Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
8aabee191fc499774645800b0a5c94a74f3f54e74eb92c56d5b22af0a1598c69Secunia Security Advisory - FreeBSD has issued an update for cpio. This fixes a vulnerability, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to cause files to be unpacked to arbitrary locations on a user's system.
ac12574f30df1a1fdef231e10b6c5ccab4cb14dfca09457fc3bb3f0fe73ff56aSecunia Security Advisory - FreeBSD has issued an update for texindex. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
d44e87145c5be5e5cf1e33d81d9ffbaa68d3252965ffdd56d269eed30700b9d8Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
0dbd81125cd79f3b90e4dd0bb1dbc7fe7c1c6682d7d03545f98bf35ca3733833httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the FreeBSD release.
168127b70bc87f1a6e9256ed4aa3a076a7a23c7155e3fe8d5b11a25dc880fcceC89 implementation of the Vignere cipher compiled and tested on Windows XP, Windows 2000 and FreeBSD 4.11
dfc16eba9f66d1a3bb503120747fe225fc107f0b593f0856ba0845880c5c0eb9ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
efd1922d2885b1dc67a360cd76ba95395d45d05c66fe6e0fed2b5cb96817f223Perl suffers from an integer wrap overflow inside the explicit parameter format string functionality. Perl 5.9.2 and perl 5.8.6 have been tested and found to be vulnerable on linux, freebsd, dragonflybsd on the ia32 platform. It is assumed that a much larger range of software and platforms are also affected, as the sv.c seems to remain seemingly static over time, however this is not confirmed.
98a5e4cc8d4e001a73593d476e2797bd0bb7e8f6e5f99d6bb0d89698243d92eemaster.passwd disclosure local exploit for FreeBSD versions 4.11 and below and 5.4 and below.
3a61fec1748cbc5fd100cae534599348960f67d0d18a74422f337336777b870fSecunia Security Advisory - FreeBSD has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions.
95a826578e926f2bf84a36b74d5c435e92a4ced466759f0ed998baf83afd6b57GNU Mailutils version 0.6 imap4d 'search' format string exploit. Written to be used against FreeBSD.
c56f13dd3e34ba53a2979730289d6e02fa4353b3feb9e642b5f3252d13dfd18aFreeBSD Qpopper poppassd latest version local root exploit. Tested on FreeBSD 5.4-RELEASE.
ec9e82155213753b712f0aa73de5fe9e2ef20be39dbc88b2b8f9c0fc19bed853Secunia Security Advisory - FreeBSD has issued an update for contrib_cvs. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
1f0d062ee351f59266a3190320054387eb8fdf8f36b808582e0dae8352e3223cFreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.
42359b765b65baccde1ce2c51098dbada23fc98d9631451d3ea628c76795611bUrban 1.5.3_1, part of the FreeBSD ports collection, is vulnerable to a stack overflow when handling the $HOME environmental variable. Since urban is installed with setgid games privileges, privilege escalation is possible. Earlier versions may also be susceptible. Proof of concept exploit included.
b4fa91cfa2c177e64461bac4e36029a755502d986f5de31f6bfe695b11b11cb7Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
27e657212881186d356907a7c45b168e7431a2f83f3411d2a90366afccf03916FreeBSD Security Advisory FreeBSD-SA-05:08 - In many parts of the FreeBSD kernel, names (of mount points, devices, files, etc.) are manipulated as NULL-terminated strings, but are provided to applications within fixed-length buffers.
7b6aaa70807a670d6dd9019e62eee21d12cbe814525a0fe9b97d0c2e7ddca5a4FreeBSD Security Advisory FreeBSD-SA-05:07 - The i386_get_ldt(2) system call allows a process to request that a portion of its Local Descriptor Table be copied from the kernel into userland. The i386_get_ldt(2) syscall performs insufficient validation of its input arguments. In particular, negative or very large values may allow inappropriate data to be copied from the kernel.
04fa0fee6b63c8ba41c37a7811a6462ab62955205b703bf973f33ee92e6da579FreeBSD Security Advisory FreeBSD-SA-05:06 - The default permissions on the /dev/iir device node allow unprivileged local users to open the device and execute ioctl calls. Unprivileged local users can send commands to the hardware supported by the iir(4) driver, allowing destruction of data and possible disclosure of data.
9ebaba97534f52d79c1400d144ce3197429e42a0672b056673e3918480351f3aPhrack Magazine Issue 63 - The last issue of Phrack! In this issue: Phrack Prophile on Tiago, OSX heap exploitation techniques, Hacking Windows CE, Games with kernel Memory...FreeBSD Style, Raising The Bar For Windows Rootkit Detection, Embedded ELF Debugging, Hacking Grub for Fun and Profit, Advanced antiforensics : SELF, Process Dump and Binary Reconstruction, Next-Gen. Runtime Binary Encryption, Shifting the Stack Pointer, NT Shellcode Prevention Demystified, PowerPC Cracking on OSX with GDB, Hacking with Embedded Systems, Process Hiding and The Linux Scheduler, Breaking Through a Firewall, Phrack World News.
32a3427c4ddef4cf274110f6abb0c9cb95a92ce308265aa82eab4f6a3ec53f13Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
6d8fba697a72b26c3cd889f59462e5acd3fc544eb0d84cd37fabe6d2203ee203FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec - IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator.
9d75e7d220ed1f61f09ae93e44a8e0ba4c60a6a4d11ff8f03cc972a6df79b6eaFreeBSD Security Advisory FreeBSD-SA-05:18.zlib - A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.
b2d40ae5f59903bd6c1b0e96942c8b40d5b7c0070b211d4957535d4b74ee339cSecunia Security Advisory - FreeBSD has issued an update for zlib. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) against a vulnerable application.
d7816a00446b369726e5c1be0f660a6ecb07e545d23025d6f19d926147e1441aSecunia Security Advisory - Yukiyo Akisada has reported a security issue in FreeBSD, which potentially can be exploited by malicious people to bypass certain security restrictions.
db0b54a78c8f71b480ac6af0751d97fc2a4cb64198801ab4c36cf48578e60d4d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed