exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

FreeBSD Security Advisory - mountd ACL Mishandling
Posted Apr 21, 2011
Site security.freebsd.org

FreeBSD Security Advisory - The mountd(8) daemon services NFS mount requests from other client machines. When mountd is started, it loads the export host addresses and options into the kernel using the mount(2) system call. While parsing the exports(5) table, a network mask in the form of "-network=netname/prefixlength" results in an incorrect network mask being computed if the prefix length is not a multiple of 8. For example, specifying the ACL for an export as "-network 192.0.2.0/23" would result in a netmask of 255.255.127.0 being used instead of the correct netmask of 255.255.254.0.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2011-1739
SHA-256 | daab8415751957e3ad1463b8ec1447aa42b593613cb89eb97366e0b6b20911e2

Related Files

FreeBSD Security Advisory - rtld
Posted Dec 3, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The run-time link-editor, rtld, links dynamic executable with their needed libraries at run-time. It also allows users to explicitly load libraries via various LD_ environmental variables.

tags | advisory
systems | freebsd
advisories | CVE-2009-3555
SHA-256 | 43cd0a5c752f6ee28c98c000a73357ee02baaf6cfca10e1ff8d34ae1cd5fecd1
FreeBSD Security Advisory - SSL
Posted Dec 3, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2009-3555
SHA-256 | 83f0097f23e71e96656c550bd67180eab9bdaff2b8488afde19399d0ccd4562d
FreeBSD Security Advisory - Devfs / VFS
Posted Oct 2, 2009
Site security.freebsd.org

FreeBSD Security Advisory - Due to the interaction between devfs and VFS, a race condition exists where the kernel might dereference a NULL pointer.

tags | advisory, kernel
systems | freebsd
SHA-256 | 4b21def402ce048506cd636e20e57f215a29c797ecd2817b7359d5b1e52ab3ef
FreeBSD Security Advisory - kqueue pipe
Posted Oct 2, 2009
Site security.freebsd.org

FreeBSD Security Advisory - When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit. To trigger the problem, the dynamic update message must contains a record of type "ANY" and at least one resource record set (RRset) for this fully qualified domain name (FQDN) must exist on the server.

tags | advisory
systems | freebsd
SHA-256 | 6794c843e62bd2ba63abb24337495791f839e4e7e47cd54d93099e0868941ba7
FreeBSD Security Advisory - bind
Posted Jul 29, 2009
Site security.freebsd.org

FreeBSD Security Advisory - When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit. To trigger the problem, the dynamic update message must contains a record of type "ANY" and at least one resource record set (RRset) for this fully qualified domain name (FQDN) must exist on the server.

tags | advisory
systems | freebsd
advisories | CVE-2009-0696
SHA-256 | 63f6e9c33b817f0e2995a59692b493e8ec93d0332cc4781442f1c4b5e3d35798
FreeBSD Security Advisory - Pipe Information Disclosure
Posted Jun 11, 2009
Site security.freebsd.org

FreeBSD Security Advisory - An integer overflow in computing the set of pages containing data to be copied can result in virtual-to-physical address lookups not being performed.

tags | advisory, overflow
systems | freebsd
SHA-256 | 8655e2660ef04de220a65ec6f8631ef7f52a3e801d6816f4535bd98a398662fc
FreeBSD Security Advisory - IPv6 Permission Check
Posted Jun 11, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The SIOCSIFINFO_IN6 ioctl is missing a necessary permissions check. Local users, including non-root users and users inside jails, can set some IPv6 interface properties. These include changing the link MTU and disabling interfaces entirely.

tags | advisory, local, root
systems | freebsd
SHA-256 | ac68c0baaefa4bfdc7df1c0fa45bed659499c7dbaf9c342aee6ff1990c40e4a0
FreeBSD Security Advisory - ntpd Buffer Overflow
Posted Jun 11, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The ntpd(8) daemon is prone to a stack-based buffer-overflow when it is configured to use the 'autokey' security model.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2009-1252
SHA-256 | ec6c782f4a0e120ad1feee4a35e1fb30428529ec48d4b15ba1b394a88c31d3bd
FreeBSD Security Advisory - db Issue
Posted Apr 22, 2009
Site security.freebsd.org

FreeBSD Security Advisory - Some data structures used by the database interface code are not properly initialized when allocated. Programs using the db(3) interface to create Berkeley database files may "leak" sensitive information into database files. If those files can be read by other users, this may result in the disclosure of sensitive information such as login credentials.

tags | advisory
systems | freebsd
SHA-256 | f19636fcc9f3672265dbfa020957a9cea9463d7bdf766613e2c355245a911789
FreeBSD Security Advisory - OpenSSL
Posted Apr 22, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The function ASN1_STRING_print_ex does not properly validate the lengths of BMPString or UniversalString objects before attempting to print them. An application which attempts to print a BMPString or UniversalString which has an invalid length will crash as a result of OpenSSL accessing invalid memory locations. This could be used by an attacker to crash a remote application.

tags | advisory, remote
systems | freebsd
advisories | CVE-2009-0590
SHA-256 | 0af558312bdb0b2a378db3fb4f4e5a435365f4ea7532b84431ff7fb7a55aec6e
FreeBSD Security Advisory - ktimer
Posted Mar 24, 2009
Site security.freebsd.org

FreeBSD Security Advisory - In FreeBSD 7.0, support was introduced for per-process timers as defined in the POSIX realtime extensions. This allows a process to have a limited number of timers running at once, with various actions taken when each timer reaches zero. An integer which specifies which timer a process wishes to operate upon is not properly bounds-checked. An unprivileged process can overwrite an arbitrary location in kernel memory. This could be used to change the user ID of the process (in order to "become root"), to escape from a jail, or to bypass security mechanisms in other ways.

tags | advisory, arbitrary, kernel, root
systems | freebsd, osx
advisories | CVE-2009-1041
SHA-256 | bfe3f8cd4f9f141932f321714dc7fd3f873020d7be4c70aea61d5dfc7f2b2af7
FreeBSD-SA-09:05 - telnetd Code Execution
Posted Feb 17, 2009
Site security.freebsd.org

FreeBSD Security Advisory - In order to prevent environment variable based attacks, telnetd scrubs its environment; however, recent changes in FreeBSD's environment-handling code rendered telnetd's scrubbing inoperative, thereby allowing potentially harmful environment variables to be set. An attacker who can place a specially-constructed file onto a target system (either by legitimately logging into the system or by exploiting some other service on the system) can execute arbitrary code with the privileges of the user running the telnet daemon (usually root).

tags | advisory, arbitrary, root
systems | freebsd
SHA-256 | 8fd5f35be1f357357d7faa04aaf55fefca25b625f49ea0f157d81958e7d9b0a6
FreeBSD Security Advisory SA-09:04.bind
Posted Jan 14, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The DSA_do_verify() function from OpenSSL is used to determine if a DSA digital signature is valid. When DNSSEC is used within BIND it uses DSA_do_verify() to verify DSA signatures, but checks the function return value incorrectly.

tags | advisory
systems | freebsd
advisories | CVE-2009-0025
SHA-256 | 220d4fa821366af296e126574f48d4b6710134d13644b63e90dc0e60ac9c10b8
FreeBSD Security Advisory 09:01 - LukemFTPd
Posted Jan 7, 2009
Site security.freebsd.org

FreeBSD Security Advisory - lukemftpd suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
systems | freebsd
advisories | CVE-2008-4247
SHA-256 | f96a133098c7d695b8ed4948a168b5a4bbc1e31a29cf5e7e4ead2bbc59be475b
FreeBSD Security Advisory SA-09:02 - OpenSSL
Posted Jan 7, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The EVP_VerifyFinal() function from OpenSSL is used to determine if a digital signature is valid. The SSL layer in OpenSSL uses EVP_VerifyFinal(), which in several places checks the return value incorrectly and treats verification errors as a good signature. This is only a problem for DSA and ECDSA keys.

tags | advisory
systems | freebsd
advisories | CVE-2008-5077
SHA-256 | 0fb1c7f9876c52b5a471b7b0b3b96ecb570c084c5146b7a0b0b7cd4c332e5a41
FreeBSD Security Advisory - XSRF In ftpd
Posted Dec 30, 2008
Site security.freebsd.org

FreeBSD Security Advisory - The ftpd server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command. This could, with a specifically crafted command, be used in a cross-site request forgery attack.

tags | advisory, csrf
systems | freebsd
advisories | CVE-2008-4247
SHA-256 | 2e6c5b82c449c824228fcb5c04163a13250ea1166e252761a367a4dc98ca8ae5
FreeBSD Security Advisory - Bluetooth Privilege Escalation
Posted Dec 30, 2008
Site security.freebsd.org

FreeBSD Security Advisory - Some function pointers for netgraph and bluetooth sockets are not properly initialized. A local user can cause the FreeBSD kernel to execute arbitrary code. This could be used by an attacker directly; or it could be used to gain root privilege or to escape from a jail.

tags | advisory, arbitrary, kernel, local, root
systems | freebsd
SHA-256 | 68d6c56fdb87d6522cd80e38e97f33feb669cc5e02d6b6c06001e4a3bc436269
FreeBSD-SA-08.11.arc4random.txt
Posted Nov 25, 2008
Site security.freebsd.org

