4 matches found
CVE-2009-3527
CVE-2009-3527: Concrete details exist in connected docs. A race condition in FreeBSD 6.3/6.4’s Pipe (IPC) close function can lead to a use-after-free via kqueues, causing local denial of service (crash) or privilege gain through NULL pointer dereference/memory corruption. Affected software: FreeB...
Stack overflow
Stack-based buffer overflow in the commandExpandInterpret function in command.c in ppp aka user-ppp, as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "" characters...
*BSD user-ppp local root (when conditions permit)
// / pppx.conf - Point to Point Protocol a.k.a. user-ppp exploit by sipher / / 2003 / 12 /23 - PRIVATE CODE / / Program terminated with signal 11, Segmentation fault. / / 0 0xbeefdead in ?? / // I just tested this on FreeBSD 6.3. This bug was discovered on NetBSD. It also works on OpenBSD...
Design/Logic Flaw
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values...