Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:10:04 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1950935712&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fadvisories%2Ffreebsd%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1950935712.1338178204.1338178204.1338178204.1%3B%2B__utmz%3D32867617.1338178204.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/50590/FreeBSD-SA-06%3A23.openssl-2.txt http://packetstormsecurity.org/files/50590/FreeBSD-SA-06%3A23.openssl-2.txt http://packetstormsecurity.org/files/50590/FreeBSD-Security-Advisory-2006.23.html Wed, 04 Oct 2006 20:10:12 GMT FreeBSD Security Advisory: Multiple problems in crypto(3) [revised] http://packetstormsecurity.org/files/50576/FreeBSD-SA-06-23.openssl.txt http://packetstormsecurity.org/files/50576/FreeBSD-SA-06-23.openssl.txt http://packetstormsecurity.org/files/50576/FreeBSD-SA-06-23.openssl.txt.html Wed, 04 Oct 2006 19:09:18 GMT FreeBSD Security Advisory: Multiple problems in crypto(3) http://packetstormsecurity.org/files/49808/FreeBSD-SA-06-20.bind.txt http://packetstormsecurity.org/files/49808/FreeBSD-SA-06-20.bind.txt http://packetstormsecurity.org/files/49808/FreeBSD-SA-06-20.bind.txt.html Fri, 08 Sep 2006 05:28:51 GMT FreeBSD Security Advisory - BIND 9 suffers from multiple denial of service vulnerabilities. http://packetstormsecurity.org/files/49807/FreeBSD-SA-06-19.openssl.txt http://packetstormsecurity.org/files/49807/FreeBSD-SA-06-19.openssl.txt http://packetstormsecurity.org/files/49807/FreeBSD-SA-06-19.openssl.txt.html Fri, 08 Sep 2006 05:27:29 GMT FreeBSD Security Advisory - When verifying a PKCS#1 version 1.5 signature, OpenSSL ignores any bytes which follow the cryptographic hash being signed. In a valid signature there will be no such bytes. http://packetstormsecurity.org/files/49460/FreeBSD-SA-06-08.ppp.txt http://packetstormsecurity.org/files/49460/FreeBSD-SA-06-08.ppp.txt http://packetstormsecurity.org/files/49460/FreeBSD-SA-06-08.ppp.txt.html Mon, 28 Aug 2006 00:01:06 GMT FreeBSD Security Advisory - While processing Link Control Protocol (LCP) configuration options received from the remote host, ppp fails to correctly validate option lengths. This may result in data being read or written beyond the allocated kernel memory buffer. http://packetstormsecurity.org/files/46942/FreeBSD-SA-06-16.smbfs.txt http://packetstormsecurity.org/files/46942/FreeBSD-SA-06-16.smbfs.txt http://packetstormsecurity.org/files/46942/FreeBSD-SA-06-16.smbfs.txt.html Thu, 01 Jun 2006 22:49:20 GMT FreeBSD Security Advisory FreeBSD-SA-06:16.smbfs: smbfs does not properly sanitize paths containing a backslash character; in particular the directory name '..\' is interpreted as the parent directory by the SMB/CIFS server, but smbfs handles it in the same manner as any other directory. http://packetstormsecurity.org/files/46941/FreeBSD-SA-06-15.ypserv.txt http://packetstormsecurity.org/files/46941/FreeBSD-SA-06-15.ypserv.txt http://packetstormsecurity.org/files/46941/FreeBSD-SA-06-15.ypserv.txt.html Thu, 01 Jun 2006 22:48:47 GMT FreeBSD Security Advisory FreeBSD-SA-06:15.ypserv: There are two documented methods of restricting access to NIS maps through ypserv(8): through the use of the /var/yp/securenets file, and through the /etc/hosts.allow file. While both mechanisms are implemented in the server, a change in the build process caused the "securenets" access restrictions to be inadvertently disabled. http://packetstormsecurity.org/files/45720/FreeBSD-SA-06-14.fpu.txt http://packetstormsecurity.org/files/45720/FreeBSD-SA-06-14.fpu.txt http://packetstormsecurity.org/files/45720/FreeBSD-SA-06-14.fpu.txt.html Wed, 26 Apr 2006 07:04:19 GMT FreeBSD Security Advisory FreeBSD-SA-06:14.fpu - FPU information disclosure: On affected processors, a local attacker can monitor the execution path of a process which uses floating-point operations. This may allow an attacker to steal cryptographic keys or other sensitive information. http://packetstormsecurity.org/files/44887/FreeBSD-SA-06-13.sendmail.txt http://packetstormsecurity.org/files/44887/FreeBSD-SA-06-13.sendmail.txt http://packetstormsecurity.org/files/44887/FreeBSD-SA-06-13.sendmail.txt.html Thu, 23 Mar 2006 20:52:47 GMT FreeBSD-SA-06:13.sendmail - A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root. http://packetstormsecurity.org/files/44886/FreeBSD-SA-06-12.opie.txt http://packetstormsecurity.org/files/44886/FreeBSD-SA-06-12.opie.txt http://packetstormsecurity.org/files/44886/FreeBSD-SA-06-12.opie.txt.html Thu, 23 Mar 2006 20:52:17 GMT FreeBSD-SA-06:12.opie - The opiepasswd(1) program uses getlogin(2) to identify the user calling opiepasswd(1). In some circumstances getlogin(2) will return "root" even when running as an unprivileged user. This causes opiepasswd(1) to allow an unpriviled user to configure OPIE authentication for the root user. http://packetstormsecurity.org/files/44885/FreeBSD-SA-06-11.ipsec.txt http://packetstormsecurity.org/files/44885/FreeBSD-SA-06-11.ipsec.txt http://packetstormsecurity.org/files/44885/FreeBSD-SA-06-11.ipsec.txt.html Thu, 23 Mar 2006 20:49:33 GMT FreeBSD-SA-06:11.ipsec - An attacker able to to intercept IPSec packets can replay them. If higher level protocols which do not provide any protection against packet replays (e.g., UDP) are used, this may have a variety of effects. http://packetstormsecurity.org/files/43376/FreeBSD-SA-06-07.pf.txt http://packetstormsecurity.org/files/43376/FreeBSD-SA-06-07.pf.txt http://packetstormsecurity.org/files/43376/FreeBSD-SA-06-07.pf.txt.html Thu, 26 Jan 2006 05:15:52 GMT FreeBSD-SA-06:07.pf - IP fragment handling panic in pf(4) http://packetstormsecurity.org/files/43375/FreeBSD-SA-06-06.kmem.txt http://packetstormsecurity.org/files/43375/FreeBSD-SA-06-06.kmem.txt http://packetstormsecurity.org/files/43375/FreeBSD-SA-06-06.kmem.txt.html Thu, 26 Jan 2006 05:15:18 GMT FreeBSD-SA-06:06.kmem - Local kernel memory disclosure. http://packetstormsecurity.org/files/43324/FreeBSD-SA-06-05.txt http://packetstormsecurity.org/files/43324/FreeBSD-SA-06-05.txt http://packetstormsecurity.org/files/43324/FreeBSD-SA-06-05.txt.html Wed, 25 Jan 2006 07:26:16 GMT FreeBSD-SA-06:05.80211 - An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer. http://packetstormsecurity.org/files/39904/FreeBSD-SA-05-20.cvsbug.txt http://packetstormsecurity.org/files/39904/FreeBSD-SA-05-20.cvsbug.txt http://packetstormsecurity.org/files/39904/FreeBSD-SA-05-20.cvsbug.txt.html Thu, 08 Sep 2005 01:02:42 GMT FreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file. http://packetstormsecurity.org/files/37226/FreeBSD-SA-05-04.iconf.txt http://packetstormsecurity.org/files/37226/FreeBSD-SA-05-04.iconf.txt http://packetstormsecurity.org/files/37226/FreeBSD-SA-05-04.iconf.txt.html Sun, 24 Apr 2005 21:12:00 GMT The SIOCGIFCONF ioctl, used to request the kernel to produce a list of interfaces, can be exploited to reveal 12 bytes of memory. It is not at all guaranteed that this memory will contain anything interesting. http://packetstormsecurity.org/files/31878/FreeBSD-SA-03%3A18.openssl http://packetstormsecurity.org/files/31878/FreeBSD-SA-03%3A18.openssl http://packetstormsecurity.org/files/31878/FreeBSD-Security-Advisory-2003.18.html Tue, 21 Oct 2003 03:02:14 GMT OpenSSL below v0.9.7c contain remotely exploitable vulnerabilities. More information available here. http://packetstormsecurity.org/files/30950/FreeBSD-SA-03%3A07.sendmail http://packetstormsecurity.org/files/30950/FreeBSD-SA-03%3A07.sendmail http://packetstormsecurity.org/files/30950/FreeBSD-Security-Advisory-2003.7.html Tue, 01 Apr 2003 08:01:15 GMT FreeBSD Security Advisory FreeBSD-SA-03:07 - A second remotely exploitable overflow was found in Sendmail header parsing. Upgrade to 8.12.9 to fix the vulnerability. Patch available here. http://packetstormsecurity.org/files/30862/FreeBSD-SA-03%3A04.sendmail http://packetstormsecurity.org/files/30862/FreeBSD-SA-03%3A04.sendmail http://packetstormsecurity.org/files/30862/FreeBSD-Security-Advisory-2003.4.html Mon, 03 Mar 2003 18:14:45 GMT FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail - ISS has identified a buffer overflow that may occur during header parsing in all versions of sendmail after version 5.79 through v8.12.7. Patch available here. http://packetstormsecurity.org/files/30850/FreeBSD-SA-03%3A02.openssl http://packetstormsecurity.org/files/30850/FreeBSD-SA-03%3A02.openssl http://packetstormsecurity.org/files/30850/FreeBSD-Security-Advisory-2003.2.html Wed, 26 Feb 2003 13:52:23 GMT FreeBSD Security Advisory FreeBSD-SA-03:02 Version 1.1 - OpenSSL v0.9.6h and below contains a timing-based vulnerability in CBC ciphersuites in SSL and TLS which can recover fixed plaintext blocks, like a password. http://packetstormsecurity.org/files/30851/FreeBSD-SA-03%3A03.syncookies http://packetstormsecurity.org/files/30851/FreeBSD-SA-03%3A03.syncookies http://packetstormsecurity.org/files/30851/FreeBSD-Security-Advisory-2003.3.html Tue, 25 Feb 2003 09:33:06 GMT FreeBSD Security Advisory FreeBSD-SA-03:03 - The FreeBSD syncookie implementation uses keys that are only 32 bits in length, allowing remote attackers to recover the ISN, which can be valid for up to four seconds, allowing ACL's to be bypassed and TCP connections forged. syncookies may be disabled using the 'net.inet.tcp.syncookies' sysctl(8) by running the following command as root: "sysctl net.inet.tcp.syncookies=0". http://packetstormsecurity.org/files/30784/FreeBSD-SA-03%3A01.cvs.txt http://packetstormsecurity.org/files/30784/FreeBSD-SA-03%3A01.cvs.txt http://packetstormsecurity.org/files/30784/FreeBSD-Security-Advisory-2003.1.html Wed, 05 Feb 2003 10:55:37 GMT FreeBSD Security Advisory FreeBSD-SA-03:01 - It has been found that the CVS server can be tricked to free memory more then once, which can be used for remote code execution. Additionally, the CVS server allowed clients with write access to specify arbitrary commands to execute as part of an update (update-prog) or commit (checkin-prog). This behavior has been restricted. This affects all FreeBSD versions prior to 4.6-RELEASE-p7, 4.7-RELEASE-p4 and 5.0-RELEASE-p1. http://packetstormsecurity.org/files/30722/FreeBSD-SA-02%3A44.filedesc http://packetstormsecurity.org/files/30722/FreeBSD-SA-02%3A44.filedesc http://packetstormsecurity.org/files/30722/FreeBSD-Security-Advisory-2002.44.html Thu, 09 Jan 2003 08:57:48 GMT FreeBSD Security Advisory FreeBSD-SA-02:44 - FreeBSD 4.3 and later is vulnerable to a local denial service attack due to a bug in the fpathconf system call which crashes the system by repeatedly calling fpathconf on a file descriptor until the reference count wraps to a negative value, then closing the file descriptor. See Pine-cert-20030101.txt for more information. http://packetstormsecurity.org/files/30017/FreeBSD-SA-02%3A43.bind http://packetstormsecurity.org/files/30017/FreeBSD-SA-02%3A43.bind http://packetstormsecurity.org/files/30017/FreeBSD-Security-Advisory-2002.43.html Tue, 19 Nov 2002 15:52:17 GMT FreeBSD Security Advisory FreeBSD-SA-02:43.bind - BIND 8 has two vulnerabilities. The BIND SIG Cached RR overflow allows a remote attacker to force a server with recursion enabled to execute arbitrary code with the privileges of the name server process. The BIND OPT DoS and BIND SIG Expiry Time DoS may cause a remote name server to crash. http://packetstormsecurity.org/files/29998/FreeBSD-SA-02%3A41.smrsh http://packetstormsecurity.org/files/29998/FreeBSD-SA-02%3A41.smrsh http://packetstormsecurity.org/files/29998/FreeBSD-Security-Advisory-2002.41.html Sun, 17 Nov 2002 05:10:53 GMT FreeBSD Security Advisory FreeBSD-SA-02:41 - The sendmail Restricted Shell command (smrsh) contains errors in the handling of command arguments with "||" or spaces which allow the execution of commands outside of those in its target directory. Since command arguments may be specified in local users' .forward' files, the smrsh restrictions may be bypassed using such files that are specially crafted.