what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

FreeBSD Security Advisory - mountd ACL Mishandling
Posted Apr 21, 2011
Site security.freebsd.org

FreeBSD Security Advisory - The mountd(8) daemon services NFS mount requests from other client machines. When mountd is started, it loads the export host addresses and options into the kernel using the mount(2) system call. While parsing the exports(5) table, a network mask in the form of "-network=netname/prefixlength" results in an incorrect network mask being computed if the prefix length is not a multiple of 8. For example, specifying the ACL for an export as "-network 192.0.2.0/23" would result in a netmask of 255.255.127.0 being used instead of the correct netmask of 255.255.254.0.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2011-1739
SHA-256 | daab8415751957e3ad1463b8ec1447aa42b593613cb89eb97366e0b6b20911e2

Related Files

FreeBSD-SA-06-15.ypserv.txt
Posted Jun 1, 2006
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:15.ypserv: There are two documented methods of restricting access to NIS maps through ypserv(8): through the use of the /var/yp/securenets file, and through the /etc/hosts.allow file. While both mechanisms are implemented in the server, a change in the build process caused the "securenets" access restrictions to be inadvertently disabled.

systems | freebsd
SHA-256 | b939e4d3fddcf9d8f92200b7d05ca27d0a18ae5290b3350ca3d19fac28829a29
FreeBSD-SA-06-14.fpu.txt
Posted Apr 26, 2006
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:14.fpu - FPU information disclosure: On affected processors, a local attacker can monitor the execution path of a process which uses floating-point operations. This may allow an attacker to steal cryptographic keys or other sensitive information.

tags | local, info disclosure
systems | freebsd
SHA-256 | 7a90ad481bb181822f4882bcd4d2e967f8919ef69c8cce7ee8b546a06c7dd4b9
FreeBSD-SA-06-10.nfs.txt
Posted Mar 3, 2006
Authored by Evgeny Legerov | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:10.nfs - A part of the NFS server code charged with handling incoming RPC messages via TCP had an error which, when the server received a message with a zero-length payload, would cause a NULL pointer dereference which results in a kernel panic. The kernel will only process the RPC messages if a userland nfsd daemon is running.

tags | advisory, kernel, tcp
systems | freebsd
advisories | CVE-2006-0900
SHA-256 | 8712b0c54e6195379a38f208914e6b31aecb2b2ca2355a6a67d8db63219f7a5e
FreeBSD-SA-06-09.openssh.txt
Posted Mar 3, 2006
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:09.openssh - Because OpenSSH and OpenPAM have conflicting designs (one is event-driven while the other is callback-driven), it is necessary for OpenSSH to fork a child process to handle calls to the PAM framework. However, if the unprivileged child terminates while PAM authentication is under way, the parent process incorrectly believes that the PAM child also terminated. The parent process then terminates, and the PAM child is left behind. Due to the way OpenSSH performs internal accounting, these orphaned PAM children are counted as pending connections by the master OpenSSH server process. Once a certain number of orphans has accumulated, the master decides that it is overloaded and stops accepting client connections.

tags | advisory
systems | freebsd
advisories | CVE-2006-0883
SHA-256 | 012cb667b2bae94ec1b414c8de659b5091c2732abdfc4cd748a4a6a9557830cd
FreeBSD-SA-06-08.sack.txt
Posted Feb 2, 2006
Authored by Scott Wood | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-06:08.sack - SACK (Selective Acknowledgment) is an extension to the TCP/IP protocol that allows hosts to acknowledge the receipt of some, but not all, of the packets sent, thereby reducing the cost of retransmissions. When insufficient memory is available to handle an incoming selective acknowledgment, the TCP/IP stack may enter an infinite loop.

tags | advisory, tcp, protocol
systems | freebsd
advisories | CVE-2006-0433
SHA-256 | 8d3f7d980f0020012c292d7bd87a577e7beeedfba74ebfdf5862b03683811826
FreeBSD-SA-06-04.ipfw.txt
Posted Jan 15, 2006
Site freebsd.org

FreeBSD Security Advisory - ipfw maintains a pointer to layer 4 header information in the event that it needs to send a TCP reset or ICMP error message to discard packets. Due to incorrect handling of IP fragments, this pointer fails to get initialized.

tags | advisory, tcp
systems | freebsd
advisories | CVE-2006-0054
SHA-256 | b38cd8ef482c561df679f578513cab445b16a6b986a0729f301d0dc0adb15098
FreeBSD-SA-06-02.ee.txt
Posted Jan 15, 2006
Site freebsd.org

FreeBSD Security Advisory - The ispell_op function used by ee(1) while executing spell check operations employs an insecure method of temporary file generation. This method produces predictable file names based on the process ID and fails to confirm which path will be over written with the user.

tags | advisory
systems | freebsd
advisories | CVE-2006-0055
SHA-256 | aabdd726e7f1d21c64dd7f601f42432a072639283866afd5cb5d75fd085e4063
FreeBSD-SA-05-20.cvsbug.txt
Posted Sep 8, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.

systems | freebsd
advisories | CVE-2005-2693
SHA-256 | 42359b765b65baccde1ce2c51098dbada23fc98d9631451d3ea628c76795611b
FreeBSD-SA-05-08.kmem.txt
Posted Aug 7, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:08 - In many parts of the FreeBSD kernel, names (of mount points, devices, files, etc.) are manipulated as NULL-terminated strings, but are provided to applications within fixed-length buffers.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2005-1406
SHA-256 | 7b6aaa70807a670d6dd9019e62eee21d12cbe814525a0fe9b97d0c2e7ddca5a4
FreeBSD-SA-05-07.ldt
Posted Aug 7, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:07 - The i386_get_ldt(2) system call allows a process to request that a portion of its Local Descriptor Table be copied from the kernel into userland. The i386_get_ldt(2) syscall performs insufficient validation of its input arguments. In particular, negative or very large values may allow inappropriate data to be copied from the kernel.

tags | advisory, kernel, local
systems | freebsd
advisories | CVE-2005-1400
SHA-256 | 04fa0fee6b63c8ba41c37a7811a6462ab62955205b703bf973f33ee92e6da579
FreeBSD-SA-05-06.iir.txt
Posted Aug 7, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:06 - The default permissions on the /dev/iir device node allow unprivileged local users to open the device and execute ioctl calls. Unprivileged local users can send commands to the hardware supported by the iir(4) driver, allowing destruction of data and possible disclosure of data.

tags | advisory, local
systems | freebsd
advisories | CVE-2005-1399
SHA-256 | 9ebaba97534f52d79c1400d144ce3197429e42a0672b056673e3918480351f3a
FreeBSD-SA-05-19.ipsec.txt
Posted Jul 28, 2005
Authored by Yukiyo Akisada | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec - IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2005-2359
SHA-256 | 9d75e7d220ed1f61f09ae93e44a8e0ba4c60a6a4d11ff8f03cc972a6df79b6ea
FreeBSD-SA-05-18.zlib.txt
Posted Jul 28, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:18.zlib - A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.

tags | advisory, denial of service
systems | freebsd
advisories | CVE-2005-1849
SHA-256 | b2d40ae5f59903bd6c1b0e96942c8b40d5b7c0070b211d4957535d4b74ee339c
FreeBSD-SA-05-17.devfs.txt
Posted Jul 21, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:17.devfs - Due to insufficient parameter checking of the node type during device creation, any user can expose hidden device nodes on devfs mounted file systems within their jail. Device nodes will be created in the jail with their normal default access permissions.

tags | advisory
systems | freebsd
advisories | CVE-2005-2218
SHA-256 | e1c7cadcfc9a5b70208783e95f2c0e0102c8c0c89d38162917beeb93216b369c
FreeBSD-SA-05-09.htt.txt
Posted Jul 8, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:09 - When running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread.

tags | advisory
systems | freebsd
advisories | CVE-2005-0109
SHA-256 | 5e666245ff6f81ff72f602f77622595ea80e3cf57ceb0ef27419e4e10cfa5986
FreeBSD-SA-05-15.tcp.txt
Posted Jul 1, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:15 - Two problems have been discovered in the FreeBSD TCP stack. First, when a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. Second, a TCP packet with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options.

tags | advisory, tcp
systems | freebsd
SHA-256 | 30663ff4e4d6e6643116559b25a849f751e84dc20b68d90c0261a28842688ff7
FreeBSD-SA-05-14.bzip2.txt
Posted Jul 1, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:14 - Two problems have been discovered relating to the extraction of bzip2-compressed files. First, a carefully constructed invalid bzip2 archive can cause bzip2 to enter an infinite loop. Second, when creating a new file, bzip2 closes the file before setting its permissions.

tags | advisory
systems | freebsd
SHA-256 | 81c864494c3fb7c1777f84c50d2ea5e1bb96b674001417c3e3f9e573fb1005a0
FreeBSD-SA-05-13.ipfw.txt
Posted Jul 1, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:13 - The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be incorrectly matched against a lookup table.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2005-2019
SHA-256 | 6b7aa2a12074c968569303a922ef2f40cc26ef0aef04894d3fd3b9ebce0d5e08
FreeBSD-SA-05-12.bind9.txt
Posted Jun 21, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:12 - A DNSSEC-related validator function in BIND 9.3.0 contains an inappropriate internal consistency test. When this test is triggered, named(8) will exit.

tags | advisory
systems | freebsd
advisories | CVE-2005-0034
SHA-256 | 8fccf0614b4cae1a8f3081cb6f85fef6c558ed5fcde321cc9167d2225a2c0f87
FreeBSD-SA-05-05.cvs.txt
Posted Jun 1, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:05 - Multiple programming errors were found in CVS. In one case, variable length strings are copied into a fixed length buffer without adequate checks being made; other errors include NULL pointer dereferences, possible use of uninitialized variables, and memory leaks.

tags | advisory, memory leak
systems | freebsd
SHA-256 | 0955613e37e271809f7afef6711a84a64f2032dbe02f04eb08d63144b31158fa
FreeBSD-SA-05-03.amd64.txt
Posted Apr 17, 2005
Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:03 - The AMD64 architecture has two mechanisms for permitting processes to access hardware: Kernel code can access hardware directly by reason of its elevated privilege level, while user code can access a subset of hardware determined by a bitmap. The bitmap which determines which hardware can be accessed by unprivileged processes was not initialized properly. Unprivileged users on amd64 systems can gain direct access to some hardware, allowing for denial of service, disclosure of sensitive information, or possible privilege escalation.

tags | advisory, denial of service, kernel
systems | freebsd
SHA-256 | 70032104738efc10dec36f903360b79be790b01eb2ead623c710d5e8b076169f
FreeBSD-SA-05-02.sendfile.txt
Posted Apr 17, 2005
Authored by Sven Berkvens, Marc Olzheim | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-05:02 - The sendfile(2) system call allows a server application (such as an HTTP or FTP server) to transmit the contents of a file over a network connection without first copying it to application memory. High performance servers such as Apache and ftpd use sendfile. If the file being transmitted is truncated after the transfer has started but before it completes, sendfile(2) will transfer the contents of more or less random portions of kernel memory in lieu of the missing part of the file.

tags | advisory, web, kernel
systems | freebsd
advisories | CVE-2005-0708
SHA-256 | f23b5fbf03b2582e71dc290dd2da453c3f35c25347c573b97a39ab6a5ff37a46
FreeBSD Security Advisory 2004.17
Posted Dec 12, 2004
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:17.procfs - The implementation of the /proc/curproc/cmdline pseudofile in the procfs(5) file system on FreeBSD 4.x and 5.x, and of the /proc/self/cmdline pseudofile in the linprocfs(5) file system on FreeBSD 5.x reads a process' argument vector from the process address space. During this operation, a pointer was dereferenced directly without the necessary validation steps being performed.

tags | advisory
systems | freebsd
advisories | CVE-2004-1066
SHA-256 | 9172f91c6b027b6f7c743ba70a7c8f2026e861b105f1b6f5125ce2249481c20b
FreeBSD Security Advisory 2004.16
Posted Nov 20, 2004
Authored by The FreeBSD Project, Colin Percival | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:16.fetch - The fetch utility suffers from an integer overflow condition in the processing of HTTP headers that can result in a buffer overflow.

tags | advisory, web, overflow
systems | freebsd
SHA-256 | 6a018e23dd8de8d84de9f7d1f8a504a855c7a82a0f3059e216c48ef84a19658a
FreeBSD Security Advisory 2004.15
Posted Oct 13, 2004
Authored by The FreeBSD Project, Christer Oberg | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:15.syscons - The syscons CONS_SCRSHOT ioctl(2) does insufficient validation of its input arguments. In particular, negative coordinates or large coordinates may cause unexpected behavior.

tags | advisory
systems | freebsd
advisories | CVE-2004-0919
SHA-256 | 088af9d9dc40b2a466a18dea6a434c2f0859fe37e3f6919135f3ac37f610c117
Page 4 of 4
Back1234Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    9 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close