.:[ packet storm ]:.
                               
preserving full disclosure
preserving full disclosure

 Section:  .. / advisories / freebsd  /

Page 3 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 50 - 75 of 257
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: FreeBSD-SA-00:62.top
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:62 - A "format string vulnerability" was discovered in the top(1) utility which allows unprivileged local users to cause the top process to execute arbitrary code. The top utility runs with increased privileges as a member of the kmem group, which allows it to read from kernel memory (but not write to it). A process with the ability to read from kernel memory can monitor privileged data such as network traffic, disk buffers and terminal activity, and may be able to leverage this to obtain further privileges on the local system or on other systems, including root privileges.
Homepage:http://www.freebsd.org/security
File Size:5461
Last Modified:Nov 7 06:28:10 2000
MD5 Checksum:04593d98dec2c18878ea55dca7407670

 ///  File Name: FreeBSD-SA-00:63.getnameinfo
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:63 - Remote users may be able to cause a very small class of network servers to terminate abnormally, causing a denial of service condition. None of the standard services are affected, and the attacker needs to have control of the nameserver.
Homepage:http://www.freebsd.org/security
File Size:4453
Last Modified:Nov 2 00:34:35 2000
MD5 Checksum:fb2ba5e5c02a561806ae3fa7d8a57bea

 ///  File Name: FreeBSD-SA-00:64.global
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:64 - The global port, versions 3.5 through to 3.55, contains a vulnerability in the CGI script generated by the htags utility which allows a remote attacker to execute code on the local system as the user running the script, typically user nobody.
Homepage:http://www.freebsd.org/security
File Size:4401
Last Modified:Nov 7 06:30:31 2000
MD5 Checksum:f5a7cf85e7461bed79930ecb37bb0a9e

 ///  File Name: FreeBSD-SA-00:65.xfce
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:65 - Xfce, a window manager for X from the ports collection, contains vulnerabilities which allows local users to access the X display, allowing them to monitor and control the contents of the display window as well as recording keyboard input.
Homepage:http://www.freebsd.org/security
File Size:3927
Last Modified:Nov 7 07:05:03 2000
MD5 Checksum:54591d466756cdf65945fbaec0e0cf7a

 ///  File Name: FreeBSD-SA-00:66.netscape
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:66 - Versions of netscape prior to 4.76 allow a client-side exploit through a buffer overflow in html code. A malicious website operator can cause arbitrary code to be executed by the user running the netscape client.
Homepage:http://www.freebsd.org/security
File Size:3890
Last Modified:Nov 7 07:37:57 2000
MD5 Checksum:3c566b75460472426faed9d026b8619c

 ///  File Name: FreeBSD-SA-00:67.gnupg
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:67 - Versions of gnupg prior to 1.04 fail to correctly verify multiple signatures contained in a single document. Only the first signature encountered is actually verified, meaning that other data with invalid signatures (e.g. data which has been tampered with by an attacker) will not be verified, and the entire document will be treated as having valid signatures.
Homepage:http://www.freebsd.org/security
File Size:3835
Last Modified:Nov 11 01:26:48 2000
MD5 Checksum:849207dccd8f10c96af9c98ce3471186

 ///  File Name: FreeBSD-SA-00:68.ncurses
Description:
 FreeBSD Security Advisory - The ncurses library, which comes with the base install of FreeBSD, contains exploitable buffer overflows. /usr/sbin/lpc, /usr/bin/top, and /usr/bin/systat link against ncurses and may be exploitable.
Homepage:http://www.freebsd.org/security
File Size:9064
Last Modified:Nov 26 04:23:35 2000
MD5 Checksum:c6a83bae017fe6df2f11cd3a306ac122

 ///  File Name: FreeBSD-SA-00:69.telnetd
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:69 - A denial of service attack in telnetd has been found. When changing the TERMCAP environment variable, it can be tricked into searching for termcap entries in any file on the system, taking up CPU resources. A valid account is not required.
Homepage:http://www.freebsd.org/security
File Size:8189
Last Modified:Nov 26 04:22:28 2000
MD5 Checksum:c041533f5283167eebc39dc3fd3587e8

 ///  File Name: FreeBSD-SA-00:70.ppp
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:70 - The firewall deny feature in ppp(8) is broken in recent releases, accidently accepting all packets. Thus, users who are using the deny_incoming functionality in the expectation that it provides a "deny by default" firewall which only allows through packets known to be part of an existing NAT session, are in fact allowing other types of unsolicited IP traffic into their internal network.
Homepage:http://www.freebsd.org/security
File Size:5200
Last Modified:Nov 16 03:14:14 2000
MD5 Checksum:89a7db4a6af06e3a4bc4f17b480934d5

 ///  File Name: FreeBSD-SA-00:71.mgetty
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:71 - The mgetty port, versions prior to 1.1.22.8.17, contains a vulnerability that may allow local users to create or overwrite any file on the system. This is due to the faxrunqd daemon (which usually runs as root) following symbolic links when creating a .last_run file in the world-writable /var/spool/fax/outgoing/ directory. This presents a denial of service attack since the attacker can cause critical system files to be overwritten, but it is not believed the attacker has the ability to control the contents of the overwritten file. Therefore the possibility of using this attack to elevate privileges is believed to be minimal.
Homepage:http://www.freebsd.org/security
File Size:4115
Last Modified:Nov 26 04:07:21 2000
MD5 Checksum:d1564452a5a43f32304296d39ae1c78b

 ///  File Name: FreeBSD-SA-00:72.curl
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:73 - The curl port, versions prior to 7.4.1, allows a client-side exploit through a buffer overflow in the error handling code. A malicious ftp server operator can cause arbitrary code to be executed by the user running the curl client.
Homepage:http://www.freebsd.org/security
File Size:3651
Last Modified:Nov 26 04:10:46 2000
MD5 Checksum:ee47649ba1e8173863061b29692ee15c

 ///  File Name: FreeBSD-SA-00:73.thttpd
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:73 - The thttpd port, versions prior to 2.20, allows remote viewing of arbitrary files on the local server. The 'ssi' cgi script does not correctly restrict URL-encoded requests containing ".." in the path. In addition, the cgi script does not have the same restrictions as the web server for preventing requests outside of the web root. These two flaws allow remote users to access any file on the system accessible to the web server user (user 'nobody' in the default configuration).
Homepage:http://www.freebsd.org/security
File Size:3923
Last Modified:Nov 26 04:13:09 2000
MD5 Checksum:fa548e80983167c60a1b6bcf51b12ca5

 ///  File Name: FreeBSD-SA-00:75.mod_php
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:75 - The mod_php ports, versions prior to 3.0.17 (mod_php3) and 4.0.3 (mod_php4), contain a potential vulnerability that may allow a malicious remote user to execute arbitrary code as the user running the web server, typically user 'nobody'. The vulnerability is due to a format string vulnerability in the error logging routines. A web server is vulnerable if error logging is enabled in php.ini. Additionally, individual php scripts may cause the web server to be vulnerable if the script uses the syslog() php function regardless of error logging in php.ini.
Homepage:http://www.freebsd.org/security
File Size:4723
Last Modified:Nov 26 04:20:44 2000
MD5 Checksum:c036d7b02049de52f5c14b9ee192f911

 ///  File Name: FreeBSD-SA-00:76.tcsh-csh
Description:
 FreeBSD Security Advisory FreeBSD-SA-00:76 - The csh and tcsh code creates temporary files when the double less than operator is used, however these are created insecurely and use a predictable filename based on the process ID of the shell. An attacker can exploit this vulnerability to overwrite an arbitrary file writable by the user running the shell. The contents of the file are overwritten with the text being entered using the double less than operator, so it will usually not be under the control of the attacker, limiting the scope of this vulnerability to denial of service.
Homepage:http://www.freebsd.org/security
File Size:6135
Last Modified:Nov 26 04:31:01 2000
MD5 Checksum:cfa8155a8788755b09c66be7885c154d

 ///  File Name: FreeBSD-SA-00:77.procfs
Description:
 FreeBSD Security Advisory - Three problems affect the /proc filesystem on FreeBSD. The first allows unprivileged local users can gain superuser privileges due to insufficient access control checks on the /proc//mem and /proc//ctl files, which gives access to a process address space and perform various control operations on the process respectively. The second allows local users to deny service to a machine by mmap()ing a processes own /proc//mem file in the procfs filesystem. The third allows users with superuser privileges on the machine, including users with root privilege in a jail(8) virtual machine, to overflow a buffer in the kernel and bypass access control checks placed on the abilities of the superuser. This allows root users to break out of the jail environment, lower the securelevel, and load modules in kernels where module loading has been disabled.
Homepage:http://www.freebsd.org/security
File Size:8308
Last Modified:Jan 1 06:48:15 2001
MD5 Checksum:a20dd7da0916f260a090e370ce3de80b

 ///  File Name: FreeBSD-SA-00:78.bitchx
Description:
 FreeBSD Security Advisory - The BitchX port, versions prior to 1.0c17_1, contains a remote vulnerability. Through a stack overflow in the DNS parsing code, a malicious remote user in control of their reverse DNS records may crash a BitchX session, or cause arbitrary code to be executed by the user running BitchX.
Homepage:http://www.freebsd.org/security
File Size:4563
Last Modified:Jan 1 06:46:43 2001
MD5 Checksum:be85e894d0e59dd629d4496fd8129e8a

 ///  File Name: FreeBSD-SA-00:79:oops
Description:
 FreeBSD Security Advisory - The oops port, versions prior to 1.5.2, contains remote vulnerabilities through buffer and stack overflows in the HTML parsing code. These vulnerabilities may allow remote users to execute arbitrary code as the user running oops.
Homepage:http://www.freebsd.org/security
File Size:3592
Last Modified:Dec 21 23:21:47 2000
MD5 Checksum:556a1885b27dd4771d50fa80bac785db

 ///  File Name: FreeBSD-SA-00:80.halflifeserver
Description:
 FreeBSD Security Advisory - The halflifeserver port, versions prior to 3.1.0.4, contains local and remote vulnerabilities through buffer overflows and format string vulnerabilities which allow remote users to execute arbitrary code as the user running halflifeserver.
Homepage:http://www.freebsd.org/security
File Size:3230
Last Modified:Dec 22 00:00:01 2000
MD5 Checksum:7e900ba6fecb15e9b90d62b44a9c05b6

 ///  File Name: FreeBSD-SA-00:81.ethereal
Description:
 FreeBSD Security Advisory - The ethereal port, versions prior to 0.8.14, contains buffer overflows which allow a remote attacker to crash ethereal or execute arbitrary code on the local system as the user running ethereal, typically the root user. These vulnerabilities are identical to those described in advisory 00:61 relating to tcpdump.
Homepage:http://www.freebsd.org/security
File Size:3763
Last Modified:Dec 22 00:01:26 2000
MD5 Checksum:baaa05f7895dc191fdd49d9850329394

 ///  File Name: FreeBSD-SA-01:01.openssh
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:01.openssh - OpenSSH clients still allow X11 / Agent forwarding even if it is disabled, allowing hostile SSH servers can access your X11 display or your ssh-agent when connected to.
Homepage:http://www.freebsd.org/security
File Size:998
Last Modified:Jan 17 01:09:17 2001
MD5 Checksum:fe35c7a8e1de5284cf8597b234502b6a

 ///  File Name: FreeBSD-SA-01:02.syslog-ng
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:02.syslog-ng - Syslog-ng prior to v1.4.9 contains a remote denial of service vulnerability due to incorrect log parsing.
Homepage:http://www.freebsd.org/security
File Size:3978
Last Modified:Jan 17 07:36:25 2001
MD5 Checksum:c9860477751e2f4b349df917fc04a2d8

 ///  File Name: FreeBSD-SA-01:03.bash1
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:03.bash1 - Bash creates insecure tempfiles when the double-lessthan operator is used.
Homepage:http://www.freebsd.org/security
File Size:4758
Last Modified:Jan 17 07:39:51 2001
MD5 Checksum:059e2aceea97c5110789ce65a986c19c

 ///  File Name: FreeBSD-SA-01:04.joe
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:04.joe - The joe port, versions prior to 2.8_2, contains a local temp file bug if it exits abnormally.
Homepage:http://www.freebsd.org/security
File Size:4256
Last Modified:Jan 17 07:43:59 2001
MD5 Checksum:abe6f14221438537d7144779e2282d89

 ///  File Name: FreeBSD-SA-01:05.stunnel
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:05.stunnel - The stunnel port, versions prior to 3.9, contains a vulnerability which could allow remote compromise. When debugging is turned on (using the -d 7 option), stunnel will perform identd queries of remote connections, and the username returned by the remote identd server is written to the log file. Due to incorrect usage of syslog(), a malicious remote user who can manipulate their identd username can take advantage of string-formatting operators to execute arbitrary code on the local system as the user running stunnel, often the root user.
Homepage:http://www.freebsd.org/security
File Size:4018
Last Modified:Jan 17 07:48:40 2001
MD5 Checksum:4ea2a22d7656e916c1862544b87919e0

 ///  File Name: FreeBSD-SA-01:06.zope
Description:
 FreeBSD Security Advisory FreeBSD-SA-01:06.zope - The zope port, versions prior to 2.2.4, contains a vulnerability due to the computation of local roles not climbing the correct hierarchy of folders, sometimes granting local roles inappropriately. This may allow users with privileges in one folder to gain the same privileges in another folder.
Homepage:http://www.freebsd.org/security
File Size:3625
Last Modified:Jan 17 07:54:33 2001
MD5 Checksum:35e7c60c1c8026dfa91e332c100feec3
 

 ///  Last 10 Files
  1. :· BrowserRider.20081124.tar.bz2
  2. :· pieweb-rfi.txt
  3. :· FreeBSD-SA-08.11.arc4random.txt
  4. :· USN-677-1.txt
  5. :· dsa-1671-1.txt
  6. :· dsa-1670-1.txt
  7. :· quicksilverforums-rce.txt
  8. :· webstudio-sql.txt
  9. :· siemens-dos.txt
  10. :· nitrotech-rfisql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· FreeBSD-SA-08.11.arc4random.txt
  2. :· USN-677-1.txt
  3. :· dsa-1671-1.txt
  4. :· dsa-1670-1.txt
  5. :· USN-676-1.txt
  6. :· USN-675-2.txt
  7. :· USN-675-1.txt
  8. :· USN-674-2.txt
  9. :· SVRT-05-08.txt
  10. :· 2008-01-flash.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· pieweb-rfi.txt
  2. :· quicksilverforums-rce.txt
  3. :· webstudio-sql.txt
  4. :· siemens-dos.txt
  5. :· nitrotech-rfisql.txt
  6. :· bandwebsite-sqlxss.txt
  7. :· ftpzik-xsslfi.txt
  8. :· tvp-crash.txt
  9. :· googlechrome-obfuscate.tgz
  10. :· w3camayaid-overflow.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· BrowserRider.20081124.tar.bz2
  2. :· mp3nema-v0_2.tar.gz
  3. :· squid-nufw-helper-1.1.3.tar.gz
  4. :· xplico-0.1_deft4.tgz
  5. :· ksplice-0.9.4-src.tar.gz
  6. :· fwknop-1.9.9.tar.gz
  7. :· pysumpas-0.2.0.tar.gz
  8. :· framework-3.2.tar.gz
  9. :· tor.uclibc.i686.20081115.iso
  10. :· RFIDIOt-Windows-0.1u.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· tcpip_lib51.zip
  2. :· linuxrsa-shellcode.txt
  3. :· linuxcb-shellcode.txt
  4. :· 25bytes-execve.txt
  5. :· execve-shellcode.txt
  6. :· java2-malware.pdf
  7. :· return-to-libc-linux.txt
  8. :· stack-overflow-linux.txt
  9. :· smallest_setuid_execve_sc.c
  10. :· sudoers-shellcode.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice