FreeBSD Security Advisory FreeBSD-SA-05:02 - The sendfile(2) system call allows a server application (such as an HTTP or FTP server) to transmit the contents of a file over a network connection without first copying it to application memory. High performance servers such as Apache and ftpd use sendfile. If the file being transmitted is truncated after the transfer has started but before it completes, sendfile(2) will transfer the contents of more or less random portions of kernel memory in lieu of the missing part of the file.
f23b5fbf03b2582e71dc290dd2da453c3f35c25347c573b97a39ab6a5ff37a46Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.
f01d068650f0f05c5b3753147ee0a5d3dfc07732c9788bb295683e66415a325dp0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
524bb56f5c023913a3328472fa5f6aa5a6cb2c88568ba205c466a1b9a7dfe0e4DansGuardian is a web content filter which currently runs on Linux, FreeBSD, OpenBSD and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters. DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as Draconian or as un-obstructive as you want.
68d6c5b54144545ce4476094a6edc8fe2895d3d32f5e81003a12172ac78ec514ELOG version 2.5.6 and below remote shell exploit. Includes targets for Slackware, Gentoo, FreeBSD, Mandrake, Fedora Core 1, Debian, Windows XP, and Redhat.
2f0be5f4ffcc4b64e7f89322b4934d525fd19649bcde7c18cf2b2398d88e016eSource code for a worm that spreads using Zboard PHP vulnerabilities. Known as the ZeroBoard worm, it infects Linux, FreeBSD, and Sun.
4040e59fececc70fcef5d30cbff38f15457047e62161edc81adda31769b65a06iotrace is a userspace read()/write() logger daemon for Linux, OSF1, OpenBSD, and FreeBSD. It works with su, ssh, ftp, telnet, rsh, scp, rlogin, rexec, passwd, adduser, mysql, gpg and uses strace.
f89bfdf58d3612969dd055040a5f84eed51f8d5c52852772c68a96a7413bd380NetBSD Security Advisory 2004-010 - Some of the functions in /usr/src/sys/compat/ which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) use argument data in unsafe ways prior to calling the kernel syscall.
05546d49f053bc61209d8c580436a808dbef16beb496554eb15265e595aea34fFreeBSD Security Advisory FreeBSD-SA-04:17.procfs - The implementation of the /proc/curproc/cmdline pseudofile in the procfs(5) file system on FreeBSD 4.x and 5.x, and of the /proc/self/cmdline pseudofile in the linprocfs(5) file system on FreeBSD 5.x reads a process' argument vector from the process address space. During this operation, a pointer was dereferenced directly without the necessary validation steps being performed.
9172f91c6b027b6f7c743ba70a7c8f2026e861b105f1b6f5125ce2249481c20bFreeBSD Security Advisory FreeBSD-SA-04:16.fetch - The fetch utility suffers from an integer overflow condition in the processing of HTTP headers that can result in a buffer overflow.
6a018e23dd8de8d84de9f7d1f8a504a855c7a82a0f3059e216c48ef84a19658ap0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
78702c2f8f43e546c8002d842fad47e077f205f16b6ac210cff5a285cdfe0d58Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
a6d2f67e1ec0e015cc4054c00654d076ede9156b89ed9bb360dbd47c8dd0d208Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
0d6e7e415cedeb9a97ec1cd957c6e3da0718b184bdcd44eedf9dfe2a94beb320Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.
2fc07e0603d745f169b686ddb5101b31942dc6aa0a2f994f2685e5e249ef0f26This is a simple local exploit for FreeBSD/OpenBSD with bmon < 1.2.1_2 installed. It depends on the fact that bmon doesn't use an absolute path to commands that it calls. This particular exploit uses 'netstat'.
9dc0b346d9fd4262adc9c83e19f1ef804883bb558ed5e2ce720089f496d91be6FreeBSD Security Advisory FreeBSD-SA-04:15.syscons - The syscons CONS_SCRSHOT ioctl(2) does insufficient validation of its input arguments. In particular, negative coordinates or large coordinates may cause unexpected behavior.
088af9d9dc40b2a466a18dea6a434c2f0859fe37e3f6919135f3ac37f610c117Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.
d16e2374935dc0c6bf3aa363ac8c4a5b7dda6e26dffe6a4df1e064393b88df5cA buffer overflow has been discovered in the trap.c syscall() function of the FreeBSD source tree. However, you need to be root to exploit this.
6444178da5ea0a896ca263731a215cc7f808b36e98e12a1934fae459315952dfp0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
563c62f63acfbef79e79659c3f483813816c7d032ef73e96e462a3b4f9a2fc7fcourier-imap 3.0.2-r1 and below remote format string vulnerability exploit. Tested on FreeBSD 4.10-RELEASE with courier-imap-3.0.2.
6b6fd0cbc65997bc5ba71342249c8d839b98e3f0017bd1622b2c633be2fd18a1sishell is a reverse (connecting) shellcode kit for x86 Linux, FreeBSD, NetBSD and OpenBSD. It generates both regular shellcode without NULLs and stand-alone ELF executables. sishell is distributed with a Makefile system, a custom ELF brander (brandelf) and a C example code generator. sishell is distributed under the MIT License.
eb3226fcdde43122beef233db2fe7fa8429b08bce8d263a6fc202949daf66992p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
fc6827f3792a325e79c300d9d45e526eb2da3a8c759cfe3695710b5016f3cfd3FreeBSD Security Advisory FreeBSD-SA-04:13.linux - A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation under FreeBSD. All 4.x and 5.x releases are susceptible.
95b92b3471dd0e17e060ce2b12c19604cca3827443a6bfe6ad4fc2e0fa9df522All versions of MPlayer, the movie player for Linux, are vulnerable to a buffer overflow attack that allows for privilege escalation. Local exploit included. Tested against Redhat Linux with Gnome, FreeBSD and latest cvsup plus ports with Gnome.
6850af71802ee705a1be21d2e279558327d7f8c14f4363ad429d736e33bfa329It is possible to crash the kernel on FreeBSD/Alpha by passing an unaligned memory address as a 2nd or 3rd argument to execve() syscall. Affected versions: FreeBSD 5.1-RELEASE/Alpha and possibly others. Not affected: FreeBSD 5.1-RELEASE/IA32.
a4526052ca2cb1a9ff1b6dffe4989feaa6565bda6886895d2f79921d22533f39
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed