Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
39cf2a4b64ea876a0e9eb5347e8edb112626da7c7e2e361315c4ceafbb237ead
FreeBSD Security Advisory - The BIND DNS implementation does not randomize the UDP source port when doing remote queries, and the query id alone does not provide adequate randomization.
fb04e361ce950a2eb37bbee1c2ca35ab538b362079ecb611780d440663993f72
Snoop is a GNU/Linux file descriptor monitoring tool inspired by FreeBSD's 'watch'. It goes beyond simple TTY snooping by allowing the interception of any file descriptor. You can attach on the fly to regular files, TTYs, named pipes, character devices, and pretty much anything that is represented by a file descriptor and addressable in the standard name space.
ac10fd95cf6b885d3ca967216b94200f527e87415a52f0f743d521a845da925f
Secunia Research has discovered a vulnerability in XnView, NConvert, and GFL SDK, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing the "format" keyword of Sun TAAC files. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into viewing a specially crafted Sun TAAC file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.70 of XnView for Linux and FreeBSD, XnView 1.93.6 for Windows, GFL SDK 2.82, and NConvert 4.92. Other versions may also be affected.
6d513fbba9ac630cb473e7094e4a5581a9466f3b53e85402becb12abda7c023e
Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.
a298d44f8a6ec977021cd492a720987ded81b5c4baf5f68b36f1282a23c9f7d3
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
4b9b90de7c1d69a2f4d96746a4d0f23e149a8885e20aee818a08c0b655f21fe4
Secunia Security Advisory - FreeBSD has issued an update for OpenSSH. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.
24e5368d9727ab4e33d22e8b41374272b737e37bfa76f900725892b0b2a59928
FreeBSD Security Advisory - OpenSSH has a X11-forwarding privilege escalation issue. When logging in via SSH with X11-forwarding enabled, sshd(8) fails to correctly handle the case where it fails to bind to an IPv4 port but successfully binds to an IPv6 port. In this case, applications which use X11 will connect to the IPv4 port, even though it had not been bound by sshd(8) and is therefore not being securely forwarded.
e9b01dda09d2fd2b373a83e4472cf74b709679aa9d7a842873ded6635ef406d9
Secunia Security Advisory - Maksymilian Arciemowicz has reported some vulnerabilities in FreeBSD, which potentially can be exploited by malicious people to compromise a vulnerable system.
f15ef8e417b8064d3a1fb4e8c18f70b13d3aeb5afe3aff13e2c78d9407cdfc5e
FreeBSD and NetBSD suffer from multiple vulnerabilities in libc in the strfmon() function.
cbe3c1735c6036b3a1b56bde659692782a69127f4311229609029b7922bf0442
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which potentially can be exploited by malicious, local users to gain escalated privileges.
151760a8f6f94a97aa274e2c3b488d77c98b459a50a55c47df92fdccc9e2f710
FreeBSD Security Advisory - The IPsec suite of protocols suffer from a null pointer dereference panic vulnerability.
7627924aa435f05eb5d237fa62f10699d9b3b18134bb644e86b0a181d39e66ae
FreeBSD Security Advisory - The sendfile system call suffers from a write-only file permission bypass vulnerability.
ae9c8fbc319906870b4f06753c0bc8a6c535f33e9b798c9f5924229d2e8e5cae
Secunia Security Advisory - A security issue has been reported in FreeBSD, which potentially can be exploited by malicious, local users to disclose sensitive information.
34e43a2fabf0c38293d346108cd730ce4d1dff8f1e2cb933507da7b3011d8c42
Secunia Security Advisory - FreeBSD has issued an update for ipsec. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
36d8052ca9aa88e2db7b85fe07c484d27b236d0859ba5a55558c932183b503eb
The paper describes a weakness in the pseudo random number generator (PRNG) in use by OpenBSD, Mac OS X, Mac OS X Server, Darwin, NetBSD, FreeBSD and DragonFlyBSD to produce random DNS transaction IDs (OpenBSD) and random IP fragmentation IDs.
f4d5a9167d760de1ba2fee62eca09913ff2bc2b3ccd64974ce7df7c989bc49c5
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
0d0a7367b13f1fa12b15d984732de8e37fb037633d9ddbffdba4f732db5bddc0
Secunia Security Advisory - Some vulnerabilities have been reported in FreeBSD, which can be exploited by malicious, local users to disclose sensitive information.
9801e03cc9acb6f085d89f7d1b79047d2aab94afe4d6bb9b7d745aea134e756c
FreeBSD Security Advisory - An off-by-one error in the inet_network() function could lead to memory corruption with certain inputs.
8b155994e4ef7e962223a3531ba2e2a826ab0c7ece42ea9334d85f02eee60190
FreeBSD Security Advisory - The FreeBSD pty handling suffers from multiple security vulnerabilities.
23273e2d002470b835681157420309b846ee5949a2100ba89960895d95269202
Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
b4b3d3540a7022aa7a81cae93f28c8475bc2660a21f88126725624c09769f1fb
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
9448dfd204026491d4a5fee13a6207a0bc8ebe407c267ad56062d7faa7f0e498
Secunia Security Advisory - FreeBSD has issued an update for gtar. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
a19cee0ec95dc22f0cb1d92b25bb0cb2a4f8e305eea1f41cb1bb41985a3e21cc
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to disclose potentially sensitive information.
1ffda4716ca90f37f9f95a11b10fd04752e819154fc6ff893ecce374837fa699
FreeBSD Security Advisory - Insufficient sanity checking of paths containing '.' and '..' allows gtar to overwrite arbitrary files on the system.
dcc19ef1a758f3087be980a876f9e362719306f374c5862dbc64840fe61c16ac