This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
182d3e7b34ea800eae21d5fbf5fd4fa7f13792f27d9a4c5f61947ae0e178a720
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
d46f91e8a8f6bd9102156d1ee6efb61bd15b3a8b8b5c619bc91c1c61474727b6
Secunia Security Advisory - Maksymilian Arciemowicz has discovered a weakness in FreeBSD, which can be exploited by malicious users to cause a DoS (Denial of Service).
0a9719245b7a6600666a0308e65f34e135c03850ee01f6e13779c680fec76e69
FreeBSD version 9.1 suffers from a remote ftpd denial of service vulnerability.
ee47445b28383e3aa5a3bd3988e583b7a429051d6f88bc8757efc1a780f4fbf8
Polyvaccine is a detection software that enables protection to HTTP or SIP servers from unknown binary attacks, such as polymorphic exploit attacks, and DDoS at the application layer. Linux and FreeBSD platforms are supported.
ceae86766b493a722f4b28017e912c621ed12d84efb754ddc49fbe145ff45c25
FreeBSD Security Advisory - FreeBSD is binary-compatible with the Linux operating system through a loadable kernel module/optional kernel component. A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation. It is possible for a local attacker to overwrite portions of kernel memory, which may result in a privilege escalation or cause a system panic.
6702f60b55d6453bd757f5c5f78ebb7b3615928a68a5c006f536a774870013bf
FreeBSD Security Advisory - The internal authentication server of hostapd does not sufficiently validate the message length field of EAP-TLS messages. A remote attacker could cause the hostapd daemon to abort by sending specially crafted EAP-TLS messages, resulting in a Denial of Service.
2e64da0ea32a2dac049fee64d2e2a83e329082a4961e1f7560ffefb7f8cc5160
FreeBSD Security Advisory - The BIND daemon would crash when a query is made on a resource record with RDATA that exceeds 65535 bytes. The BIND daemon would lock up when a query is made on specific combinations of RDATA. A remote attacker can query a resolving name server to retrieve a record whose RDATA is known to be larger than 65535 bytes, thereby causing the resolving server to crash via an assertion failure in named. An attacker who is in a position to add a record with RDATA larger than 65535 bytes to an authoritative name server can cause that server to crash by later querying for that record. The attacker can also cause the server to lock up with specific combinations of RDATA.
06e1aee7809f7e8aa741e07c76a29eb43443068d25922ef3f329e9890d2bf998
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
8b56598c03fd2c9ee37b844a32f04a9db292e6318e4411065e0b1d74770cd467
This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
37fde545740ff58ff27a5cb9590cb1aef36206d163471d31c5f7531f501e90c5
Secunia Security Advisory - IOActive has discovered a vulnerability in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
53d6b8949377c0c7ca12b833d41843f87f860e1a7e4d4991c1a51799b39889da
FreeBSD Security Advisory - BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken chain of trust. Under high query loads, when DNSSEC validation is active, it is possible for a condition to arise in which data from this cache of failing queries could be used before it was fully initialized, triggering an assertion failure. A remote attacker that is able to generate high volume of DNSSEC validation enabled queries can trigger the assertion failure that causes it to crash, resulting in a denial of service.
14ce0ceb3dfdd72660f83035bfda8974a44d0c866f0212093a308b810aac8df9
Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
555cd0aed919baf30a8c3f0e6c85fda01ad6c658cc9582d5b683a3dbac9d8ea0
The SCTP implementation used by FreeBSD ("reference implementation") is vulnerable to a remote NULL pointer dereference in kernel due to a logic bug. When parsing ASCONF chunks, an attempt is made to find an association by address. if the address found is INADDR_ANY, sctp_findassoc_by_vtag() is called and an attempt is made to find an association by vtag. Before searching for the vtag in a hash table, a pointer is set to NULL, with the intention of redefining it after finding the association. However, if the specified vtag is not found, the function returns and the ptr is never reinitialized, causing a kernel panic when the NULL pointer is later dereferenced by the SCTP_INP_DECR_REF macro when flow returns to sctp_process_control(). This is a proof of concept denial of service exploit.
318b17b766a7c0e5fc891db3c6cd991c6323ae2a559c0d010ec2ec369599711b
Debian Linux Security Advisory 2508-1 - Rafal Wojtczuk from Bromium discovered that FreeBSD wasn't handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users.
7aebd5ce5840f094d51d7679c7d9ff0704d0af681bb872fa59cd27000b552673
This toolkit house various IPv6 tool that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 8.2, NetBSD 5.1, OpenBSD 5.0, and Ubuntu 11.10.
495e347d4bbbe9c0d3103f47b8d7a0f7d1a5f329d8d7205e15208bf12efcc139
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
1a7ed98015df32e7412caf37391105af25a9dc66a0e357a1c92ccd5a9f180298
Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
54f582c0aff4414fc8e75b7598d8ceb035792aff8f25fce2ab55a3bcd03d74c9
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to gain escalated privileges.
2598dd63ffe233bd938ac54ba0b4d96ea2fe3180da73643e74aefde90ec8b2c9
FreeBSD Security Advisory - The FreeBSD operating system implements a rings model of security, where privileged operations are done in the kernel, and most applications request access to these operations by making a system call, which puts the CPU into the required privilege level and passes control to the kernel. FreeBSD/amd64 runs on CPUs from different vendors. Due to varying behaviour of CPUs in 64 bit mode a sanity check of the kernel may be insufficient when returning from a system call. Successful exploitation of the problem can lead to local kernel privilege escalation, kernel data corruption and/or crash.
50ab73e18c85232ccd993cef89e2d46586aa4f827d36aa88ad33256fe4a53d2d
FreeBSD Security Advisory - The named(8) server does not properly handle DNS resource records where the RDATA field is zero length, which may cause various issues for the servers handling them. Resolving servers may crash or disclose some portion of memory to the client. Authoritative servers may crash on restart after transferring a zone containing records with zero-length RDATA fields. These would result in a denial of service, or leak of sensitive information.
38bb62ce0e6626ae58f5bdcb8590d53027dcaccd01d33f928641394b6ad66427
Secunia Security Advisory - A weakness has been reported in FreeBSD, which can be exploited by malicious people to conduct brute force attacks.
096d89e5f8bb66f7e25482daa3d537e6b8f732ea196a69e90fc5267468b4db01
FreeBSD Security Advisory - There is a programming error in the DES implementation used in crypt() when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with only the most significant bit set (0x80), that character and all characters after it will be ignored.
c93d455eb30d8a248bc3a8f2e54b0feb1b59e15469c93c07b2e5518cbee945c4
Secunia Security Advisory - FreeBSD has issued an update for OpenSSL. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.
566e6103b3b3305cd368cccc6a51b1795616b82f090a5eb6388741e912d98bcd
FreeBSD Security Advisory - OpenSSL fails to clear the bytes used as block cipher padding in SSL 3.0 records when operating as a client or a server that accept SSL 3.0 handshakes. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory. OpenSSL support for handshake restarts for server gated cryptography (SGC) can be used in a denial-of-service attack. Various other OpenSSL issues have also been addressed.
a5bef5136c533b9f68af4bc039c5c33bcdfa740e1cf6dd569a94090e8f39f3ee