Section: .. / advisories / freebsd /
| /// File Name: |
FreeBSD-SA-01:17.exmh2 |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:17 - The exmh2 port, versions prior to 2.3.1, contains a local temp file vulnerability at startup.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 4001 | | Last Modified: | Feb 1 01:50:59 2001 |
| MD5 Checksum: | a9faebebaef977c6020f28b19c735bfd |
|
| /// File Name: |
FreeBSD-SA-02:06.sudo |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-02:06 - The sudo port prior to sudo-1.6.4.1 contains a local root vulnerability. If a user who has not been authorized by the system administrator (listed in the `sudoers' file) attempts to use sudo, sudo will send an email alert. When it does so, it invokes the system mailer with superuser privileges, and with most of the user's environment intact.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3996 | | Last Modified: | Jan 17 07:32:27 2002 |
| MD5 Checksum: | 7f294ea7b1a6a0173d80f56c6a973e86 |
|
| /// File Name: |
FreeBSD-SA-01:02.syslog-ng |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:02.syslog-ng - Syslog-ng prior to v1.4.9 contains a remote denial of service vulnerability due to incorrect log parsing.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3978 | | Last Modified: | Jan 17 07:36:25 2001 |
| MD5 Checksum: | c9860477751e2f4b349df917fc04a2d8 |
|
| /// File Name: |
FreeBSD-SA-00:44.xlockmore |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:44 - The xlockmore port, versions 4.17 and below, installs the setuid root binary xlock, which contains a vulnerability due to incorrect use of the syslog() function. The xlock program correctly drops root privileges prior to the point of vulnerability, however it may retain in memory part of the hashed password database for the user accounts on the system. Attackers who can retrieve hashed password information from the memory space of the process can mount attacks against the user account passwords and possibly gain access to accounts on the system if successful.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3969 | | Last Modified: | Sep 15 03:16:12 2000 |
| MD5 Checksum: | 3686546aaf47ba4acc5953a980da41ab |
|
| /// File Name: |
FreeBSD-SA-01:27.cfengine |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:27 - The cfengine port, versions prior to 1.6.1, contained several format string vulnerabilities which allow a remote attacker to execute arbitrary code on the local system as the user running cfengine, usually user root.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3936 | | Last Modified: | Mar 16 02:39:42 2001 |
| MD5 Checksum: | e4dba87acf45fc7dc236b41d82793082 |
|
| /// File Name: |
FreeBSD-SA-01:11.inetd |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:11 - The ident server included with FreeBSD inetd contains a vulnerability which allows remote users to read the first 16 bytes of files which are accessible by group wheel. The inetd internal ident server is not enabled by default - if you have not enabled the ident portion of inetd, you are not vulnerable.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3929 | | Last Modified: | Feb 12 04:07:30 2001 |
| MD5 Checksum: | d8e006208ec79428de3fd3055a9c2280 |
|
| /// File Name: |
FreeBSD-SA-00:65.xfce |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:65 - Xfce, a window manager for X from the ports collection, contains vulnerabilities which allows local users to access the X display, allowing them to monitor and control the contents of the display window as well as recording keyboard input.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3927 | | Last Modified: | Nov 7 07:05:03 2000 |
| MD5 Checksum: | 54591d466756cdf65945fbaec0e0cf7a |
|
| /// File Name: |
FreeBSD-SA-00:73.thttpd |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:73 - The thttpd port, versions prior to 2.20, allows remote viewing of arbitrary files on the local server. The 'ssi' cgi script does not correctly restrict URL-encoded requests containing ".." in the path. In addition, the cgi script does not have the same restrictions as the web server for preventing requests outside of the web root. These two flaws allow remote users to access any file on the system accessible to the web server user (user 'nobody' in the default configuration).
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3923 | | Last Modified: | Nov 26 04:13:09 2000 |
| MD5 Checksum: | fa548e80983167c60a1b6bcf51b12ca5 |
|
| /// File Name: |
FreeBSD-SA-00:57.muh |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:57 - The muh port, an IRC bouncer, versions 2.05c and below contains a vulnerability which allows remote users to gain the privileges of the user running muh. This is accomplished by sending a carefully crafted exploit string containing string format operators to a user using muh but who is not connected. When the user reconnects and executes '/muh read', muh will allow the remote attacker to execute arbitrary code as the local user.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3909 | | Last Modified: | Oct 15 21:05:06 2000 |
| MD5 Checksum: | 710c922d3f65b56d4e94495eab24f2ed |
|
| /// File Name: |
FreeBSD-SA-02:02.pw |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-02:02 - When creating, removing, or modifying system users, the pw utility modifies the system password file `/etc/master.passwd'. This file contains the users' encrypted passwords and is normally only readable by root. During the modification, a temporary copy of the file is created. However, this temporary file is mistakenly created with permissions that allow it to be read by any user. A race condition is created.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3907 | | Last Modified: | Jan 8 07:27:04 2002 |
| MD5 Checksum: | 17ba2012de0e3fd6cc0c8941f017d085 |
|
| /// File Name: |
FreeBSD-SA-00:66.netscape |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:66 - Versions of netscape prior to 4.76 allow a client-side exploit through a buffer overflow in html code. A malicious website operator can cause arbitrary code to be executed by the user running the netscape client.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3890 | | Last Modified: | Nov 7 07:37:57 2000 |
| MD5 Checksum: | 3c566b75460472426faed9d026b8619c |
|
| /// File Name: |
FreeBSD-SA-02:36.nfs |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-02:36 - A denial of service vulnerability has been discovered in FreeBSD NFS. A part of the NFS server code charged with handling incoming RPC messages had an error which, when the server received a message with a zero-length payload, would cause it to reference the payload from the previous message, creating a loop in the message chain. This would later cause an infinite loop in a different part of the NFS server code which tried to traverse the chain.
| | Homepage: | http://www.freebsd.org | | File Size: | 3888 | | Last Modified: | Aug 6 08:04:45 2002 |
| MD5 Checksum: | 6073dea31e45eb3a874042e3dbd1aebc |
|
| /// File Name: |
FreeBSD-SA-02:19.squid |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-02:19 - The squid port prior to version 2.4_9 contains a heap overflow in the DNS processing which can be triggered by a DNS server.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3862 | | Last Modified: | Mar 28 05:09:46 2002 |
| MD5 Checksum: | 56fcd18f6322f43091a3af1f0136dc48 |
|
| /// File Name: |
FreeBSD-SA-01:34.hylafax |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:34 - The hylafax port, versions prior to hylafax-4.1.b2_2, contains a format string bug in the hfaxd program. A local user may execute the hfaxd program with command-line arguments containing format string characters, gaining root privileges on the local system.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3861 | | Last Modified: | Apr 25 02:52:18 2001 |
| MD5 Checksum: | 36f4e44196ff626f346ead7a6cccca5b |
|
| /// File Name: |
FreeBSD-SA-01_41.hanterm |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:41 - The hanterm binary is installed with setuid root permissions, but contains insecure code which allows unprivileged local users to obtain root access on the local system.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3842 | | Last Modified: | Aug 11 08:13:33 2001 |
| MD5 Checksum: | faba6140ec7ce2713e95656d73a11730 |
|
| /// File Name: |
FreeBSD-SA-00:67.gnupg |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:67 - Versions of gnupg prior to 1.04 fail to correctly verify multiple signatures contained in a single document. Only the first signature encountered is actually verified, meaning that other data with invalid signatures (e.g. data which has been tampered with by an attacker) will not be verified, and the entire document will be treated as having valid signatures.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3835 | | Last Modified: | Nov 11 01:26:48 2000 |
| MD5 Checksum: | 849207dccd8f10c96af9c98ce3471186 |
|
| /// File Name: |
FreeBSD-SA-01:37.slrn |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:37.slrn - The slrn port, versions prior to slrn-0.9.7.0, contains a buffer overflow in the wrapping/unwrapping functions of message header parsing. If a sufficiently long header is parsed, a buffer may overflow allowing the execution of arbitrary code contained in a message header as the user running the slrn program.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3831 | | Last Modified: | Apr 25 02:57:10 2001 |
| MD5 Checksum: | 853d7a9ed7e8eed16729277939c48a7b |
|
| /// File Name: |
FreeBSD-SA-00:50.listmanager |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:50 - The listmanager port, versions prior to 2.105.1, contained several locally exploitable buffer overflow vulnerabilities which could be used to gain root privileges.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3828 | | Last Modified: | Sep 14 00:53:01 2000 |
| MD5 Checksum: | 8baa672b22f359e3f99b54e1734a2a27 |
|
| /// File Name: |
FreeBSD-SA-01:23.icecast |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01:23 - The icecast port, versions prior to 1.3.7_1, contains multiple format string vulnerabilities, which allow a remote attacker to execute arbitrary code as the user running icecast, usually the root user.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3827 | | Last Modified: | Mar 16 02:35:16 2001 |
| MD5 Checksum: | 49782dde2f7496fcd56b54e2724b1ade |
|
| /// File Name: |
FreeBSD-SA-00:20.krb5 |
Description:
|
FreeBSD-SA-00:20 - The MIT Kerberos 5 port version 1.1.1 and earlier contains remote and local root vulnerabilities. Note that the implementations of Kerberos shipped in the FreeBSD base system is not the MIT version and not vulnerable to these problems. However, a very old release of FreeBSD dating from 1997 (FreeBSD 2.2.5) did ship with a closely MIT-derived Kerberos implementation ("eBones") and may be vulnerable to attacks of the kind described here.
| | Homepage: | http://www.freebsd.org | | File Size: | 3827 | | Last Modified: | May 26 22:59:12 2000 |
| MD5 Checksum: | 8bb5db5d646af71dc8e63b725797f28e |
|
| /// File Name: |
FreeBSD-SA-00:22.ssh |
Description:
|
FreeBSD-SA-00:22 - A patch added to the FreeBSD SSH port on 2000-01-14 incorrectly configured the SSH daemon to listen on an additional network port, 722, in addition to the usual port 22. This may cause a violation of security policy if the additional port is not subjected to the same access-controls (e.g. firewallling) as the standard SSH port.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3822 | | Last Modified: | Jun 9 02:35:20 2000 |
| MD5 Checksum: | ffa7946618207a5a3f5c3655832577a1 |
|
| /// File Name: |
freebsd.sa-98.08.ip_frag |
Description:
|
IP fragmentation denial of service
| | File Size: | 3820 | | Last Modified: | Sep 23 05:52:22 1999 |
| MD5 Checksum: | 0d6968af553d5d2365905da96f954354 |
|
| /// File Name: |
FreeBSD-SA-00:43 |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-00:43 - The brouted port is incorrectly installed setgid kmem, and contains several exploitable buffer overflows in command-line arguments. An attacker exploiting these to gain kmem privilege can easily upgrade to full root access by manipulating kernel memory
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3806 | | Last Modified: | Aug 28 23:58:47 2000 |
| MD5 Checksum: | a3411e0d9a13f39f570aa9b03f3f8921 |
|
| /// File Name: |
FreeBSD-SA-01_50.windowmaker |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-01_50 - The windowmaker ports, versions prior to windowmaker-0.65.0_2 and windowmaker-i18n-0.65.0_1, contain a potentially exploitable buffer overflow when displaying a very long window title in the window list menu. Since programs such as web browsers will include the contents of a webpage's title tag in window titles, this problem may allow authors of malicious webpages to cause windowmaker to crash and potentially execute arbitrary code as the user running windowmaker.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3767 | | Last Modified: | Aug 11 11:01:47 2001 |
| MD5 Checksum: | 2af8ce4e621e62b8612a2c714d77cb41 |
|
| /// File Name: |
FreeBSD-SA-02:27.rc |
Description:
|
FreeBSD Security Advisory FreeBSD-SA-02:27 - The FreeBSD rc scripts allow users may remove the contents of arbitrary directories if the /tmp/.X11-unix directory does not already exist and the system can be enticed to reboot.
| | Homepage: | http://www.freebsd.org/security | | File Size: | 3763 | | Last Modified: | May 30 07:34:02 2002 |
| MD5 Checksum: | 2ea504c46f51e35cc51cbbbcfa9e745b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
