Debian Linux Security Advisory 2375-1 - It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges.
fd73e5b12a6d4591dd69cdba1166f1b643a3602a7b0d79942b9bf522a6bf82a2libdvdcss is a cross-platform library for transparent DVD device access with on-the-fly CSS decryption. It currently runs under Linux, FreeBSD, NetBSD, OpenBSD, BSD/OS, Solaris, BeOS, Win95/Win98, Win2k/WinXP, MacOS X, HP-UX, QNX, and OS/2. It is used by libdvdread and most DVD players such as VLC because of its portability and because, unlike similar libraries, it does not require your DVD drive to be region locked.
4f2578b995a25f1d81ae2b3c6e4cc5b0a199581d4a0b3a2d67c48c3ed5db9199fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
da806dbaaa56fdfd36a208b15bfeccaa0531f0789ad1355e43c047523ea60a48Recursion and bad memory management in BSD's libc/regcomp(3) can cause denial of service conditions.
745bf11d1ba1563cbd80a1251cff388e13f176d6a07f50f1168101bffb55bcaeThis exploit demonstrates the BSD IPComp kernel stack overflow testcase.
27dd774131a7d2eec911662d9e56870983f18130fedea8a3e34b21ce994a0e06BSD derived RFC3173 IPComp encapsulation will expand an arbitrarily nested payload.
9fc8978ac19d07c63ebbb956abb1eee151bc9f5b6292741f37ab46d10feabceffwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
37fdfb49085fc7871b2bda30c4f334732cc552c1451aede94d96976e9122a92cA collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
5f60ce0fe57bf93f7b9b6dfe2eeef3f12655215826ad25568bf3eafb11595c53Apple Mac OS X versions 10.6.3 and below suffer from a chpass BSD insecure temp file creation in /etc vulnerability. A user can create a file with rw perms in /etc as owner and populate it with arbitrary data. This could be utilized to fill the disk or write configuration file information that could be combined with another flaw to elevate local privileges.
7612d1322811886943d0e1ba838ed0c5d2209c568bc240a49eeb336f0af2080c167 bytes small BSD x86 bindshell shellcode that spawns on port 2525.
5a447749a7e712642b891f138acd1fadf52e144f89d056165174522ccc32ba06This Metasploit module exploits a buffer overflow in RealServer 7/8/9 and was based on Johnny Cyberpunk's THCrealbad exploit. This code should reliably exploit Linux, BSD, and Windows-based servers.
a791dcf6b910dbfe084dccfc98c7268472ca44ed28cf5a7e685b3074addfcfe7BSD libc (strfmon) suffers from multiple vulnerability.
fccb5f8d285758bce65b9c03fd85ecf25ea963a141c4934e423c11d0003e39daVarious BSD derived operating systems suffer from various vulnerabilities due to the setusercontext() function.
2c3e7e83b2f80025efe09e3bbad5c78624d782ab98b8cb97ba294434a3188293A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
d25fcf7756089a75b6e419be8e5587a8b3471d72d2e0112c2cb38b7403c693aeBy exploiting either of the VMware flaws described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaws have been proven exploitable on x64 versions of Windows, and they have produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of these flaws on x64 versions of Linux.
00028132b68b6b52ccbf9adca27a78831980d6aa94845933c21f512a28b129b3By exploiting the VMware flaw described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaw has been proven exploitable on x64 versions of Windows, and it has produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of the flaws on x64 versions of Linux.
bc46bdf127b13616ebd5b44a7bcba711654e92899537c4c70c898cd5d96217a6A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
3c4966cd588618c8497a8e094806f48cc10932032077447528eef558dc204afcttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
14e04e2d7007ebd9ace27b8a7e35f9b2c3d15ca8de852bd08ffdc9e101044e6dttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
4b9b90de7c1d69a2f4d96746a4d0f23e149a8885e20aee818a08c0b655f21fe4A collection of shellcode for various platforms bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
7b909d52a2bd4314a9cab14b33be3cd40f0d773af5bd5df25329e968b8b0a1f4ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
9448dfd204026491d4a5fee13a6207a0bc8ebe407c267ad56062d7faa7f0e498RatHole is a unix backdoor which compiles cleanly on standard Linux and OpenBSD (probably other BSD flavors also) without additional libraries. It features blowfish encryption, process name hiding and definition of a preferred shell. It spits no error messages (like for sockets already bound) because it is supposed to be stealth. When a client connects to the backdoor a new shell process and two pipe files are created. The I/O of the shell is duped to the pipes and the daemon encrypts the communication.
fbe5c36d731f754dcc4388d276bef0b3b889807efd52695ac4245bf802edad60iDefense Security Advisory 11.14.07 - Local exploitation of a heap based buffer overflow in Apple Inc.'s OS X may allow an attacker to execute arbitrary code in kernel context. The vulnerability exists within a function responsible for allocating an mbuf. mbufs are a BSD concept, long used by BSD kernels to allocate buffers for storing network related data. iDefense has confirmed the existence of this vulnerability in Mac OS X 10.4.10, Workstation and Server editions. Previous versions may also be affected.
d3636fc385ddd79f2efb43a505c489290c2f0348f9f6f5f5b934e9c58f071cf2This Metasploit module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload.
159b79d396cc6be73eddeb8db6cd9975c0d95b50f6eb41571ed8f34e088a507fThis Metasploit module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload.
ba86f554ff58ec884739058eb80af65e4d58a0973721425b952d586468e13d92
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed