.:[ packet storm ]:.
                             
the one stop shop
the one stop shop

 Section:  .. / advisories / freebsd  /

Page 4 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 75 - 100 of 257
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: FreeBSD-SA-00:62.top
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:62 - A "format string vulnerability" was discovered in the top(1) utility which allows unprivileged local users to cause the top process to execute arbitrary code. The top utility runs with increased privileges as a member of the kmem group, which allows it to read from kernel memory (but not write to it). A process with the ability to read from kernel memory can monitor privileged data such as network traffic, disk buffers and terminal activity, and may be able to leverage this to obtain further privileges on the local system or on other systems, including root privileges.
Homepage:http://www.freebsd.org/security
File Size:5461
Last Modified:Nov 7 06:28:10 2000
MD5 Checksum:04593d98dec2c18878ea55dca7407670

 ///  File Name: FreeBSD-SA-06-11.ipsec.txt
Description:
 FreeBSD-SA-06:11.ipsec - An attacker able to to intercept IPSec packets can replay them. If higher level protocols which do not provide any protection against packet replays (e.g., UDP) are used, this may have a variety of effects.
Homepage:http://www.freebsd.org/security/
File Size:5448
Last Modified:Mar 23 21:49:33 2006
MD5 Checksum:00eb28e85d0a0489882135b4ee99b007

 ///  File Name: FreeBSD-SA-02:12.squid
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:12 - The Squid port prior to 2.4-STABLE4 (port version 2.4_8) contains multiple vulnerabilities, one of which allows authenticated users to overflow buffers.
Homepage:http://www.freebsd.org/security
File Size:5448
Last Modified:Feb 22 08:25:42 2002
MD5 Checksum:7e7fe0843e24f2f4c28c19f9dfcc4aea

 ///  File Name: FreeBSD-SA-01:59.rmuser
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:59 - The infrequently used rmuser command exposes the master.passwd file to all users for an instant.
Homepage:http://www.freebsd.org/security
File Size:5413
Last Modified:Sep 8 05:07:31 2001
MD5 Checksum:bf944e595aa1cbdbdb1eb29dd592ff90

 ///  File Name: FreeBSD-SA-01:25.kerberosIV
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:25 - Systems which have installed the optional Kerberos IV distribution are vulnerable to attacks via the telnet daemon due to an overflow in the libkrb KerberosIV authentication library and improper filtering of environmental variables by the KerberosIV-adapted telnet daemon.
Homepage:http://www.freebsd.org/security
File Size:5407
Last Modified:Feb 16 02:23:36 2001
MD5 Checksum:12e298711b3565cf86c2c893dd40ff8c

 ///  File Name: FreeBSD-SA-01:53.ipfw.me
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:53 - Ipfw "me" rules sometimes pass more packets than the administrator realizes when used in conjunction with point-to-point interfaces. Do not use ipfw me, instead give explicit IP addresses.
Homepage:http://www.freebsd.org/security
File Size:5323
Last Modified:Aug 19 07:35:37 2001
MD5 Checksum:feea109bf3a1d53265b218a8b6ac1c5f

 ///  File Name: FreeBSD-SA-02:26.accept
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:26 - FreeBSD kernels compiled with accept() filters are vulnerable to a denial of service condition.
Homepage:http://www.freebsd.org/security
File Size:5251
Last Modified:May 30 07:32:04 2002
MD5 Checksum:10d481747322bc519f14546021875827

 ///  File Name: FreeBSD-SA-00:54.fingerd
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:54 - Shortly before the release of FreeBSD 4.1.1, code was added to finger(1) intended to allow the utility to send the contents of administrator-specified files in response to a finger request. However the code incorrectly allowed users to specify a filename directly, the contents of which would be returned to the user.
Homepage:http://www.freebsd.org/security
File Size:5240
Last Modified:Oct 15 20:31:43 2000
MD5 Checksum:7431849a15ead61f2f7214d61d6f9e97

 ///  File Name: FreeBSD-SA-02:16.netscape
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:16 - Versions 4.76 and earlier of the Netscape browser will execute JavaScript contained in gif and jpeg comment blocks, allowing a hostile web server to see what is in your cache.
Homepage:http://www.freebsd.org/security
File Size:5205
Last Modified:Mar 13 06:00:26 2002
MD5 Checksum:099754ac73a348de45bf9561b2616eca

 ///  File Name: FreeBSD-SA-00:70.ppp
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:70 - The firewall deny feature in ppp(8) is broken in recent releases, accidently accepting all packets. Thus, users who are using the deny_incoming functionality in the expectation that it provides a "deny by default" firewall which only allows through packets known to be part of an existing NAT session, are in fact allowing other types of unsolicited IP traffic into their internal network.
Homepage:http://www.freebsd.org/security
File Size:5200
Last Modified:Nov 16 03:14:14 2000
MD5 Checksum:89a7db4a6af06e3a4bc4f17b480934d5

 ///  File Name: FreeBSD-SA-00:41
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:41 - The ELF image activator did not perform sufficient sanity checks on the ELF image header, and when confronted with an invalid or truncated header it suffered a sign overflow bug which caused the CPU to enter into a very long loop in the kernel. The system will appear to lock up for an extended period of time before control returns. This bug is exploitable by unprivileged local users
Homepage:http://www.freebsd.org/security
File Size:5175
Last Modified:Aug 28 23:30:09 2000
MD5 Checksum:02549a3282dbc5c7bbe1ea2d23ae272f

 ///  File Name: FreeBSD-SA-02:39.libkvm
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:39 - The kvm(3) library, which provides a uniform interface for accessing kernel virtual memory images, leaves open file descriptors to /dev/mem and /dev/kmem, allowing other processes to read kernel memory and disclose sensitive information. Affected applications include asmon, ascpu, bubblemon, wmmon, and wmnet2.
Homepage:http://www.freebsd.org/security
File Size:5156
Last Modified:Sep 17 14:19:53 2002
MD5 Checksum:3f11fcc475cb8268565f7245f8213f95

 ///  File Name: sa96-12
Description:
 security compromise from perl (suidperl) utility
File Size:5145
Last Modified:Sep 23 05:52:22 1999
MD5 Checksum:c77ea58adf58dd728525185415af400f

 ///  File Name: FreeBSD-SA-06-15.ypserv.txt
Description:
 FreeBSD Security Advisory FreeBSD-SA-06:15.ypserv: There are two documented methods of restricting access to NIS maps through ypserv(8): through the use of the /var/yp/securenets file, and through the /etc/hosts.allow file. While both mechanisms are implemented in the server, a change in the build process caused the "securenets" access restrictions to be inadvertently disabled.
Homepage:http://www.freebsd.org/security/
File Size:5136
Last Modified:Jun 2 00:48:47 2006
MD5 Checksum:29a262f243bd13cb49baa342002bac1c

 ///  File Name: freebsd.sa-98.06.icmp
Description:
 smurf attack
File Size:5104
Last Modified:Sep 23 05:52:22 1999
MD5 Checksum:10b912ff6dc23830e4cdaf93bce056b7

 ///  File Name: FreeBSD-SA-00:34.dhclient
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:34 - ISC-DHCP is an implementation of the DHCP protocol containing client and server. FreeBSD 3.2 and above includes the version 2 client by default in the base system, and the version 2 and version 3 clients and servers in the Ports Collection. The dhclient utility (DHCP client), versions 2.0pl2 and before (for the version 2.x series), and versions 3.0b1pl16 and before (for the version 3.x series) does not correctly validate input from the server, allowing a malicious DHCP server to execute arbitrary commands as root on the client. DHCP may be enabled if your system was initially configured from a DHCP server at install-time, or if you have specifically enabled it after installation. FreeBSD 4.1 is not affected by this problem since it contains the 2.0pl3 client.
Homepage:http://www.freebsd.org/security
File Size:5061
Last Modified:Aug 15 05:22:29 2000
MD5 Checksum:f860bd11876270653acaea47e45d5367

 ///  File Name: FreeBSD-SA-00:30.openssh
Description:
 FreeBSD-SA-00:30 - OpenSSH UseLogin directive permits remote root access. OpenSSH has a configuration option, not enabled by default ("UseLogin") which fails to drop privileges when it executes commands, meaning that remote users without root access can execute commands on the local system as root.
Homepage:http://www.freebsd.org/security
File Size:5015
Last Modified:Jul 6 04:11:39 2000
MD5 Checksum:8452c197ec9c671281eb81e67c1992e7

 ///  File Name: FreeBSD-SA-02:11.ucdsnmp
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:11 - ucd-snmp/net-snmp remotely exploitable vulnerabilities. The Net-SNMP (previously known as UCD-SNMP) package is a set of Simple Network Management Protocol tools, including an agent, library, and applications for generating and handling requests and traps. The Net-SNMP port, versions prior to 4.2.3, contains several remotely exploitable vulnerabilities which includes SNMPv1 request and trap handling in both managers and agents.
Homepage:http://www.freebsd.org
File Size:5006
Last Modified:Feb 13 03:02:07 2002
MD5 Checksum:df2e21b42af8e16ccd0df289f6d5d525

 ///  File Name: FreeBSD-SA-02:23.stdio
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:23 - Setuid or setgid applications can be used for privilege elevation due to insecure handling of stdio file descriptors on FreeBSD releases up to and including 4.5-RELEASE. It is known that the `keyinit' set-user-id program is exploitable using this method. This vulnerability was discovered by Joost Pol.
Homepage:http://www.freebsd.org/security
File Size:5003
Last Modified:Apr 25 03:43:04 2002
MD5 Checksum:af9b03df14e62e8c4b9fdf23ef6b6305

 ///  File Name: FreeBSD-SA-02:42.resolv
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:42 - Several libc functions --- including getaddrinfo(), gethostbyname(), getnetbyname(), and others --- utilize the DNS resolver functions res_search, res_query, and/or res_send which contain buffer overflow vulnerabilities which allow remote denial of service attacks against many applications.
Homepage:http://www.freebsd.org/security
File Size:4975
Last Modified:Nov 13 09:42:55 2002
MD5 Checksum:2790c8a66ed70f9a318481e64bc1e712

 ///  File Name: FreeBSD-SA-02:34.rpc
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:34 - All releases of FreeBSD up to and including 4.6.1-RELEASE-p5 contain an error in the the calculation of memory needed for unpacking arrays in the SunRPC XDR decoder results in a remotely exploitable heap overflow. Many rpc services are vulnerable, including NFS, the NIS server, rpc.statd and more.
Homepage:http://www.freebsd.org/security
File Size:4950
Last Modified:Aug 1 20:25:47 2002
MD5 Checksum:b1e72a2ea5675a95c1324a04c3acf407

 ///  File Name: FreeBSD-SA-00:33.kerberosIV
Description:
 FreeBSD-SA-00:33 - Vulnerabilities in the MIT Kerberos 5 port were the subject of an earlier FreeBSD Security Advisory (SA-00:20). At the time it was believed that the implementation of Kerberos distributed with FreeBSD was not vulnerable to these problems, but it was later discovered that FreeBSD 3.x contained an older version of KTH Kerberos 4 which is in fact vulnerable to at least some of these vulnerabilities. FreeBSD 4.0-RELEASE and later are unaffected by this problem, although FreeBSD 3.5-RELEASE is vulnerable.
Homepage:http://www.freebsd.org/security
File Size:4943
Last Modified:Jul 13 03:12:13 2000
MD5 Checksum:4ceea563c47ac6c7db6f9ac336a8d181

 ///  File Name: FreeBSD-SA-01:56.tcp_wrappers
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:56 - Tcp_wrappers PARANOID option was not properly implemented and did not provide any more protection than regular host ACL's. This allows an attacker that can influence the results of reverse DNS lookups to get away with providing false information in his dns server.
Homepage:http://www.freebsd.org/security
File Size:4886
Last Modified:Aug 25 04:23:35 2001
MD5 Checksum:0c27c70a8da0f4f644a62aa70acb3f06

 ///  File Name: sa96-09
Description:
 sa96-09
File Size:4882
Last Modified:Sep 23 05:52:22 1999
MD5 Checksum:8fcd33592da197d633f7561967209fc3

 ///  File Name: FreeBSD-SA-01:66.thttpd
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:66 - An exploitable remote vulnerability stemming from a one byte buffer overflow has been found in thttpd in the auth_check() function. Fixed in version v2.2.0c.
Homepage:http://www.freebsd.org/security
File Size:4851
Last Modified:Dec 13 03:35:18 2001
MD5 Checksum:edcd28e2f9ba3272260f958a67ee637e
 

 ///  Last 10 Files
  1. :· pacpoll-disclose.txt
  2. :· USN-682-1.txt
  3. :· USN-681-1.txt
  4. :· BMSA-2008-09.txt
  5. :· webhub-bypass.txt
  6. :· infinite-bypass.txt
  7. :· VA_VD_87_08_XRDP.pdf
  8. :· TKADV2008-013.txt
  9. :· sqlinj-insouts.txt
  10. :· bcoos1013-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· USN-682-1.txt
  2. :· USN-681-1.txt
  3. :· VA_VD_87_08_XRDP.pdf
  4. :· TKADV2008-013.txt
  5. :· dsa-1675-1.txt
  6. :· dsa-1674-1.txt
  7. :· dsa-1673-1.txt
  8. :· dsa-1672-1.txt
  9. :· USN-679-1.txt
  10. :· USN-680-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· pacpoll-disclose.txt
  2. :· BMSA-2008-09.txt
  3. :· webhub-bypass.txt
  4. :· infinite-bypass.txt
  5. :· bcoos1013-sql.txt
  6. :· preonline-cmsqlxss.txt
  7. :· preclass-sqlxss.txt
  8. :· aspportal-disclose.txt
  9. :· preshoppingmall-cmsqlxss.txt
  10. :· ezpoll-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· vncrush.txt
  2. :· rshatter.txt
  3. :· Exomind-v0.2.tar.gz
  4. :· clamav-0.94.2.tar.gz
  5. :· cadfile.zip
  6. :· anehta-v0.6.0fixed2.zip
  7. :· tagfuzz.txt
  8. :· BrowserRider.20081124.tar.bz2
  9. :· mp3nema-v0_2.tar.gz
  10. :· squid-nufw-helper-1.1.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· sqlinj-insouts.txt
  2. :· format-string-linux.txt
  3. :· frame-pointer-overwrite-linux.txt
  4. :· iptablesf.txt
  5. :· nufw-2.2.19.tar.gz
  6. :· frhack2009-cfp.txt
  7. :· oracle-forensics-scns.pdf
  8. :· cansecwest-2009.txt
  9. :· A5.1.zip
  10. :· a51-php.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice