exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

FreeBSD Security Advisory 2004.16
Posted Nov 20, 2004
Authored by The FreeBSD Project, Colin Percival | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:16.fetch - The fetch utility suffers from an integer overflow condition in the processing of HTTP headers that can result in a buffer overflow.

tags | advisory, web, overflow
systems | freebsd
SHA-256 | 6a018e23dd8de8d84de9f7d1f8a504a855c7a82a0f3059e216c48ef84a19658a

Related Files

FreeBSD-SA-08-04.ipsec.txt
Posted Feb 14, 2008
Site security.freebsd.org

FreeBSD Security Advisory - The IPsec suite of protocols suffer from a null pointer dereference panic vulnerability.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2008-1777
SHA-256 | 7627924aa435f05eb5d237fa62f10699d9b3b18134bb644e86b0a181d39e66ae
FreeBSD-SA-08-03.sendfile.txt
Posted Feb 14, 2008
Site security.freebsd.org

FreeBSD Security Advisory - The sendfile system call suffers from a write-only file permission bypass vulnerability.

tags | advisory, bypass
systems | freebsd
advisories | CVE-2008-0777
SHA-256 | ae9c8fbc319906870b4f06753c0bc8a6c535f33e9b798c9f5924229d2e8e5cae
FreeBSD-SA-08-02.libc.txt
Posted Jan 15, 2008
Site security.freebsd.org

FreeBSD Security Advisory - An off-by-one error in the inet_network() function could lead to memory corruption with certain inputs.

tags | advisory
systems | freebsd
advisories | CVE-2008-0122
SHA-256 | 8b155994e4ef7e962223a3531ba2e2a826ab0c7ece42ea9334d85f02eee60190
FreeBSD-SA-08-01.pty.txt
Posted Jan 15, 2008
Site security.freebsd.org

FreeBSD Security Advisory - The FreeBSD pty handling suffers from multiple security vulnerabilities.

tags | advisory, vulnerability
systems | freebsd
advisories | CVE-2008-0217, CVE-2008-0216
SHA-256 | 23273e2d002470b835681157420309b846ee5949a2100ba89960895d95269202
FreeBSD-SA-07-10.gtar.txt
Posted Nov 30, 2007
Site security.freebsd.org

FreeBSD Security Advisory - Insufficient sanity checking of paths containing '.' and '..' allows gtar to overwrite arbitrary files on the system.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2007-4131
SHA-256 | dcc19ef1a758f3087be980a876f9e362719306f374c5862dbc64840fe61c16ac
FreeBSD-SA-07-09.random.txt
Posted Nov 30, 2007
Site security.freebsd.org

FreeBSD Security Advisory - Under certain circumstances, a bug in the internal state tracking on the random and urandom devices can be exploited to allow replaying of data distributed during subsequent reads.

tags | advisory
systems | freebsd
advisories | CVE-2007-6150
SHA-256 | 79fc48bb0be0a2fc8194b995f8df4fc946ed9da015fb0ef3779e6e7ea6fd4d16
FreeBSD-SA-07-08.openssl.txt
Posted Oct 5, 2007
Site security.freebsd.org

FreeBSD Security Advisory - A buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found to be incorrectly fixed.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2007-3738, CVE-2007-5135
SHA-256 | b17048d5d589fb121d6c680856308fa4c05d2db3f5e995fda3825188618c9387
FreeBSD-SA-07-07.bind.txt
Posted Aug 8, 2007
Site security.freebsd.org

FreeBSD Security Advisory - An attacker who can see the query id for some request(s) sent by named(8) is likely to be able to perform DNS cache poisoning by predicting the query id for other request(s).

tags | advisory
systems | freebsd
advisories | CVE-2007-2926
SHA-256 | 85b9dc46bf51bf97e6c2530765f1006e835e54646ea613fdacc90affeb633d73
FreeBSD-SA-07-06.tcpdump.txt
Posted Aug 8, 2007
Site security.freebsd.org

FreeBSD Security Advisory - By crafting malicious BGP packets, an attacker could exploit a vulnerability in tcpdump allowing them to execute code or crash the process.

tags | advisory
systems | freebsd
advisories | CVE-2007-3798
SHA-256 | e33c611629e2f77744592e30f63eec2b9479350375ca2b84b50d8d02a47af1bd
FreeBSD-SA-07-01.jail.txt
Posted Aug 8, 2007
Site security.freebsd.org

FreeBSD Security Advisory - Due to the lack of handling of potential symbolic links the host's jail rc.d(8) script is vulnerable to "symlink attacks". By replacing /var/log/console.log inside the jail with a symbolic link it is possible for the superuser (root) inside the jail to overwrite files on the host system outside the jail with arbitrary content. This in turn can be used to execute arbitrary commands with non-jailed superuser privileges.

tags | advisory, arbitrary, root
systems | freebsd
advisories | CVE-2007-0166
SHA-256 | 028e10620eb9d9c3fa9a15f2a25d7e04e9c45a57e7eaee8470108c46f4ed4e43
FreeBSD-SA-07-05.libarchive.txt
Posted Jul 13, 2007
Site security.freebsd.org

FreeBSD Security Advisory - Several problems have been found in the libarchive code used to parse the tar and pax interchange formats. These include entering an infinite loop if an archive prematurely ends within a pax extension header or if certain types of corruption occur in pax extension headers, dereferencing a NULL pointer if an archive prematurely ends within a tar header immediately following a pax extension header or if certain other types of corruption occur in pax extension headers, and miscomputing the length of a buffer resulting in a buffer overflow if yet another type of corruption occurs in a pax extension header.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2007-3641, CVE-2007-3644, CVE-2007-3645
SHA-256 | b38942f713cc47fbfb1b3c24182ba24175fea8220d4abee0c036c12cbc41e014
FreeBSD-SA-07-04.file.txt
Posted May 24, 2007
Site security.freebsd.org

FreeBSD Security Advisory - An attacker who can cause file to be run on a maliciously constructed input can cause file to crash. It may be possible for such an attacker to execute arbitrary code with the privileges of the user running file. The above also applies to any other applications using the libmagic library.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2007-1536
SHA-256 | 8e2a86c43663ab976f1486f288aeb153a35b6755fa7c13f24c4527aa1cd9f14d
FreeBSD-SA-07-03-ipv6.txt
Posted May 3, 2007
Site security.freebsd.org

FreeBSD Security Advisory - There is no mechanism for preventing IPv6 routing headers from being used to route packets over the same link(s) many times. An attacker can "amplify" a denial of service attack against a link between two vulnerable hosts; that is, by sending a small volume of traffic the attacker can consume a much larger amount of bandwidth between the two vulnerable hosts. An attacker can use vulnerable hosts to "concentrate" a denial of service attack against a victim host or network; that is, a set of packets sent over a period of 30 seconds or more could be constructed such that they all arrive at the victim within a period of 1 second or less.

tags | advisory, denial of service
systems | freebsd
advisories | CVE-2007-2242
SHA-256 | e323b4eb127110e64c1525bdafe94d149b45614db2539509afa2cbeeb7a9e6be
FreeBSD-SA-07-02.bind.txt
Posted Feb 13, 2007
Site security.freebsd.org

FreeBSD Security Advisory - A remote attacker sending a type * (ANY) query to an authoritative DNS server for a DNSSEC signed zone can cause the named(8) daemon to exit, resulting in a Denial of Service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2007-0493, CVE-2007-0494
SHA-256 | 8468eb2d18ed5e62f05cc1b12e5a16a332d905bf12993f6630719308f3901887
FreeBSD-SA-07.01.jail.txt
Posted Jan 14, 2007
Authored by Dirk Engling | Site security.freebsd.org

FreeBSD Security Advisory - jail(2) is susceptible to a symlink related vulnerability due to a lack of sanity checking.

tags | advisory
systems | freebsd
advisories | CVE-2007-0166
SHA-256 | 67718e9c6c514fdd36e62fe2606ff687a4feed8cb51383a05dc3595135aae050
FreeBSD-SA-06-26.gtar.txt
Posted Dec 7, 2006
Authored by Teemu Salmela | Site security.freebsd.org

FreeBSD Security Advisory - Symlinks created using the "GNUTYPE_NAMES" tar extension can be absolute due to lack of proper sanity checks.

tags | advisory
systems | freebsd
advisories | CVE-2006-6097
SHA-256 | 7ba3e6885e8d3fc426d046277d8b0ab731a8d7a0955760bb6ec9de3f9f245048
FreeBSD-SA-06-25.kmem.txt
Posted Dec 7, 2006
Authored by Rodrigo Rubira Branco | Site security.freebsd.org

FreeBSD Security Advisory - The firewire(4) driver suffers from a kernel memory disclosure flaw.

tags | advisory, kernel
systems | freebsd
advisories | CVE-2006-6013
SHA-256 | 4db745ec6a09022919249c4b5643014725cec3d5b47739879440d0729ce0431d
FreeBSD-SA-06-24.libarchive.txt
Posted Nov 9, 2006
Site security.FreeBSD.org

FreeBSD Security Advisory - If the end of an archive is reached while attempting to "skip" past a region of an archive, libarchive will enter an infinite loop wherein it repeatedly attempts (and fails) to read further data.

tags | advisory
systems | freebsd
advisories | CVE-2006-5680
SHA-256 | 1662409beef33d76b0e89f2e9c582e294f8878e50e0f2f6197a66012038d1c3b
FreeBSD Security Advisory 2006.23
Posted Oct 4, 2006
Authored by The FreeBSD Project | Site security.FreeBSD.org

FreeBSD Security Advisory: Multiple problems in crypto(3) [revised]

tags | cryptography
systems | freebsd
SHA-256 | cf24f2e129bca457df67226f2da481a6cd4cd412bc1dd50076f6b090a5725090
FreeBSD-SA-06-23.openssl.txt
Posted Oct 4, 2006
Site freebsd.org

FreeBSD Security Advisory: Multiple problems in crypto(3)

tags | cryptography
systems | freebsd
SHA-256 | 0187927fa4f8bfa1d2e8ed32a2b55c51090ed0b77f08caa6a6f2abc617a0afaf
FreeBSD-SA-06-21.gzip.txt
Posted Sep 26, 2006
Site freebsd.org

FreeBSD Security Advisory - Multiple vulnerabilities exist in gzip.

tags | advisory, vulnerability
systems | freebsd
SHA-256 | 40bd13cb8cb2081691ce02d2adabac8a542bd62b8d47fd3c4d05236d29b0cb78
FreeBSD-SA-06-20.bind.txt
Posted Sep 8, 2006
Site freebsd.org

FreeBSD Security Advisory - BIND 9 suffers from multiple denial of service vulnerabilities.

tags | denial of service, vulnerability
systems | freebsd
advisories | CVE-2006-4095, CVE-2006-4096
SHA-256 | d4a8c901fd917c2e9269ec036040d861d50d033a2fcb23dda2d2938f8e43b448
FreeBSD-SA-06-19.openssl.txt
Posted Sep 8, 2006
Site freebsd.org

FreeBSD Security Advisory - When verifying a PKCS#1 version 1.5 signature, OpenSSL ignores any bytes which follow the cryptographic hash being signed. In a valid signature there will be no such bytes.

systems | freebsd
advisories | CVE-2006-4339
SHA-256 | b12a2d894db6fb7f3b6c529ad1fe3cac50460ba14815fe9a015f3369107f278f
FreeBSD-SA-06-08.ppp.txt
Posted Aug 28, 2006
Site freebsd.org

FreeBSD Security Advisory - While processing Link Control Protocol (LCP) configuration options received from the remote host, ppp fails to correctly validate option lengths. This may result in data being read or written beyond the allocated kernel memory buffer.

tags | remote, kernel, protocol
systems | freebsd
advisories | CVE-2006-4304
SHA-256 | 1a505aa71e5062892602bad3342291e7924f5588a8db8ea6bfbcdaa4e12a0f6d
FreeBSD-SA-06-17-sendmail.txt
Posted Jun 21, 2006
Site freebsd.org

FreeBSD Security Advisory - A suitably malformed multipart MIME message can cause sendmail to exceed predefined limits on its stack usage.

tags | advisory
systems | freebsd
advisories | CVE-2006-1173
SHA-256 | 4c64110a3ce437e1fc236d7f09777c2a562a531cde1988c0e58a3141c21e6e8e
Page 3 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close