FreeBSD Security Advisory FreeBSD-SA-02:17 - The mod_frontpage port prior to version mod_portname-1.6.1 contains several remotely exploitable buffer overflows in the fpexec wrapper, which is installed setuid root.
6baaa26e93cb19abe4d52eaea219513b94a7b57aba7a390dac5d9e0085650a3bFreeBSD Security Advisory FreeBSD-SA-02:16 - Versions 4.76 and earlier of the Netscape browser will execute JavaScript contained in gif and jpeg comment blocks, allowing a hostile web server to see what is in your cache.
01e68c967241355e54d0dbda9dfd7c8b5b192f70e3f4324fc7e3b5072fa315c0FreeBSD Security Advisory FreeBSD-SA-02:15 - The port of the cyrus-sasl library prior to v1.5.24_8 contains a format string overflow in the syslog() call. Applications linked to that library could be affected.
ca1331948c84e83bcb66af1dcea4f17326b3ce7aa470a48f16bd1f4ffb9e66d8FreeBSD Security Advisory FreeBSD-SA-02:14.pam-pgsql - The pam-pgsql port prior to v0.5.2 contains a vulnerability which allows remote users to cause arbitrary SQL code to be executed because the username and password given are inserted into a SQL statement with no safety checks.
6e3b0e22ccea6f55953d641696c316bff3e1aa4a2c38403ddae911b7abdcd9c8FreeBSD Security Advisory FreeBSD-SA-02:13 - OpenSSH v2.0 through v3.0.2p1 contains an exploitable off by one error which allows a authenticated users to run code on the server as root. A malicious server may be able to cause a connecting ssh client to execute arbitrary code with the privileges of the client user.
6e00a15a25f7c776b080a9774af5d1a759451941a7cc0974c0c1dd73246b699cFreeBSD Security Advisory FreeBSD-SA-02:12 - The Squid port prior to 2.4-STABLE4 (port version 2.4_8) contains multiple vulnerabilities, one of which allows authenticated users to overflow buffers.
1a89bdd97fc0eaf82c8056c30c781e3f2f7edf55cdeccb3df1b3340926245421FreeBSD Security Advisory FreeBSD-SA-02:11 - ucd-snmp/net-snmp remotely exploitable vulnerabilities. The Net-SNMP (previously known as UCD-SNMP) package is a set of Simple Network Management Protocol tools, including an agent, library, and applications for generating and handling requests and traps. The Net-SNMP port, versions prior to 4.2.3, contains several remotely exploitable vulnerabilities which includes SNMPv1 request and trap handling in both managers and agents.
a695d1e35a3555f83b9d23ae5c4a7df964abe0ac453434ab6954eb289cc8d84bFreeBSD Security Advisory FreeBSD-SA-02:08 - A race condition during exec allows local root compromise. A race condition exists in the FreeBSD exec system call implementation. It is possible for a user to attach a debugger to a process while it is exec'ing, but before the kernel has determined that the process is set-user-ID or set-group-ID. All versions of FreeBSD 4.x prior to FreeBSD 4.5-RELEASE are vulnerable to this problem. The problem has been corrected by marking processes that have started.
e39b7337b2653475b68a0ab6e1689bf3692bf6483d1a3ef99c45b26407ae0464FreeBSD Security Advisory FreeBSD-SA-02:07 - The k5su command included with FreeBSD, versions prior to 4.5-RELEASE, and the su command included in the heimdal port, versions prior to heimdal-0.4e_2, use the getlogin system call in order to determine whether the currently logged-in user is 'root'. In some circumstances, it is possible for a non-privileged process to have 'root' as the login name returned by getlogin. You don't actually want that to happen, trust us.
53875598a31417450b640a6ead62cd1ba3c1efd31d8d7e05c0c072b13bc5bca6FreeBSD Security Advisory FreeBSD-SA-02:06 - The sudo port prior to sudo-1.6.4.1 contains a local root vulnerability. If a user who has not been authorized by the system administrator (listed in the 'sudoers' file) attempts to use sudo, sudo will send an email alert. When it does so, it invokes the system mailer with superuser privileges, and with most of the user's environment intact.
95d8394d5117d9a6f3521370ab41a96912996869f60e721be66457c59168ec22FreeBSD Security Advisory FreeBSD-SA-02:05 - The pine port, versions previous to pine-4.40, handles URLs in messages insecurely. PINE allows users to launch a web browser to visit a URL embedded in a message. Due to a programming error, PINE does not properly escape meta-characters in the URL before passing it to the command shell as an argument to the web browser.
bd35deff33ef609e251b486734b4b234a56114ded09699be08f3d6b9fa3ad22eFreeBSD Security Advisory FreeBSD-SA-02:01 - Pkg_add allows local attackers to modify the package contents and potentially elevate privileges or otherwise compromise the system.
731e85f42f619ca54425288be3cb87d0686a3e9b2f984c421c4359cbf121f100FreeBSD Security Advisory FreeBSD-SA-02:04 - The mutt ports, versions prior to mutt-1.2.25_1 and mutt-devel-1.3.24_2, contain a buffer overflow in the handling of email addresses in headers.
6464640afeffbb8d80576dd583eb27af4174a3e9efeeb58196d1a98b1625fbedFreeBSD Security Advisory FreeBSD-SA-02:03 - The mod_auth_pgsql port, versions prior to mod_auth_pgsql-0.9.9, contain a vulnerability that may allow a remote user to cause arbitrary SQL code to be execute. mod_auth_pgsql constructs a SQL statement to be executed by the PostgreSQL server in order to lookup user information. The username given by the remote user is inserted into the SQL statement without any quoting or other safety checks.
5f769d230b41592e415fa574769fd87226cc6e898a2af4b5608b7a041bbdb895FreeBSD Security Advisory FreeBSD-SA-02:02 - When creating, removing, or modifying system users, the pw utility modifies the system password file '/etc/master.passwd'. This file contains the users' encrypted passwords and is normally only readable by root. During the modification, a temporary copy of the file is created. However, this temporary file is mistakenly created with permissions that allow it to be read by any user. A race condition is created.
1bca2b877dbf7bc0f01b60bb2153ba2303a661e6157a04f5d85a15c9e26d28d6FreeBSD Security Advisory FreeBSD-SA-01:68 - The XSane port has insecure temp file vulnerabilities allowing local users to overwrite files by exploiting a race condition.
13a8acd9ec717a5886e42bcf5e561d7bb8a8fd1f23abc51ef6013571ccd76bc0FreeBSD Security Advisory FreeBSD-SA-01:67 - Htsearch, part of the htdig port, contains remote denial of service vulnerabilities. It also can allow files on the webserver to be written, but only if the attacker can anon-ftp in files. Version 3.1.5 and below are affected.
c0535815b894fe6e442f2f4287ca788e2a7c57797fa9aac8ba3b5ac9b0612dddFreeBSD Security Advisory FreeBSD-SA-01:65 - Libgtop, a library for the Gnome top command, has a stack overflow affecting versions prior to libgtop-1.0.12_1. Libgtop runs as group kmem, allowing local users to read from kernel memory can monitor privileged data such as network traffic, disk buffers and terminal activity.
04f866fbe894a8ee150bd60466ea765785d534719c8addaed7c08038ebdc7559FreeBSD Security Advisory FreeBSD-SA-01:64.wu-ftpd - Wu-ftpd v2.6.1 and below contains a remote root vulnerability which allows ftp users with anonymous accounts or user accounts to execute code. This may be accomplished by inserting invalid globbing parameters which are incorrectly parsed by the FTP server into command input.
bed19099b553f8ec342c3bbd33c003a2357327bf9a9abe5d374c316e9b571004FreeBSD Security Advisory FreeBSD-SA-01:63.openssh - OpenSSH prior to v3.0.2 has a remote root vulnerability, but only if the administrator set 'UseLogin yes' in the sshd_config file.
521f8bbae1b8707730186dbfe6ec79cfdbb5d86ffe92ddf46345ae69a14b59d4FreeBSD Security Advisory FreeBSD-SA-01:62.uucp - Taylor UUCP is incorrectly configured by default, allowing local users to run commands as the uucp user and dialer group, allowing local root access.
797e95c03a16117c03ba2eaab3ffdcd1c0a46ef1136c97236d76b2631c524cefFreeBSD Security Advisory FreeBSD-SA-01:61 - If the squid proxy port is configured in acceleration-only mode, ACL's are ignored, allowing a remote attacker to use the squid server in order to issue requests to hosts that are otherwise inaccessible. Because the squid server processes these requests as HTTP requests, the attacker cannot send or retrieve arbitrary data. However, the attacker could use squid's response to determine if a particular port is open on a victim host. Therefore, the squid server may be used to conduct a port scan.
d7afc519a56bcddfcb9d5838ba965cce7299010dcb9428d5dd7ea0cf54a41246FreeBSD Security Advisory FreeBSD-SA-01:60 - Procmail versions prior to procmail 3.20 performed unsafe actions while in the signal handlers. If a signal is delivered while procmail is already in an unsafe signal handler, undefined behavior may result, possibly leading to the ability to perform actions as the superuser under unprivileged local user control.
a15e547ec286cb5b926fcb77bad3b9f6485a830f74e96e8d626520438447fb28FreeBSD Security Advisory FreeBSD-SA-01:59 - The infrequently used rmuser command exposes the master.passwd file to all users for an instant.
45d58a81cf33c8b0c5bbeb03f86e5520d0c454827c9ad2b0ea45917766b6295fFreeBSD Security Advisory FreeBSD-SA-01:58 - Users on the local machine or on remote systems which are allowed to access the local line printer daemon may be able to cause a buffer overflow. Submitting a specially-crafted incomplete print job and subsequently requesting a display of the printer queue, a static buffer overflow may be triggered, causing arbitrary code to be executed on the machine as root. In order to remotely exploit this vulnerability, the remote machine must be given access to the local printer daemon via a hostname entry in /etc/hosts.lpd or /etc/hosts.equiv. lpd is not enabled on FreeBSD by default.
840cb12218a791d933dd62c507535a88975344fe0b8c5ee583d5b7dd5bcfc089
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed