.:[ packet storm ]:.
                             
the one stop shop
the one stop shop

 Section:  .. / advisories / freebsd  /

Page 5 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 100 - 125 of 257
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: FreeBSD-SA-01:65.libgtop
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:65 - Libgtop, a library for the Gnome top command, has a stack overflow affecting versions prior to libgtop-1.0.12_1. Libgtop runs as group kmem, allowing local users to read from kernel memory can monitor privileged data such as network traffic, disk buffers and terminal activity.
Homepage:http://www.freebsd.org/security
File Size:4851
Last Modified:Dec 13 03:32:20 2001
MD5 Checksum:edcd28e2f9ba3272260f958a67ee637e

 ///  File Name: FreeBSD-SA-00:24.libedit
Description:
 FreeBSD-SA-00:24 - libedit incorrectly reads an ".editrc" file in the current directory if it exists, in order to specify configurable program behaviour. However it does not check for ownership of the file, so an attacker can cause a libedit application to execute arbitrary key rebindings and exercise terminal capabilities by creating an .editrc file in a directory from which another user executes a libedit binary (e.g. root running ftp(1) from /tmp). This can be used to fool the user into unknowingly executing program commands which may compromise system security. For example, ftp(1) includes the ability to escape to a shell and execute a command, which can be done under libedit control.
Homepage:http://www.freebsd.org/security
File Size:4841
Last Modified:Jul 6 03:19:22 2000
MD5 Checksum:304ce070eaf70205537d8549c27ca3da

 ///  File Name: freebsd.sa-99.03.ftpd
Description:
 Three ftp daemons in ports vulnerable to attack.
File Size:4802
Last Modified:Sep 23 05:52:22 1999
MD5 Checksum:8854512a13ccf71e55817cebf7c3ca7f

 ///  File Name: FreeBSD-SA-00:25.random
Description:
 FreeBSD-SA-00:25 - The FreeBSD port to the Alpha platform did not provide the /dev/random or /dev/urandom devices. Some applications fail to correctly check for a working /dev/random and do not exit with an error if it is not available, so this weakness goes undetected. OpenSSL 0.9.4, and utilities based on it, including OpenSSH (both of which are included in the base FreeBSD 4.0 system) are affected in this manner.
Homepage:http://www.freebsd.org/security
File Size:4786
Last Modified:Jun 13 23:08:33 2000
MD5 Checksum:d1e54684337b5c06aa9f9f7b7f2d8322

 ///  File Name: FreeBSD-SA-01:03.bash1
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:03.bash1 - Bash creates insecure tempfiles when the double-lessthan operator is used.
Homepage:http://www.freebsd.org/security
File Size:4758
Last Modified:Jan 17 07:39:51 2001
MD5 Checksum:059e2aceea97c5110789ce65a986c19c

 ///  File Name: FreeBSD-SA-05-20.cvsbug.txt
Description:
 FreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.
Homepage:http://www.freebsd.org/security/
File Size:4753
Related CVE(s):CAN-2005-2693
Last Modified:Sep 8 03:02:42 2005
MD5 Checksum:144795693624779ec7d30b825746ea02

 ///  File Name: sa96-16
Description:
 security vulnerability in rdist
File Size:4731
Last Modified:Sep 23 05:52:22 1999
MD5 Checksum:0d5a4fe4e741fec898e806557dde1fed

 ///  File Name: FreeBSD-SA-00:75.mod_php
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:75 - The mod_php ports, versions prior to 3.0.17 (mod_php3) and 4.0.3 (mod_php4), contain a potential vulnerability that may allow a malicious remote user to execute arbitrary code as the user running the web server, typically user 'nobody'. The vulnerability is due to a format string vulnerability in the error logging routines. A web server is vulnerable if error logging is enabled in php.ini. Additionally, individual php scripts may cause the web server to be vulnerable if the script uses the syslog() php function regardless of error logging in php.ini.
Homepage:http://www.freebsd.org/security
File Size:4723
Last Modified:Nov 26 04:20:44 2000
MD5 Checksum:c036d7b02049de52f5c14b9ee192f911

 ///  File Name: FreeBSD-SA-02:41.smrsh
Description:
 The sendmail restricted shell command, smrsh, has handling errors that will allow for command arguments with || or spaces to execute commands outside of its target directory. This shell was originally intended to replace /bin/sh to limit built-in shell commands being used via sendmail.
Homepage:http://www.freebsd.org
File Size:4704
Last Modified:Nov 17 06:10:53 2002
MD5 Checksum:56bc24cb1514d9e5c1f70e9ad3458284

 ///  File Name: FreeBSD-SA-03:03.syncookies
Description:
 FreeBSD Security Advisory FreeBSD-SA-03:03 - The FreeBSD syncookie implementation uses keys that are only 32 bits in length, allowing remote attackers to recover the ISN, which can be valid for up to four seconds, allowing ACL's to be bypassed and TCP connections forged. syncookies may be disabled using the `net.inet.tcp.syncookies' sysctl(8) by running the following command as root: "sysctl net.inet.tcp.syncookies=0".
Homepage:http://www.freebsd.org/security
File Size:4702
Last Modified:Feb 25 10:33:06 2003
MD5 Checksum:c63d88b8c3ba56ae9ba89de75ec0918e

 ///  File Name: FreeBSD-SA-05-04.iconf.txt
Description:
 The SIOCGIFCONF ioctl, used to request the kernel to produce a list of interfaces, can be exploited to reveal 12 bytes of memory. It is not at all guaranteed that this memory will contain anything interesting.
Homepage:http://www.freebsd.org/security/
File Size:4669
Last Modified:Apr 24 23:12:00 2005
MD5 Checksum:66eb4676bc3cd1b2175f219366017011

 ///  File Name: FreeBSD-SA-01:57.sendmail
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:57 - Sendmail contains an input validation error which may lead to the execution of arbitrary code as root by local users. Upgrade to 8.11.6.
Homepage:http://www.freebsd.org/security
File Size:4653
Last Modified:Aug 28 09:01:11 2001
MD5 Checksum:5a7ac9a2e1d8582e3af70621cadabcd3

 ///  File Name: freebsd.sa-98.05.nfs
Description:
 system crash with NFS
File Size:4649
Last Modified:Sep 23 05:52:22 1999
MD5 Checksum:160c990009adcdeebf854ecdc10687f0

 ///  File Name: FreeBSD-SA-01_48.tcpdump
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:48 - An overflowable buffer was found in the version of tcpdump included with FreeBSD 4.x. Due to incorrect string length handling in the decoding of AFS RPC packets, a remote user may be able to overflow a buffer causing the local tcpdump process to crash. In addition, it may be possible to execute arbitrary code with the privileges of the user running tcpdump, often root.
Homepage:http://www.freebsd.org/security
File Size:4628
Last Modified:Aug 11 10:55:23 2001
MD5 Checksum:737aacf656253e40460951a6a5274418

 ///  File Name: FreeBSD-SA-01_42.signal.v1.1.asc
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:42 - A flaw exists in FreeBSD signal handler clearing that would allow for some signal handlers to remain in effect after the exec. Most of the signals were cleared, but some signal handlers were not. This allowed an attacker to execute arbitrary code in the context of a setuid binary. All versions of 4.x prior to the correction date including and 4.3-RELEASE are vulnerable to this problem.
Homepage:http://www.freebsd.org/security
File Size:4604
Last Modified:Aug 11 08:15:37 2001
MD5 Checksum:4da3fdfef63b51cc780ceb4cef6054ca

 ///  File Name: FreeBSD-SA-02:28.resolv
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:28 - The resolver code in libc contains remotely exploitable buffer overflows which can be triggered by specially crafted DNS replies. Since practically all Internet applications utilize the resolver, the severity of this issue is high.
Homepage:http://www.freebsd.org/security
File Size:4595
Last Modified:Jun 29 19:35:37 2002
MD5 Checksum:19dd23dd6b5d844483b485b09bc3f81a

 ///  File Name: FreeBSD-SA-01:10.bind
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:10 - A vulnerability exists with the bind nameserver prior to v8.2.3-REL which allows remote attackers to execute arbitrary code as root.
Homepage:http://www.freebsd.org/security
File Size:4586
Last Modified:Feb 12 04:04:44 2001
MD5 Checksum:5155a78ab04fbc9669e9710bf77c29b2

 ///  File Name: freebsd.sa-98.03.ttcp
Description:
 Problems with TTCP
File Size:4573
Last Modified:Sep 23 05:52:22 1999
MD5 Checksum:12a274244e61810b8281bed43b80abff

 ///  File Name: FreeBSD-SA-00:78.bitchx
Description:
 FreeBSD Security Advisory - The BitchX port, versions prior to 1.0c17_1, contains a remote vulnerability. Through a stack overflow in the DNS parsing code, a malicious remote user in control of their reverse DNS records may crash a BitchX session, or cause arbitrary code to be executed by the user running BitchX.
Homepage:http://www.freebsd.org/security
File Size:4563
Last Modified:Jan 1 06:46:43 2001
MD5 Checksum:be85e894d0e59dd629d4496fd8129e8a

 ///  File Name: FreeBSD-SA-00:39
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:39 - the issue involve two security problems involving netscape. A client-side exploit may be possible through a buffer overflow in JPEG-handling code and The Java Virtual Machine implementation has security vulnerabilities allowing a remote user to read the contents of local files accessible to the user running netscape, and to allow these files to be transmitted to any user on the internet.
Homepage:http://www.freebsd.org/security
File Size:4556
Last Modified:Aug 28 23:21:34 2000
MD5 Checksum:9a6fd817154d3a71cd447c72c0f2f85f

 ///  File Name: FreeBSD-SA-00:46.screen
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:46 - The screen port, versions 3.9.5 and before, contains a vulnerability which allows local users to gain root privileges. This is accomplished by inserting string-formatting operators into configuration parameters, which may allow arbitrary code to be executed.
Homepage:http://www.freebsd.org/security
File Size:4537
Last Modified:Sep 21 00:36:06 2000
MD5 Checksum:3e6fb0fa74230e1a9e0f9a91ed381752

 ///  File Name: FreeBSD-SA-00:37.cvsweb
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:37 - The cvsweb port, versions prior to 1.86, contains a vulnerability which allows users with commit access to a CVS repository monitored by cvsweb to execute arbitrary code as the user running the cvsweb.cgi script, which may be located on another machine where the committer has no direct access.
Homepage:http://www.freebsd.org/security
File Size:4534
Last Modified:Aug 15 05:27:58 2000
MD5 Checksum:369c22ebc44262a4748f2deccfdcc767

 ///  File Name: FreeBSD-SA-02:04.mutt
Description:
 FreeBSD Security Advisory FreeBSD-SA-02:04 - The mutt ports, versions prior to mutt-1.2.25_1 and mutt-devel-1.3.24_2, contain a buffer overflow in the handling of email addresses in headers.
Homepage:http://www.freebsd.org/security
File Size:4533
Last Modified:Jan 8 07:47:53 2002
MD5 Checksum:d09bbb8901217ededbbef00dce9d236d

 ///  File Name: FreeBSD-SA-00:63.getnameinfo
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:63 - Remote users may be able to cause a very small class of network servers to terminate abnormally, causing a denial of service condition. None of the standard services are affected, and the attacker needs to have control of the nameserver.
Homepage:http://www.freebsd.org/security
File Size:4453
Last Modified:Nov 2 00:34:35 2000
MD5 Checksum:fb2ba5e5c02a561806ae3fa7d8a57bea

 ///  File Name: freebsd.sa-00.07.mh
Description:
 FreeBSD Security Advisory - (Revised Mar 19) MH and its successor NMH are popular Mail User Agents, availabe in the FreeBSD ports collection. EXMH and EXMH2 are TCL/TK-based front-ends to the MH system. The mhshow command used for viewing MIME attachments contains a buffer overflow which can be exploited by a specially-crafted email attachment, which will allow the execution of arbitrary code as the local user when the attachment is opened. The japanese version is also vulnerable.
Homepage:http://www.freebsd.org
File Size:4431
Last Modified:Mar 24 02:56:09 2000
MD5 Checksum:3e571188ff7eec5a07aa4e51f0719aaa
 

 ///  Last 10 Files
  1. :· pacpoll-disclose.txt
  2. :· USN-682-1.txt
  3. :· USN-681-1.txt
  4. :· BMSA-2008-09.txt
  5. :· webhub-bypass.txt
  6. :· infinite-bypass.txt
  7. :· VA_VD_87_08_XRDP.pdf
  8. :· TKADV2008-013.txt
  9. :· sqlinj-insouts.txt
  10. :· bcoos1013-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· USN-682-1.txt
  2. :· USN-681-1.txt
  3. :· VA_VD_87_08_XRDP.pdf
  4. :· TKADV2008-013.txt
  5. :· dsa-1675-1.txt
  6. :· dsa-1674-1.txt
  7. :· dsa-1673-1.txt
  8. :· dsa-1672-1.txt
  9. :· USN-679-1.txt
  10. :· USN-680-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· pacpoll-disclose.txt
  2. :· BMSA-2008-09.txt
  3. :· webhub-bypass.txt
  4. :· infinite-bypass.txt
  5. :· bcoos1013-sql.txt
  6. :· preonline-cmsqlxss.txt
  7. :· preclass-sqlxss.txt
  8. :· aspportal-disclose.txt
  9. :· preshoppingmall-cmsqlxss.txt
  10. :· ezpoll-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· vncrush.txt
  2. :· rshatter.txt
  3. :· Exomind-v0.2.tar.gz
  4. :· clamav-0.94.2.tar.gz
  5. :· cadfile.zip
  6. :· anehta-v0.6.0fixed2.zip
  7. :· tagfuzz.txt
  8. :· BrowserRider.20081124.tar.bz2
  9. :· mp3nema-v0_2.tar.gz
  10. :· squid-nufw-helper-1.1.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· sqlinj-insouts.txt
  2. :· format-string-linux.txt
  3. :· frame-pointer-overwrite-linux.txt
  4. :· iptablesf.txt
  5. :· nufw-2.2.19.tar.gz
  6. :· frhack2009-cfp.txt
  7. :· oracle-forensics-scns.pdf
  8. :· cansecwest-2009.txt
  9. :· A5.1.zip
  10. :· a51-php.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice