what you don't know can hurt you
Showing 51 - 75 of 1,207 RSS Feed

Operating System: FreeBSD

FreeBSD Security Advisory - FreeBSD-SA-16:13.bind
Posted Mar 14, 2016
Authored by ISC | Site security.freebsd.org

FreeBSD Security Advisory - Testing by ISC has uncovered a defect in control channel input handling which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel (the interface which allows named to be controlled using the "rndc" server control utility). An error when parsing signature records for DNAME records having specific properties can lead to named exiting due to an assertion failure in resolver.c or db.c. A remote attacker can deliberately trigger the failed assertion if the DNS server accepts remote rndc commands regardless if authentication is configured. Note that this is not enabled by default. A remote attacker who can cause a server to make a query deliberately chosen to generate a response containing a signature record which would trigger a failed assertion and cause named to stop. Disabling DNSsec does not provide protection against this vulnerability.

tags | advisory, remote
systems | freebsd, bsd
advisories | CVE-2016-1285, CVE-2016-1286
MD5 | e2321efbb6ba00455dca96e0e88d2409
FreeBSD Security Advisory - FreeBSD-SA-16:11.openssl
Posted Jan 31, 2016
Site security.freebsd.org

FreeBSD Security Advisory - A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2. An active MITM attacker may be able to force a protocol downgrade to SSLv2, which is a flawed protocol and intercept the communication between client and server.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2015-3197
MD5 | 105c5b4a34e39afed10e9bbc94054342
FreeBSD Security Advisory - FreeBSD-SA-16:10.linux
Posted Jan 27, 2016
Authored by Isaac Dunham, Brent Cook, Warner Losh | Site security.freebsd.org

FreeBSD Security Advisory - A programming error in the Linux compatibility layer could cause the issetugid(2) system call to return incorrect information. If an application relies on output of the issetugid(2) system call and that information is incorrect, this could lead to a privilege escalation.

tags | advisory
systems | linux, freebsd
advisories | CVE-2016-1883
MD5 | 00d34015638239c7b35d55fdff5be632
FreeBSD Security Advisory - FreeBSD-SA-16:09.ntp
Posted Jan 27, 2016
Authored by Cisco ASIG / Network Time Foundation | Site security.freebsd.org

FreeBSD Security Advisory - Multiple vulnerabilities have been discovered in ntp 4.2.8p5.

tags | advisory, vulnerability
systems | freebsd, bsd
advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976
MD5 | 050d44ff421cf4c2ff19f2d29927a634
FreeBSD Security Advisory - FreeBSD-SA-16:08.bind
Posted Jan 27, 2016
Authored by ISC | Site security.freebsd.org

FreeBSD Security Advisory - There is an off-by-one error in a buffer size check when performing certain string formatting operations. Slaves using text-format db files could be vulnerable if receiving a malformed record in a zone transfer from their master. Masters using text-format db files could be vulnerable if they accept a malformed record in a DDNS update message. Recursive resolvers are potentially vulnerable when debug logging is enabled and if they are fed a deliberately malformed record by a malicious server. A server which has cached a specially constructed record could encounter this condition while performing 'rndc dumpdb'.

tags | advisory
systems | freebsd
advisories | CVE-2015-8704
MD5 | 58ee0826c7ba3739bb2d731b7fc83928
FreeBSD SCTP ICMPv6 Denial Of Service
Posted Jan 25, 2016
Site ptsecurity.com

FreeBSD suffers from an SCTP ICMPv6 error processing denial of service vulnerability.

tags | exploit, denial of service
systems | freebsd, bsd
advisories | CVE-2016-1879
MD5 | eb3cb9e922b8db018b68af99a333b2b9
FreeBSD bsnmpd Information Disclosure
Posted Jan 16, 2016
Authored by Pierre Kim

FreeBSD suffers from a bsnmpd information disclosure vulnerability.

tags | exploit, info disclosure
systems | freebsd, bsd
advisories | CVE-2015-5677
MD5 | 7d1a99c3863b05856f67c2ccb39b1ae2
FreeBSD Security Advisory - FreeBSD-SA-16:07.openssh
Posted Jan 15, 2016
Authored by Qualys Security Advisory Team | Site security.freebsd.org

FreeBSD Security Advisory - The OpenSSH client code contains experimental support for resuming SSH connections (roaming). The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server, including private client user keys. A user that authenticates to a malicious or compromised server may reveal private data, including the private SSH key of the user.

tags | advisory
systems | freebsd
advisories | CVE-2016-0777
MD5 | db88bcb6e48b14664b5ad70f4388c83d
FreeBSD Security Advisory - FreeBSD-SA-16:06.bsnmpd
Posted Jan 15, 2016
Authored by Pierre Kim

FreeBSD Security Advisory - The SNMP protocol supports an authentication model called USM, which relies on a shared secret. The default permission of the bsnmpd configuration file, /etc/bsnmpd.conf, is weak and does not provide adequate protection against local unprivileged users. A local user may be able to read the shared secret, if configured and used by the system administrator.

tags | advisory, local, protocol
systems | freebsd
advisories | CVE-2015-5677
MD5 | fc7515d3e9f8630afb77d28bd7a61646
FreeBSD Security Advisory - FreeBSD-SA-16:01.sctp
Posted Jan 15, 2016
Authored by Jonathan T. Looney

FreeBSD Security Advisory - A lack of proper input checks in the ICMPv6 processing in the SCTP stack can lead to either a failed kernel assertion or to a NULL pointer dereference. In either case, a kernel panic will follow. A remote, unauthenticated attacker can reliably trigger a kernel panic in a vulnerable system running IPv6. Any kernel compiled with both IPv6 and SCTP support is vulnerable. There is no requirement to have an SCTP socket open. IPv4 ICMP processing is not impacted by this vulnerability.

tags | advisory, remote, kernel
systems | freebsd
advisories | CVE-2016-1879
MD5 | a52cfa43c6209a4b31e2e6e7ad10ffca
FreeBSD Security Advisory - FreeBSD-SA-16:02.ntp
Posted Jan 15, 2016
Authored by Network Time Foundation

FreeBSD Security Advisory - The ntpd(8) daemon has a safety feature to prevent excessive stepping of the clock called the "panic threshold". If ever ntpd(8) determines the system clock is incorrect by more than this threshold, the daemon exits. There is an implementation error within the ntpd(8) implementation of this feature, which allows the system time be adjusted in certain circumstances. When ntpd(8) is started with the '-g' option specified, the system time will be corrected regardless of if the time offset exceeds the panic threshold (by default, 1000 seconds). The FreeBSD rc(8) subsystem allows specifying the '-g' option by either including '-g' in the ntpd_flags list or by enabling ntpd_sync_on_start in the system rc.conf(5) file. If at the moment ntpd(8) is restarted, an attacker can immediately respond to enough requests from enough sources trusted by the target, which is difficult and not common, there is a window of opportunity where the attacker can cause ntpd(8) to set the time to an arbitrary value.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2015-5300
MD5 | e07f765ea6647a5883adc34978841734
FreeBSD Security Advisory - FreeBSD-SA-16:05.tcp
Posted Jan 15, 2016
Authored by Ryan Stone,

FreeBSD Security Advisory - A programming error in processing a TCP connection with both TCP_MD5SIG and TCP_NOOPT socket options may lead to kernel crash. A local attacker can crash the kernel, resulting in a denial-of-service. A remote attack is theoretically possible, if server has a listening socket with TCP_NOOPT set, and server is either out of SYN cache entries, or SYN cache is disabled by configuration.

tags | advisory, remote, kernel, local, tcp
systems | freebsd
advisories | CVE-2016-1882
MD5 | 12d51fd2729f1bed2be6f8dc0ef11a09
FreeBSD Security Advisory - FreeBSD-SA-16:03.linux
Posted Jan 15, 2016
Authored by Mateusz Guzik

FreeBSD Security Advisory - A programming error in the handling of Linux futex robust lists may result in incorrect memory locations being accessed. It is possible for a local attacker to read portions of kernel memory, which may result in a privilege escalation.

tags | advisory, kernel, local
systems | linux, freebsd
advisories | CVE-2016-1880
MD5 | 19a4fbae13440bc000d627d27942b0ed
FreeBSD Security Advisory - FreeBSD-SA-16:04.linux
Posted Jan 15, 2016
Authored by Dmitry Chagin

FreeBSD Security Advisory - A programming error in the Linux compatibility layer setgroups(2) system call can lead to an unexpected results, such as overwriting random kernel memory contents. It is possible for a local attacker to overwrite portions of kernel memory, which may result in a privilege escalation or cause a system panic.

tags | advisory, kernel, local
systems | linux, freebsd
advisories | CVE-2016-1881
MD5 | 9ab82b9be2871f73b833b0650d17e096
FreeBSD Security Advisory - BIND Denial Of Service
Posted Dec 16, 2015
Site security.freebsd.org

FreeBSD Security Advisory - An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. An attacker who can cause a server to request a record with a malformed class attribute can use this bug to trigger a REQUIRE assertion in db.c, causing named to exit and denying service to clients. The risk to recursive servers is high. Authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs.

tags | advisory
systems | freebsd
advisories | CVE-2015-8000
MD5 | 06a85ebaa8919f1b808bbd7331ec41b8
FreeBSD Security Advisory - OpenSSL Issues
Posted Dec 6, 2015
Site security.freebsd.org

FreeBSD Security Advisory - OpenSSL has had multiple vulnerabilities addressed. The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. When presented with a malformed X509_ATTRIBUTE structure, OpenSSL will leak memory. If PSK identity hints are received by a multi-threaded client then the values are incorrectly updated in the parent SSL_CTX structure.

tags | advisory
systems | freebsd
advisories | CVE-2015-3194, CVE-2015-3195, CVE-2015-3196
MD5 | 0ced99acb2a23bfd013e2e6894d43ce7
FreeBSD Security Advisory - ntp Authentication Bypass
Posted Oct 26, 2015
Site security.freebsd.org

FreeBSD Security Advisory - Crypto-NAK packets can be used to cause ntpd(8) to accept time from an unauthenticated ephemeral symmetric peer by bypassing the authentication required to mobilize peer associations. FreeBSD 9.3 and 10.1 are not affected. Various other issues have also been addressed.

tags | advisory, crypto
systems | freebsd
advisories | CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871
MD5 | ad57d8b6fd48b773d3e8e84c18d972e4
FreeBSD Security Advisory - rpcbind(8) Denial Of Service
Posted Sep 30, 2015
Site security.freebsd.org

FreeBSD Security Advisory - In rpcbind(8), netbuf structures are copied directly, which would result in two netbuf structures that reference to one shared address buffer. When one of the two netbuf structures is freed, access to the other netbuf structure would result in an undefined result that may crash the rpcbind(8) daemon. A remote attacker who can send specifically crafted packets to the rpcbind(8) daemon can cause it to crash, resulting in a denial of service condition.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2015-7236
MD5 | 85136eada6303b10454b9288940958f4
FreeBSD Security Advisory - BIND Denial Of Service
Posted Sep 2, 2015
Site security.freebsd.org

FreeBSD Security Advisory - Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. A remote attacker can deliberately trigger the failed assertion which will cause an affected server to terminate, by using a query that requires a response from a zone containing a malformed key, resulting in a denial of service condition. Recursive servers are at greatest risk, however, an authoritative server could also be affected, if an attacker controls a zone that the server must query against to perform its zone service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2015-5722
MD5 | 2223cf4358d2bd313c49a41886d70f86
FreeBSD Security Advisory - IRET Handler Privilege Escalation
Posted Aug 26, 2015
Site security.freebsd.org

FreeBSD Security Advisory - If the kernel-mode IRET instruction generates an #SS or #NP exception, but the exception handler does not properly ensure that the right GS register base for kernel is reloaded, the userland GS segment may be used in the context of the kernel exception handler. By causing an IRET with #SS or #NP exceptions, a local attacker can cause the kernel to use an arbitrary GS base, which may allow escalated privileges or panic the system.

tags | advisory, arbitrary, kernel, local
systems | freebsd
advisories | CVE-2015-5675
MD5 | d5d0c2195194e85821432831db9e3e56
FreeBSD Security Advisory - OpenSSH Issues
Posted Aug 26, 2015
Site security.freebsd.org

FreeBSD Security Advisory - A programming error in the privileged monitor process of the sshd(8) service may allow the username of an already-authenticated user to be overwritten by the unprivileged child process. A use-after-free error in the privileged monitor process of he sshd(8) service may be deterministically triggered by the actions of a compromised unprivileged child process. A use-after-free error in the session multiplexing code in the sshd(8) service may result in unintended termination of the connection.

tags | advisory
systems | freebsd
MD5 | 560af56953e2f87247cba46c3c23c38c
HP Security Bulletin HPSBGN03395 1
Posted Aug 24, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03395 1 - A potential security vulnerability has been identified with HP KeyView running on HP-UX, Linux, Solaris, Windows, FreeBSD, and AIX. The vulnerability could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory
systems | linux, windows, solaris, freebsd, aix, hpux
advisories | CVE-2015-5416, CVE-2015-5417, CVE-2015-5418, CVE-2015-5419, CVE-2015-5420, CVE-2015-5421, CVE-2015-5422, CVE-2015-5423, CVE-2015-5424
MD5 | c822d624233777789e959ca18bfbc976
HP Security Bulletin HPSBGN03395 1
Posted Aug 24, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03395 1 - A potential security vulnerability has been identified with HP KeyView running on HP-UX, Linux, Solaris, Windows, FreeBSD, and AIX. The vulnerability could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory
systems | linux, windows, solaris, freebsd, aix, hpux
advisories | CVE-2015-5416, CVE-2015-5417, CVE-2015-5418, CVE-2015-5419, CVE-2015-5420, CVE-2015-5421, CVE-2015-5422, CVE-2015-5423, CVE-2015-5424
MD5 | c822d624233777789e959ca18bfbc976
FreeBSD Security Advisory - expat Integer Overflows
Posted Aug 18, 2015
Site security.freebsd.org

FreeBSD Security Advisory - Multiple integer overflows have been discovered in the XML_GetBuffer() function in the expat library.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2015-1283
MD5 | 39f153ba79b5a361579f0662dcc7d316
FreeBSD Security Advisory - patch Shell Injection
Posted Aug 6, 2015
Site security.freebsd.org

FreeBSD Security Advisory - Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch(1) to pass certain ed(1) scripts to the ed(1) editor, which would run commands.

tags | advisory
systems | freebsd
advisories | CVE-2015-1418
MD5 | 7d000c1ccb5024987c1efad09f675ec3
Page 3 of 49
Back12345Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close