FreeBSD 6x/7 protosw kernel local privilege escalation exploit. It does not spawn a new shell but gives your current shell euid=0.
b8dab657d63737c87d99b627f3b16b1d15d8d609b6868bab906c23dd6abb4cdb
FreeBSD Security Advisory - The ftpd server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command. This could, with a specifically crafted command, be used in a cross-site request forgery attack.
2e6c5b82c449c824228fcb5c04163a13250ea1166e252761a367a4dc98ca8ae5
FreeBSD Security Advisory - Some function pointers for netgraph and bluetooth sockets are not properly initialized. A local user can cause the FreeBSD kernel to execute arbitrary code. This could be used by an attacker directly; or it could be used to gain root privilege or to escape from a jail.
68d6c56fdb87d6522cd80e38e97f33feb669cc5e02d6b6c06001e4a3bc436269
Secunia Security Advisory - FreeBSD has acknowledged a vulnerability in ftpd, which can be exploited by malicious people to conduct cross-site request forgery attacks.
3aeb272e25386c8f96fe4b55030cca6c58ea7065318c20962b5c5898045faf4f
Secunia Security Advisory - FreeBSD has acknowledged a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
e35792b9a5a4bad5145626984b61802aaf147b79b3da4c205fe9608cf073814f
Secunia Security Advisory - FreeBSD has acknowledged a security issue, which can be exploited by malicious people to conduct brute force attacks.
5801f9e716905c9f89e14cca1c264120303c76e60bceeb4ae79f07fceb028112
FreeBSD Security Advisory - When the arc4random random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random; and it may take up to 5 minutes before arc4random is reseeded with secure entropy from the Yarrow random number generator.
5b358a6d007f2d56053a805066be7b6451911ecfa223bda993b2748c778af6a4
Invision Power Board Cracker version 1.0. This tool bruteforces md5 hashes and was written for use on FreeBSD.
3d99cd304a1fff660b0713de817ddfc3a7619ff26cb6fff92bdf0ca2e8ece2d0
FreeBSD Security Advisory - IPv6 routers may allow "on-link" IPv6 nodes to create and update the router's neighbor cache and forwarding information. A malicious IPv6 node sharing a common router but on a different physical segment from another node may be able to spoof Neighbor Discovery messages, allowing it to update router information for the victim node.
5da0304608ae874f2a0a24b6a59e079a8cb6140245d47db24abb0b40c8913d5e
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, or to cause a DoS (Denial of Service).
085fc3b83024ab9618dae968487d4993dabbc33a94dace63be18e94db4e1ae5f
56 bytes setreuid, execve(pfctl -d) shellcode for freebsd/x86.
9f0ec696e7b3ac3dcc7755ae7e73a249c3f2fb62e635e84b71bf5bfc525ee831
112 byte connect back.send.exit /etc/passwd shellcode for freebsd/x86.
2a9e2dbe79087eeea63c69f7234f0b2c4331c511246dc7eb688bdbeb4f82ae76
12 byte kill all processes shellcode for freebsd/x86.
cfa82bdacc2f3c7fd83862d29be21d579166f90ad246ca9f611b652596f38e85
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
14e04e2d7007ebd9ace27b8a7e35f9b2c3d15ca8de852bd08ffdc9e101044e6d
90 byte rev connect, recv, jmp, return results shellcode for freebsd/x86.
de490e98a88f7b49dff7f3980d441bd35d41b81ed25838e1932e19ea8e9dabdf
Secunia Security Advisory - FreeBSD has acknowledged a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
4247049d902e1a8abb713042cd2e0769813f31502e5cf65b108ad172d6dc4f00
Secunia Security Advisory - FreeBSD has acknowledged a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
d7cdd57faef9c1e52081bcb44c00a7dd0c97ccf88200d59b7fa906f8f996d279
FreeBSD Security Advisory - In case of an incoming ICMPv6 'Packet Too Big Message', there is an insufficient check on the proposed new MTU for a path to the destination. When the kernel is configured to process IPv6 packets and has active IPv6 TCP sockets, a specifically crafted ICMPv6 'Packet Too Big Message' could cause the TCP stack of the kernel to panic.
8d935b0a4c11d0b8d9e04f2031c6eabb363df15b37837728e7cfbdcb0d15d3ac
FreeBSD Security Advisory - Various user defined input such as mount points, devices, and mount options are prepared and passed as arguments to nmount(2) into the kernel. Under certain error conditions, user defined data will be copied into a stack allocated buffer stored in the kernel without sufficient bounds checking. If the system is configured to allow unprivileged users to mount file systems, it is possible for a local adversary to exploit this vulnerability and execute code in the context of the kernel.
8265017f0c4b0022d978e1e3604993352ecac41efc8b787596bf55e18a09b5bb
FreeBSD Security Advisory - If a General Protection Fault happens on a FreeBSD/amd64 system while it is returning from an interrupt, trap or system call, the swapgs CPU instruction may be called one extra time when it should not resulting in userland and kernel state being mixed. A local attacker can by causing a General Protection Fault while the kernel is returning from an interrupt, trap or system call while manipulating stack frames and, run arbitrary code with kernel privileges.
fda35491c2c94c4696a474ad75a3cae114fe88a1cb3728114f08df8c752a8fac
65 byte NULL free /bin/cat /etc/master.passwd shellcode for freebsd/x86.
bf75fbba65f9c2d9805dac05cb9b181b3ddf504b414102d4ab8ea326f74b262d
56 byte setuid(0); execve(ipf -Fa); FreeBSD/x86 shellcode.
4905c77b104872e81339c93befff234f286dce206467fe8d28554b3425031690
89 byte /bin/sh reverse portbind FreeBSD/x86 shellcode.
0a238804877bad73cf1b4557abc7680cc941f298ece195636d9753a3010c5ca6
48 byte freebsd/x86 encrypted shellcode for /bin/sh.
521db4082afdf428d7d3dba0acc9846b0a72d8358967a984683b0d2c4edd27c6
Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
39cf2a4b64ea876a0e9eb5347e8edb112626da7c7e2e361315c4ceafbb237ead