EUVD-2012-4504

Malware in sbrugna...

Information disclosure

On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance IRI. External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface e.g. fxp0 thus...

XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug

XADV-2013005 FreeBSD 10 = nand Driver IOCTL Kernel Memory Leak Bug 1. Overview The nand driver in freebsd = 10 has a vulnerability to leak arbitrary kernel memory to the userspace. It's occured at nandioctl kernel function and because no proper initialize the allocated kernel memory. It's the...

CVE-2013-6832

The nandioctl function in sys/dev/nand/nandgeom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

Design/Logic Flaw

The nandioctl function in sys/dev/nand/nandgeom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

Design/Logic Flaw

The qlseioctl function in sys/dev/qlxge/qlsioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

CVE-2013-6833

The qlseioctl function in sys/dev/qlxge/qlsioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

FreeBSD 10 nand Driver IOCTL Kernel Memory Leak Bug

The nand driver in FreeBSD versions 10 and below has a vulnerability that leaks arbitrary kernel memory to the userspace. XADV-2013005 FreeBSD 10 site: http://www.x90c.org References: 1 http://www.unix.com/man-page/freebsd/9/malloc/ 2...

FreeBSD 10 qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak

The qlxge/qlxgbe driver in FreeBSD versions 10 and below has vulnerabilities that leak arbitrary kernel memory to the userspace. XADV-2013006 FreeBSD site: http://www.x90c.org References: 1 http://fxr.watson.org/fxr/source/dev/qlxge/README.txt?v=FREEBSD10 2...

Design/Logic Flaw

The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack...

CVE-2012-4578

The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack...

CVE-2012-4578

The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack...

CVE-2012-4578

The CVE-2012-4578 entry describes a vulnerability in the geli encryption provider 7 before r239184 on FreeBSD 10 where a weak Master Key is used. This weakness could allow a local attacker to defeat the cryptographic protection via brute-forcing. Documents identify the affected component as geli ...