FreeBSD-SA-22:02.wifi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:02.wifi Security Advisory The FreeBSD Project Topic: Multiple WiFi issues Category: core Module: net80211 Announced: 2022-03-15 Affects: FreeBSD 12.x and...

FreeBSD-SA-20:09.ntp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:09.ntp Security Advisory The FreeBSD Project Topic: Multiple denial of service in ntpd Category: contrib Module: ntp Announced: 2020-03-19 Credits: Philippe...

FreeBSD-SA-19:23.midi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:23.midi Security Advisory The FreeBSD Project Topic: kernel memory disclosure from /dev/midistat Category: core Module: sound Announced: 2019-08-20 Credits:...

ICU Project ICU4C Library Vulnerabilities Patched

Multitudes of software packages that make use of the ICU Project C/C++ and Java libraries may need to update after a pair of memory-based vulnerabilities were discovered and subsequently patched. Version 55.1 of the ICU Project ICU4C library, released yesterday, addresses separate heap-based buff...

Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability

Overview A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances. Description CWE-122: Heap-based Buffer Overflow From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an...

Cisco Patches Three-Year-Old Telnet Remote Code Execution Bug in Security Appliances

There is a severe remote code execution vulnerability in a number of Cisco’s security appliances, a bug that was first disclosed nearly three years ago. The vulnerability is in Telnet and there has been a Metasploit module available to exploit it for years. The FreeBSD Project first disclosed the...

OpenSSL leaks ECDSA private key through a remote timing attack

Overview The OpenSSL ladder implementation for scalar multiplication of points on elliptic curves over binary fields is susceptible to a timing attack vulnerability. This vulnerability can be used to steal the private key of a TLS server that authenticates with ECDSA signatures and binary curves...

FreeBSD-SA-08:09.icmp6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:09.icmp6 Security Advisory The FreeBSD Project Topic: Remote kernel panics on IPv6 connections Category: core Module: sysnetinet6 Announced: 2008-09-03 Credits...

FreeBSD-SA-06:02.ee

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:02.ee Security Advisory The FreeBSD Project Topic: ee temporary file privilege escalation Category: core Module: ee Announced: 2006-01-11 Credits: Christian...

phpMyAdminSQL.txt

phpMyAdmin serverprivileges.php SQL Injection Vulnerabilities. I. BACKGROUND phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. II. DESCRIPTION phpMyAdmin serverprivileges.php is prone to SQL Injection vulnerability. A remote attacker may execute...

phpMyAdmin server_privileges.php SQL Injection Vulnerabilities.

phpMyAdmin serverprivileges.php SQL Injection Vulnerabilities. I. BACKGROUND phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. II. DESCRIPTION phpMyAdmin serverprivileges.php is prone to SQL Injection vulnerability. A remote attacker may execute...