Debian Linux Security Advisory 2375-1 - It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges.
fd73e5b12a6d4591dd69cdba1166f1b643a3602a7b0d79942b9bf522a6bf82a2
libdvdcss is a cross-platform library for transparent DVD device access with on-the-fly CSS decryption. It currently runs under Linux, FreeBSD, NetBSD, OpenBSD, BSD/OS, Solaris, BeOS, Win95/Win98, Win2k/WinXP, MacOS X, HP-UX, QNX, and OS/2. It is used by libdvdread and most DVD players such as VLC because of its portability and because, unlike similar libraries, it does not require your DVD drive to be region locked.
4f2578b995a25f1d81ae2b3c6e4cc5b0a199581d4a0b3a2d67c48c3ed5db9199
fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
da806dbaaa56fdfd36a208b15bfeccaa0531f0789ad1355e43c047523ea60a48
Recursion and bad memory management in BSD's libc/regcomp(3) can cause denial of service conditions.
745bf11d1ba1563cbd80a1251cff388e13f176d6a07f50f1168101bffb55bcae
This exploit demonstrates the BSD IPComp kernel stack overflow testcase.
27dd774131a7d2eec911662d9e56870983f18130fedea8a3e34b21ce994a0e06
BSD derived RFC3173 IPComp encapsulation will expand an arbitrarily nested payload.
9fc8978ac19d07c63ebbb956abb1eee151bc9f5b6292741f37ab46d10feabcef
fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
37fdfb49085fc7871b2bda30c4f334732cc552c1451aede94d96976e9122a92c
A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
5f60ce0fe57bf93f7b9b6dfe2eeef3f12655215826ad25568bf3eafb11595c53
Apple Mac OS X versions 10.6.3 and below suffer from a chpass BSD insecure temp file creation in /etc vulnerability. A user can create a file with rw perms in /etc as owner and populate it with arbitrary data. This could be utilized to fill the disk or write configuration file information that could be combined with another flaw to elevate local privileges.
7612d1322811886943d0e1ba838ed0c5d2209c568bc240a49eeb336f0af2080c
167 bytes small BSD x86 bindshell shellcode that spawns on port 2525.
5a447749a7e712642b891f138acd1fadf52e144f89d056165174522ccc32ba06
This Metasploit module exploits a buffer overflow in RealServer 7/8/9 and was based on Johnny Cyberpunk's THCrealbad exploit. This code should reliably exploit Linux, BSD, and Windows-based servers.
a791dcf6b910dbfe084dccfc98c7268472ca44ed28cf5a7e685b3074addfcfe7
BSD libc (strfmon) suffers from multiple vulnerability.
fccb5f8d285758bce65b9c03fd85ecf25ea963a141c4934e423c11d0003e39da
Various BSD derived operating systems suffer from various vulnerabilities due to the setusercontext() function.
2c3e7e83b2f80025efe09e3bbad5c78624d782ab98b8cb97ba294434a3188293
A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
d25fcf7756089a75b6e419be8e5587a8b3471d72d2e0112c2cb38b7403c693ae
By exploiting either of the VMware flaws described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaws have been proven exploitable on x64 versions of Windows, and they have produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of these flaws on x64 versions of Linux.
00028132b68b6b52ccbf9adca27a78831980d6aa94845933c21f512a28b129b3
By exploiting the VMware flaw described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaw has been proven exploitable on x64 versions of Windows, and it has produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of the flaws on x64 versions of Linux.
bc46bdf127b13616ebd5b44a7bcba711654e92899537c4c70c898cd5d96217a6
A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
3c4966cd588618c8497a8e094806f48cc10932032077447528eef558dc204afc
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
14e04e2d7007ebd9ace27b8a7e35f9b2c3d15ca8de852bd08ffdc9e101044e6d
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
4b9b90de7c1d69a2f4d96746a4d0f23e149a8885e20aee818a08c0b655f21fe4
A collection of shellcode for various platforms bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
7b909d52a2bd4314a9cab14b33be3cd40f0d773af5bd5df25329e968b8b0a1f4
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
9448dfd204026491d4a5fee13a6207a0bc8ebe407c267ad56062d7faa7f0e498
RatHole is a unix backdoor which compiles cleanly on standard Linux and OpenBSD (probably other BSD flavors also) without additional libraries. It features blowfish encryption, process name hiding and definition of a preferred shell. It spits no error messages (like for sockets already bound) because it is supposed to be stealth. When a client connects to the backdoor a new shell process and two pipe files are created. The I/O of the shell is duped to the pipes and the daemon encrypts the communication.
fbe5c36d731f754dcc4388d276bef0b3b889807efd52695ac4245bf802edad60
iDefense Security Advisory 11.14.07 - Local exploitation of a heap based buffer overflow in Apple Inc.'s OS X may allow an attacker to execute arbitrary code in kernel context. The vulnerability exists within a function responsible for allocating an mbuf. mbufs are a BSD concept, long used by BSD kernels to allocate buffers for storing network related data. iDefense has confirmed the existence of this vulnerability in Mac OS X 10.4.10, Workstation and Server editions. Previous versions may also be affected.
d3636fc385ddd79f2efb43a505c489290c2f0348f9f6f5f5b934e9c58f071cf2
This Metasploit module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload.
159b79d396cc6be73eddeb8db6cd9975c0d95b50f6eb41571ed8f34e088a507f
This Metasploit module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload.
ba86f554ff58ec884739058eb80af65e4d58a0973721425b952d586468e13d92