.:[ packet storm ]:.
                           
it's okay to have the details
it's okay to have the details

 Section:  .. / advisories / freebsd  /

Page 5 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 100 - 125 of 257
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: FreeBSD-SA-01:32.ipfilter
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:32.ipfilter - When matching a packet fragment, insufficient checks were performed to ensure the fragment is valid. In addition, the fragment cache is checked before any rules are checked. Even if all fragments are blocked with a rule, fragment cache entries can be created by packets that match currently held state information. Because of these discrepancies, certain packets may bypass filtering rules. All versions of FreeBSD prior to the correction date, including FreeBSD 3.5.1 and 4.2, contain this problem.
Homepage:http://www.freebsd.org/security
File Size:3740
Last Modified:Apr 24 03:38:38 2001
MD5 Checksum:2c3f0fdd3246c06da4aca3af30fb026f

 ///  File Name: FreeBSD-SA-01:33.ftpd-glob
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:33 - The glob() function contains buffer overflows that are exploitable through the FTP daemon. If a directory with a name of a certain length is present, a remote user specifying a pathname using globbing characters may cause arbitrary code to be executed on the FTP server as user running ftpd, usually root. Additionally, when given a path containing numerous globbing characters, the glob() functions may consume significant system resources when expanding the path. This can be controlled by setting user limits via /etc/login.conf and setting limits on globbing expansion.
Homepage:http://www.freebsd.org/security
File Size:4158
Last Modified:Apr 24 03:38:53 2001
MD5 Checksum:a453b49a4b62f9680a258521bb5f9eb1

 ///  File Name: FreeBSD-SA-01:34.hylafax
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:34 - The hylafax port, versions prior to hylafax-4.1.b2_2, contains a format string bug in the hfaxd program. A local user may execute the hfaxd program with command-line arguments containing format string characters, gaining root privileges on the local system.
Homepage:http://www.freebsd.org/security
File Size:3861
Last Modified:Apr 25 02:52:18 2001
MD5 Checksum:36f4e44196ff626f346ead7a6cccca5b

 ///  File Name: FreeBSD-SA-01:35.licq
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:35.licq - The licq port, versions prior to 1.0.3, contains a vulnerability in URL parsing. URLs received by the licq program are passed to the web browser using the system() function. Since licq performs no sanity checking, a remote attacker will be able to pipe commands contained in the URL causing the client to execute arbitrary commands.
Homepage:http://www.freebsd.org/security
File Size:4111
Last Modified:Apr 25 02:53:57 2001
MD5 Checksum:20a23af63b1ba9a677c8588d31eb368c

 ///  File Name: FreeBSD-SA-01:36.samba
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:36.samba - The samba ports, versions prior to samba-2.0.8 and samba-devel-2.2.0, contain /tmp races that may allow local users to cause arbitrary files and devices to be overwritten. Due to easily predictable printer queue cache file names, local users may create symbolic links to any file or device causing it to be corrupted when a remote user accesses a printer. In addition, the file will be left with world writable permission allowing any user to enter their own data.
Homepage:http://www.freebsd.org/security
File Size:4417
Last Modified:Apr 25 02:56:17 2001
MD5 Checksum:6e3ceef276318afeaf178ec18d0d80b2

 ///  File Name: FreeBSD-SA-01:37.slrn
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:37.slrn - The slrn port, versions prior to slrn-0.9.7.0, contains a buffer overflow in the wrapping/unwrapping functions of message header parsing. If a sufficiently long header is parsed, a buffer may overflow allowing the execution of arbitrary code contained in a message header as the user running the slrn program.
Homepage:http://www.freebsd.org/security
File Size:3831
Last Modified:Apr 25 02:57:10 2001
MD5 Checksum:853d7a9ed7e8eed16729277939c48a7b

 ///  File Name: FreeBSD-SA-01:38.sudo
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:38.sudo - The sudo port, versions prior to sudo-1.6.3.7, contains a local command-line buffer overflow allowing local users to gain root privileges on the local system.
Homepage:http://www.freebsd.org/security
File Size:3757
Last Modified:Apr 25 02:58:21 2001
MD5 Checksum:16516985b9f52c388032d3954420c5ff

 ///  File Name: FreeBSD-SA-01:39.tcp-isn
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:39.tcp-isn - FreeBSD systems prior to 4.3-RELEASE contain vulnerabilities in the TCP ISN's. Protocols which authenticate solely based on IP address are vulnerable to blind spoofing attacks.
Homepage:http://www.freebsd.org/security
File Size:10772
Last Modified:May 3 04:03:54 2001
MD5 Checksum:896bd39934f10b14437591645221d360

 ///  File Name: FreeBSD-SA-01:40.fts
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:40 - The fts routines are vulnerable to a race condition when ascending a file hierarchy, which allows an attacker who has control over part of the hierarchy into which fts is descending to cause the application to ascend beyond the starting point of the file traversal, and enter other parts of the filesystem. If the fts routines are being used by an application to perform operations on the filesystem hierarchy, such as find(1) with a keyword such as -exec or -delete, or rm(1) with the -r flag, these operations can be incorrectly applied to files outside the intended hierarchy, which may result in system damage or compromise. All versions of FreeBSD prior to the correction date including 4.3-RELEASE are vulnerable to this problem.
Homepage:http://www.freebsd.org/security
File Size:6211
Last Modified:Aug 19 07:30:07 2001
MD5 Checksum:34e66ac78db53f168cc3f5f43a8336e0

 ///  File Name: FreeBSD-SA-01:51.openssl
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:51.openssl - OpenSSL prior to v0.9.6b contains random number errors which allow the key to be computed. An attack taking advantage of this flaw has been identified that can recover the complete state of the PRNG from the output of one carefully sized PRNG request followed by a few hundred consecutive 1-byte PRNG requests.
Homepage:http://www.freebsd.org/security
File Size:5835
Last Modified:Aug 1 02:41:39 2001
MD5 Checksum:8217be25c3fb2b305bcbbb1787e5af66

 ///  File Name: FreeBSD-SA-01:53.ipfw.me
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:53 - Ipfw "me" rules sometimes pass more packets than the administrator realizes when used in conjunction with point-to-point interfaces. Do not use ipfw me, instead give explicit IP addresses.
Homepage:http://www.freebsd.org/security
File Size:5323
Last Modified:Aug 19 07:35:37 2001
MD5 Checksum:feea109bf3a1d53265b218a8b6ac1c5f

 ///  File Name: FreeBSD-SA-01:54.telnetd.ports
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:54 - Three optional 3rd party telnetd daemons included in the FreeBSD ports collection have remote root vulnerabilities. They are MIT Kerberos V (security/krb5) prior to version 1.2.2_2, Heimdal (security/heimdal) prior to version 0.4b_1, and SSLtelnet (net/SSLtelnet) (not fixed yet).
Homepage:http://www.freebsd.org/security
File Size:5817
Last Modified:Aug 21 04:47:00 2001
MD5 Checksum:eeee15e9eb6bfb5cfd851c724d0a74b1

 ///  File Name: FreeBSD-SA-01:55.procfs
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:55 - The FreeBSD procfs can leak the memory of protected programs, including password hashes. The procfs code checks for gid kmem privilege when granting access to the /proc//mem file - however, the code which is used to allow read-only access via the kmem group was incorrect, and inappropriately granted read access to the caller as long as they already had an open file descriptor for the procfs mem file. All released versions of FreeBSD 4.x including FreeBSD 4.3-RELEASE are vulnerable to this problem if the procfs filesystem is in use.
Homepage:http://www.freebsd.org/security
File Size:7787
Last Modified:Aug 22 05:46:03 2001
MD5 Checksum:acb8dc544a433d11c51b06b9e807bbda

 ///  File Name: FreeBSD-SA-01:56.tcp_wrappers
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:56 - Tcp_wrappers PARANOID option was not properly implemented and did not provide any more protection than regular host ACL's. This allows an attacker that can influence the results of reverse DNS lookups to get away with providing false information in his dns server.
Homepage:http://www.freebsd.org/security
File Size:4886
Last Modified:Aug 25 04:23:35 2001
MD5 Checksum:0c27c70a8da0f4f644a62aa70acb3f06

 ///  File Name: FreeBSD-SA-01:57.sendmail
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:57 - Sendmail contains an input validation error which may lead to the execution of arbitrary code as root by local users. Upgrade to 8.11.6.
Homepage:http://www.freebsd.org/security
File Size:4653
Last Modified:Aug 28 09:01:11 2001
MD5 Checksum:5a7ac9a2e1d8582e3af70621cadabcd3

 ///  File Name: FreeBSD-SA-01:58.lpd
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:58 - Users on the local machine or on remote systems which are allowed to access the local line printer daemon may be able to cause a buffer overflow. Submitting a specially-crafted incomplete print job and subsequently requesting a display of the printer queue, a static buffer overflow may be triggered, causing arbitrary code to be executed on the machine as root. In order to remotely exploit this vulnerability, the remote machine must be given access to the local printer daemon via a hostname entry in /etc/hosts.lpd or /etc/hosts.equiv. lpd is not enabled on FreeBSD by default.
Homepage:http://www.freebsd.org/security
File Size:5555
Last Modified:Sep 1 06:55:51 2001
MD5 Checksum:b05f641195df2f38d5f2ae76e66d966d

 ///  File Name: FreeBSD-SA-01:59.rmuser
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:59 - The infrequently used rmuser command exposes the master.passwd file to all users for an instant.
Homepage:http://www.freebsd.org/security
File Size:5413
Last Modified:Sep 8 05:07:31 2001
MD5 Checksum:bf944e595aa1cbdbdb1eb29dd592ff90

 ///  File Name: FreeBSD-SA-01:60.procmail
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:60 - Procmail versions prior to procmail 3.20 performed unsafe actions while in the signal handlers. If a signal is delivered while procmail is already in an unsafe signal handler, undefined behavior may result, possibly leading to the ability to perform actions as the superuser under unprivileged local user control.
Homepage:http://www.freebsd.org/security
File Size:4129
Last Modified:Sep 27 06:47:20 2001
MD5 Checksum:380eca29133cf6e85db4ddf85f4cbe35

 ///  File Name: FreeBSD-SA-01:61.squid
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:61 - If the squid proxy port is configured in acceleration-only mode, ACL's are ignored, allowing a remote attacker to use the squid server in order to issue requests to hosts that are otherwise inaccessible. Because the squid server processes these requests as HTTP requests, the attacker cannot send or retrieve arbitrary data. However, the attacker could use squid's response to determine if a particular port is open on a victim host. Therefore, the squid server may be used to conduct a port scan.
Homepage:http://www.freebsd.org/security
File Size:4201
Last Modified:Oct 11 06:22:33 2001
MD5 Checksum:3a5eadce78ebd78879fe27fb8d2f1278

 ///  File Name: FreeBSD-SA-01:62.uucp
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:62.uucp - Taylor UUCP is incorrectly configured by default, allowing local users to run commands as the uucp user and dialer group, allowing local root access.
Homepage:http://www.freebsd.org/security
File Size:5972
Last Modified:Oct 11 06:25:15 2001
MD5 Checksum:725c3b6b92572c199d8624d6f2c806e0

 ///  File Name: FreeBSD-SA-01:63.openssh
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:63.openssh - OpenSSH prior to v3.0.2 has a remote root vulnerability, but only if the administrator set `UseLogin yes' in the sshd_config file.
Homepage:http://www.freebsd.org/security
File Size:11237
Last Modified:Dec 9 04:26:07 2001
MD5 Checksum:a6108f754c66c612d4e9613444e49146

