FreeBSD versions 5.4-RELEASE and below ftpd version 6.00LS sendfile kernel mem-leak exploit.
eefed0dbbad6b3a33771d66d5982aa28599fb1b4cd1b98cee1510a3870d2da9aFreeBSD local denial of service exploit that causes a forced reboot.
74e9ff916c830d783aa31aad9f51279b50bb6492d981404c7bf0b44fa6c5ff5481 bytes small FreeBSD/x86 connect back shellcode.
643bf4fda1812d0d2b7ea447f898c390586c13530385fee5bd41f7494451b21e111 bytes small FreeBSD/x86 portbinding and forking shellcode.
4f5ac1b1ac2b8b263bb8741249d7adc60456e70ef8a731be67242d41bd4d75d2Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.
99e76f8f7684199b9176a7a2f6b1bb5c637d89f6906d6de279794fb1fb22cde1Honggfuzz is a general-purpose, easy-to-use fuzzer with interesting analysis options. Given a starting corpus of test files, Honggfuzz supplies and modifies input to a test program and utilizes the ptrace() API/POSIX signal interface to detect and log crashes. It works on Linux, FreeBSD and Mac OS X.
5eabcb34e63989ed4f5642d912c8641cae186311d69337401092b6d50f806e3aLiteSpeed Web Server version 4.0.17 with PHP remote exploit for FreeBSD that uses a reverse shell.
b0012b61c33fd5c2dc2a099bfb8c36b4de98d5171a58428b919cf7223ecaadd4FreeBSD Security Advisory - A race condition exists in the OpenSSL TLS server extension code parsing when used in a multi-threaded application, which uses OpenSSL's internal caching mechanism. The race condition can lead to a buffer overflow. A double free exists in the SSL client ECDH handling code, when processing specially crafted public keys with invalid prime numbers.
8cfb790813185171ffd5ee2585fb00786a32d5a0a08c54131d90d05b0270c73aSecunia Security Advisory - FreeBSD has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
6e9a9a69a8d0d9a5f29313e68c79a4bc31025e75d1fb53e771b41b7100b7cd35FreeBSD Security Advisory - The pfs_getextattr(9) function, used by pseudofs for handling extended attributes, attempts to unlock a mutex which was not previously locked.
3a98ed40616c81e73aa4a0d079237bc71bdc7a6f8d82304312a666edb259fb21Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
dbd19bb93110c9892cc8146cc1edee1dfe17795dd7bc900346a5b72d08d55e86Whitepaper call Binding the Daemon: FreeBSD Kernel Stack and Heap Exploitation.
731108acfa98e373bcbbecc7bde0ae45936a7487deb43212ee1c90225166071dlibc/glob(3) suffers from a resource exhaustion vulnerability. Proof of concept code included. Affected includes OpenBSD 4.7, NetBSD 5.0.2, FreeBSD 7.3/8.1, Oracle Sun Solaris 10 and GNU Libc (glibc).
0fe71b6c891ef4cf59d9008f85704335ab1de299aa1ecc8f4f06ae19461af5cdFreeBSD versions 7.0 through 7.2 pseudofs null pointer dereference local exploit.
22f7237d83ef0a7ecbc6f409a5b2a8f85c968be8f991ec9d649f3b126b963114Turtle rootkit for FreeBSD. This kernel module hooks unlink() so the protected file cannot be deleted, hooks kill() so the protected process cannot be killed, and has various other nice bells and whistles.
8b8bd3b4567213634fa8d095649b277321095be6c15b34acae704bab66f4b1d5Secunia Security Advisory - FreeBSD has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
e924069717ddd9492c8618090171e85322969a645566e8fd79f049345734b2a4FreeBSD Security Advisory - The bzip2/bunzip2 utilities and the libbz2 library compress and decompress files using an algorithm based on the Burrows-Wheeler transform. They are generally slower than Lempel-Ziv compressors such as gzip, but usually provide a greater compression ratio. When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow.
59a1711bf6d2510506a512b7a40dbb7b7d40b51b3a4d4e1f1d1ab65852dec64eFreeBSD versions 7.0 through 7.2 suffer from a pseudofs NULL pointer dereference vulnerability. Due to a spurious call to pfs_unlock() in pfs_getattr() (as defined in sys/fs/pseudofs/pseudofs_vnops.c), a null pointer is dereferenced after calling extattr_get_attribute() on pseudofs vnode. By allocating a page at address 0x0, an attacker can overwrite an arbitrarily chosen portion of kernel memory, leading to a crash or local root escalation.
a855fffa300b7f55f74d0715f967bca60e0020b4c7e86448ff0dcbf6e9626f3cFreeBSD versions 7.3 and 8.1 suffer from a vm.pmap kernel local race condition denial of service vulnerability.
15ff6a10a74c00f3447bc440c3c878c02a0a5a9e6a2ff0a3d99e2b1daab2d3eaFreeBSD mbufs() sendfile cache poisoning local privilege escalation exploit that throws a setuid shell in /tmp. Works on 7.x and 8.x builds prior to 12Jul2010.
52de447adb0cf2da2d0293e293c0bb572852ec6114e07299e2dfc735fc81b5ceSecunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to bypass certain security restrictions.
74d413c2f7f163cf4dc0ba7e02927f7b5f0dbebcec364a861c73deeafa7fe9ffVirtual Security Research, LLC. Security Advisory - VSR identified a vulnerability in the Coda filesystem kernel module, as implemented for FreeBSD and NetBSD. By sending a specially crafted ioctl request to a mounted Coda filesystem, an unprivileged local user could read large portions of kernel heap memory, leading to the disclosure of potentially sensitive information.
2a33556640e8aacacde12fc52c8c1542bef5798e08d4ad672635ca2fb49e83f2The FreeBSD stock ftpd suffers from a buffer overflow vulnerability that causes a crash.
b6e259094c3c43fb1c82b84e20102f51066243e8071d83e5e4e91d4d6d77e6c8Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to gain escalated privileges.
13dfd0ac01ceedda9fea03b3153be1e00cc2fad9cb389e45dc10ee10d3d568d3Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.
b1bae7a97e7a904bf620f285aa0d62ebc1fd3b54b671fbca125405036f949e80
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed