 | 88ff433a239366f36acc2d774fe3b9e5da6d59cd8ec51ab272b0044ef9358119
FreeBSD Security Advisory 2002.37
Posted Aug 6, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:37 - Local users can cause a kernel panic using the kqueue system. If a pipe was created with the pipe(2) system call, and one end of the pipe was closed, registering an EVFILT_WRITE filter on the other end would cause a kernel panic.

tags | kernel, local
systems | freebsd
SHA-256 | 18ab150b52ce585a4c7a0ec2f65b535359a1e43a56079bd38c7a0cc792ed51b4
FreeBSD Security Advisory 2002.36
Posted Aug 6, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:36 - A denial of service vulnerability has been discovered in FreeBSD NFS. A part of the NFS server code charged with handling incoming RPC messages had an error which, when the server received a message with a zero-length payload, would cause it to reference the payload from the previous message, creating a loop in the message chain. This would later cause an infinite loop in a different part of the NFS server code which tried to traverse the chain.

tags | denial of service
systems | freebsd
SHA-256 | 4fdb16c1217014bf315623bd4cf8b0cb08cc40ca829261bc2ec12ae5ef0b4aae
FreeBSD Security Advisory 2002.35
Posted Aug 6, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:35 - FFS, the default FreeBSD filesystem has an overflow in the maximum permitted FFS file size which allows users to create files that are larger than FreeBSD's virtual memory system can handle. The integer overflows that result when such files are accessed can map filesystem metadata into the user file, permitting access to arbitrary filesystem blocks. The bug is encountered only on FFS filesystems with a block size of 16k or greater on the i386 architecture, or 32k or greater on the alpha architecture.

tags | overflow, arbitrary
systems | freebsd
SHA-256 | 5382dcd140d23381121af16e97a58b46adf01d26b3ac54205c8672080fc63de3
FreeBSD Security Advisory 2002.33
Posted Aug 6, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:33 - OpenSSL prior to v0.9.6e contains several remotely exploitable buffer overflows, including errors in the handling of the client master key in the SSL2 protocol implementation; the handling of the session ID in the SSL3 protocol; and in the handling of buffers used for representing integers in ASCII on 64-bit platforms. Disabling the SSL2 protocol in server applications should render server exploits harmless. There is no known workaround for client applications.

tags | overflow, protocol
systems | freebsd
SHA-256 | 83bbc8a0b3d5053c48708c3bfd3faa3d4dc05476ff101ba705ac7e26925b6084
FreeBSD Security Advisory 2002.34
Posted Aug 1, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:34 - All releases of FreeBSD up to and including 4.6.1-RELEASE-p5 contain an error in the the calculation of memory needed for unpacking arrays in the SunRPC XDR decoder results in a remotely exploitable heap overflow. Many rpc services are vulnerable, including NFS, the NIS server, rpc.statd and more.

tags | overflow
systems | freebsd
SHA-256 | 76e33d674df2b311946bde6ac0d5ff86ca20d3bb6258a997eb245cdc6ed93f56
FreeBSD Security Advisory 2002.32
Posted Aug 1, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:32 - The pppd program shipped with all releases of FreeBSD up to and including 4.6.1-RELEASE-p1 contains a race condition which can be exploited by local users to change the permissions of any file.

tags | local
systems | freebsd
SHA-256 | f09d3294360258453f1ac13605ed545115ba18426a55d3487333f205af45c75f
FreeBSD Security Advisory 2002.31
Posted Jul 17, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:31 - OpenSSH included with FreeBSD-CURRENT between 2002-03-18 and 2002-06-25 has a remote root vulnerability because ChallengeResponseAuthentication is turned on by default.

tags | remote, root
systems | freebsd
SHA-256 | 95c8eacb9873f2fd53d933945c9f51ac0fb845249ac900809ad7f1f99002a160
FreeBSD Security Advisory 2002.29
Posted Jul 15, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:29 - A buffer overflow has been found tcpdump v3.7.1 and below which can be triggered through specially crafted NFS packets. Since tcpdump typically runs with root privileges, exploitation of this vulnerability can be used to remotely execute code on systems that are affected.

tags | overflow, root
systems | freebsd
SHA-256 | e80b102939576bd0557c204c249e44d533520aa46fd213b0c8a7af8d017ca2bd
FreeBSD Security Advisory 2002.30
Posted Jul 15, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:30 - It is possible for normal users to trace processes from setuid / setgid programs that dropped their privileges, leading to the disclosure of sensitive information obtained by the process from before the privileges where dropped. All releases prior to and including 4.6-RELEASE are affected.

systems | freebsd
SHA-256 | 3903dc01778d54fad0e514237a5847cdaf9e1713070ce70bff4f321a01df548b
FreeBSD Security Advisory 2002.28
Posted Jun 29, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:28 - The resolver code in libc contains remotely exploitable buffer overflows which can be triggered by specially crafted DNS replies. Since practically all Internet applications utilize the resolver, the severity of this issue is high.

tags | overflow
systems | freebsd
SHA-256 | 6b83374a39e412e4999a84b174fc3453b24b595ee4e431b7b09f863588791bbb
FreeBSD Security Advisory 2002.27
Posted May 30, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:27 - The FreeBSD rc scripts allow users may remove the contents of arbitrary directories if the /tmp/.X11-unix directory does not already exist and the system can be enticed to reboot.

tags | arbitrary
systems | unix, freebsd
SHA-256 | b4fbc7e2551b07468072eacaa7f05cac8d58f5064909295857e01e3c876cba04
FreeBSD Security Advisory 2002.26
Posted May 30, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:26 - FreeBSD kernels compiled with accept() filters are vulnerable to a denial of service condition.

tags | denial of service, kernel
systems | freebsd
SHA-256 | e19aca6cdf3a6b5d5e66fddf7410b68eacc39a4a11c4f26df42fe24f15409ddf
FreeBSD Security Advisory 2002.18
Posted Apr 25, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:18 - A programming error in zlib may cause segments of dynamically allocated memory to be released more than once (double-freed), allowing attackers to send specially crafted data to applications that use zlib, crashing the application.

systems | freebsd
SHA-256 | 85e35fe5255d89e2e7899a233f71d3e506322b0209fc2a63fdfa86524f863db8
FreeBSD Security Advisory 2002.22
Posted Apr 25, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:22 - Local users can cause the FreeBSD system to crash due to a bug in the virtual memory management system involving a failure to check for the existence of a VM object during page invalidation. This bug could be triggered by calling msync(2) on an anonymous, asynchronous memory map (i.e. created using the mmap flags MAP_ANON and MAP_NOSYNC) which had not been accessed previously, causing the system to crash.

tags | local
systems | freebsd
SHA-256 | 2b5798f47b997adc1c458dfa79cf7e89c9a9e25de047108d39e3bd1df3fe48d5
FreeBSD Security Advisory 2002.23
Posted Apr 25, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:23 - Setuid or setgid applications can be used for privilege elevation due to insecure handling of stdio file descriptors on FreeBSD releases up to and including 4.5-RELEASE. It is known that the 'keyinit' set-user-id program is exploitable using this method. This vulnerability was discovered by Joost Pol.

systems | freebsd
SHA-256 | 8f69bc483a1458f7d54a29d27b77175fcbf84e8323830e08f06dd00c8fae39cc
FreeBSD Security Advisory 2002.21
Posted Apr 23, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:21 - A bug in the FreeBSD kernel's TCP/IP stack's processing of ICMP echo replies can be exploited to create new routing table entries which are never deallocated, using all available memory.

tags | kernel, tcp
systems | freebsd
SHA-256 | 1b209ae5272e1c845302bb2943ef5557ae459d0b9bb2720c44291a59a7de1062
FreeBSD Security Advisory 2002.20
Posted Apr 17, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:20 - Two denial of service vulnerabilities were found in the syn cookie implementation in FreeBSD. When a SYN was accepted via a syncookie, it used an uninitialized pointer to find the TCP options for the new socket. This pointer may be a null pointer, which will cause the machine to crash. In addition, restarting applications using syn cookie protected sockets can cause a reference to an old inpcb pointer, crashing the system.

tags | denial of service, tcp, vulnerability
systems | freebsd
SHA-256 | 8b6f4a7fd0cea3fb0298753657a3d2e32a940bde4640bc28a17a99e80f3479b2
FreeBSD Security Advisory 2002.19
Posted Mar 28, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:19 - The squid port prior to version 2.4_9 contains a heap overflow in the DNS processing which can be triggered by a DNS server.

tags | overflow
systems | freebsd
SHA-256 | 91374848fc4b60fd302d3d9e64d7e72562eb90b13c72f4cc24abe1d05f5dc737
Page 2 of 8
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close