 ///  File Name: FreeBSD-SA-01:64.wu-ftpd
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:64.wu-ftpd - Wu-ftpd v2.6.1 and below contains a remote root vulnerability which allows ftp users with anonymous accounts or user accounts to execute code. This may be accomplished by inserting invalid globbing parameters which are incorrectly parsed by the FTP server into command input.
Homepage:http://www.freebsd.org/security
File Size:4113
Last Modified:Dec 9 04:49:50 2001
MD5 Checksum:e3ba0a862974b9e5a3647de6bb36a86c

 ///  File Name: FreeBSD-SA-01:65.libgtop
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:65 - Libgtop, a library for the Gnome top command, has a stack overflow affecting versions prior to libgtop-1.0.12_1. Libgtop runs as group kmem, allowing local users to read from kernel memory can monitor privileged data such as network traffic, disk buffers and terminal activity.
Homepage:http://www.freebsd.org/security
File Size:4851
Last Modified:Dec 13 03:32:20 2001
MD5 Checksum:edcd28e2f9ba3272260f958a67ee637e

 ///  File Name: FreeBSD-SA-01:66.thttpd
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:66 - An exploitable remote vulnerability stemming from a one byte buffer overflow has been found in thttpd in the auth_check() function. Fixed in version v2.2.0c.
Homepage:http://www.freebsd.org/security
File Size:4851
Last Modified:Dec 13 03:35:18 2001
MD5 Checksum:edcd28e2f9ba3272260f958a67ee637e

 ///  File Name: FreeBSD-SA-01:67.htdig
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:67 - Htsearch, part of the htdig port, contains remote denial of service vulnerabilities. It also can allow files on the webserver to be written, but only if the attacker can anon-ftp in files. Version 3.1.5 and below are affected.
Homepage:http://www.freebsd.org/security
File Size:4361
Last Modified:Dec 18 06:25:23 2001
MD5 Checksum:3c85314147ec36ddaf394d086181b406
 

 ///  Last 10 Files
  1. :· glsa-200809-04.txt
  2. :· glsa-200809-03.txt
  3. :· glsa-200809-02.txt
  4. :· glsa-200809-01.txt
  5. :· zencart138a-sql.txt
  6. :· atheros-overflow.txt
  7. :· clamav-0.94.tar.gz
  8. :· qwicsitepro-sqlxss.txt
  9. :· awstats-exec.txt
  10. :· clamav-chm.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· glsa-200809-04.txt
  2. :· glsa-200809-03.txt
  3. :· glsa-200809-02.txt
  4. :· glsa-200809-01.txt
  5. :· atheros-overflow.txt
  6. :· clamav-chm.txt
  7. :· marvell-null.txt
  8. :· marvell-overflow.txt
  9. :· USN-640-1.txt
  10. :· FreeBSD-SA-08-09.icmp6.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· zencart138a-sql.txt
  2. :· qwicsitepro-sqlxss.txt
  3. :· awstats-exec.txt
  4. :· google-chrome-dos2.txt
  5. :· google-download1.txt
  6. :· google-chrome-dos1.txt
  7. :· xrms-sqlxss.txt
  8. :· livinglocal-sql.txt
  9. :· moodle-exec.txt
  10. :· uploader6-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· alphanumeric-shellcode.txt
  2. :· imagebase-shellcode.txt
  3. :· mysql-injection-newbies.txt
  4. :· aslr-bypass.txt
  5. :· draft-gont-opsec-ip-security-01.txt
  6. :· draft-ietf-tsvwg-port-randomization-02.txt
  7. :· evilshell.c
  8. :· OpenSSH-4.4p1-backdoored.tar.gz
  9. :· strongswan-4.2.6.tar.gz
  10. :· freebsd-master.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice