Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3070-1:94A8E
HistoryNov 07, 2014 - 5:55 p.m.

[SECURITY] [DSA 3070-1] kfreebsd-9 security update

2014-11-0717:55:14
lists.debian.org
10

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Debian Security Advisory DSA-3070-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
November 07, 2014 http://www.debian.org/security/faq

Package : kfreebsd-9
CVE ID : CVE-2014-3711 CVE-2014-3952 CVE-2014-3953 CVE-2014-8476

Several vulnerabilities have been discovered in the FreeBSD kernel that
may lead to a denial of service or information disclosure.

CVE-2014-3711

Denial of service through memory leak in sandboxed namei lookups.

CVE-2014-3952

Kernel memory disclosure in sockbuf control messages.

CVE-2014-3953

Kernel memory disclosure in SCTP. This update disables SCTP, since the
userspace tools shipped in Wheezy didn't support SCTP anyway.

CVE-2014-8476

Kernel stack disclosure in setlogin() and getlogin().

For the stable distribution (wheezy), these problems have been fixed in
version 9.0-10+deb70.8.

We recommend that you upgrade your kfreebsd-9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7allkfreebsd-9< 9.0-10+deb70.8kfreebsd-9_9.0-10+deb70.8_all.deb

Related

nessus 4
openvas 2
osv 1
securityvulns 6
freebsd 3
freebsd_advisory 3
cve 4
prion 4
debiancve 4
ubuntucve 1
nessus
nessus
Debian DSA-3070-1 : kfreebsd-9 - security update
2014-11-10 00:00:00
FreeBSD : FreeBSD -- Kernel memory disclosure in control messages and SCTP (7240de58-6007-11e6-a6c3-14dae9d210b8)
2016-08-12 00:00:00
FreeBSD : FreeBSD -- Kernel stack disclosure in setlogin(2) / getlogin(2) (74389f22-6007-11e6-a6c3-14dae9d210b8)
2016-08-12 00:00:00
openvas
openvas
Debian Security Advisory DSA 3070-1 (kfreebsd-9 - security update)
2014-11-07 00:00:00
Debian: Security Advisory (DSA-3070-1)
2014-11-06 00:00:00
osv
osv
kfreebsd-9 - security update
2014-11-07 00:00:00
securityvulns
securityvulns
FreeBSD information leakage
2014-07-14 00:00:00
FreeBSD Security Advisory FreeBSD-SA-14:17.kmem
2014-07-14 00:00:00
FreeBSD information leakage
2014-11-10 00:00:00
freebsd
freebsd
FreeBSD -- Kernel memory disclosure in control messages and SCTP
2014-07-08 00:00:00
FreeBSD -- Kernel stack disclosure in setlogin(2) / getlogin(2)
2014-11-04 00:00:00
FreeBSD -- memory leak in sandboxed namei lookup
2014-10-21 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:17.kmem
2014-07-08 00:00:00
FreeBSD-SA-14:25.setlogin
2014-11-04 00:00:00
FreeBSD-SA-14:22.namei
2014-10-21 00:00:00
cve
cve
CVE-2014-3952
2014-07-15 14:55:00
CVE-2014-3953
2014-07-15 14:55:00
CVE-2014-8476
2014-11-13 21:32:00
prion
prion
Privilege escalation
2014-07-15 14:55:00
Design/Logic Flaw
2014-07-15 14:55:00
Buffer overflow
2014-11-13 21:32:00
debiancve
debiancve
CVE-2014-3952
2014-07-15 14:55:00
CVE-2014-3953
2014-07-15 14:55:00
CVE-2014-8476
2014-11-13 21:32:00
ubuntucve
ubuntucve
CVE-2014-8476
2014-11-13 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for DEBIAN:DSA-3070-1:94A8E
nessus4openvas2osv1securityvulns6freebsd3freebsd_advisory3cve4prion4debiancve4ubuntucve1