FreeBSD Security Advisory - When the arc4random random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random; and it may take up to 5 minutes before arc4random is reseeded with secure entropy from the Yarrow random number generator.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2008-5162
SHA-256 | 5b358a6d007f2d56053a805066be7b6451911ecfa223bda993b2748c778af6a4
FreeBSD-SA-08.10.nd6.txt
Posted Oct 2, 2008
Site security.freebsd.org

FreeBSD Security Advisory - IPv6 routers may allow "on-link" IPv6 nodes to create and update the router's neighbor cache and forwarding information. A malicious IPv6 node sharing a common router but on a different physical segment from another node may be able to spoof Neighbor Discovery messages, allowing it to update router information for the victim node.

tags | advisory, spoof
systems | freebsd
advisories | CVE-2008-2476
SHA-256 | 5da0304608ae874f2a0a24b6a59e079a8cb6140245d47db24abb0b40c8913d5e
FreeBSD-SA-08-09.icmp6.txt
Posted Sep 4, 2008
Site security.freebsd.org

FreeBSD Security Advisory - In case of an incoming ICMPv6 'Packet Too Big Message', there is an insufficient check on the proposed new MTU for a path to the destination. When the kernel is configured to process IPv6 packets and has active IPv6 TCP sockets, a specifically crafted ICMPv6 'Packet Too Big Message' could cause the TCP stack of the kernel to panic.

tags | advisory, kernel, tcp
systems | freebsd
advisories | CVE-2008-3530
SHA-256 | 8d935b0a4c11d0b8d9e04f2031c6eabb363df15b37837728e7cfbdcb0d15d3ac
FreeBSD-SA-08-08.nmount.txt
Posted Sep 4, 2008
Site security.freebsd.org

FreeBSD Security Advisory - Various user defined input such as mount points, devices, and mount options are prepared and passed as arguments to nmount(2) into the kernel. Under certain error conditions, user defined data will be copied into a stack allocated buffer stored in the kernel without sufficient bounds checking. If the system is configured to allow unprivileged users to mount file systems, it is possible for a local adversary to exploit this vulnerability and execute code in the context of the kernel.

tags | advisory, kernel, local
systems | freebsd
advisories | CVE-2008-3531
SHA-256 | 8265017f0c4b0022d978e1e3604993352ecac41efc8b787596bf55e18a09b5bb
FreeBSD-SA-08-07.amd64.txt
Posted Sep 4, 2008
Site security.freebsd.org

FreeBSD Security Advisory - If a General Protection Fault happens on a FreeBSD/amd64 system while it is returning from an interrupt, trap or system call, the swapgs CPU instruction may be called one extra time when it should not resulting in userland and kernel state being mixed. A local attacker can by causing a General Protection Fault while the kernel is returning from an interrupt, trap or system call while manipulating stack frames and, run arbitrary code with kernel privileges.

tags | advisory, arbitrary, kernel, local
systems | freebsd
advisories | CVE-2008-3890
SHA-256 | fda35491c2c94c4696a474ad75a3cae114fe88a1cb3728114f08df8c752a8fac
FreeBSD-SA-08.06.bind.txt
Posted Jul 15, 2008
Site security.freebsd.org

FreeBSD Security Advisory - The BIND DNS implementation does not randomize the UDP source port when doing remote queries, and the query id alone does not provide adequate randomization.

tags | advisory, remote, udp
systems | freebsd
advisories | CVE-2008-1447
SHA-256 | fb04e361ce950a2eb37bbee1c2ca35ab538b362079ecb611780d440663993f72
FreeBSD-SA-08-05.openssh.txt
Posted Apr 17, 2008
Site security.freebsd.org

FreeBSD Security Advisory - OpenSSH has a X11-forwarding privilege escalation issue. When logging in via SSH with X11-forwarding enabled, sshd(8) fails to correctly handle the case where it fails to bind to an IPv4 port but successfully binds to an IPv6 port. In this case, applications which use X11 will connect to the IPv4 port, even though it had not been bound by sshd(8) and is therefore not being securely forwarded.

tags | advisory
systems | freebsd
advisories | CVE-2008-1483
SHA-256 | e9b01dda09d2fd2b373a83e4472cf74b709679aa9d7a842873ded6635ef406d9
FreeBSD-SA-08-04.ipsec.txt
Posted Feb 14, 2008
Site security.freebsd.org

FreeBSD Security Advisory - The IPsec suite of protocols suffer from a null pointer dereference panic vulnerability.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2008-1777
SHA-256 | 7627924aa435f05eb5d237fa62f10699d9b3b18134bb644e86b0a181d39e66ae
Page 2 of 4
Back1234Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    9 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close