23 matches found
EUVD-2001-0780
Malware in sbrugna...
PT-2023-23133 · Freebsd · Freebsd
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field, allowing an attacker to trigger a...
krb5 -- double-free vulnerabilities
An advisory published by the MIT Kerberos team says: The MIT Kerberos 5 implementation's Key Distribution Center KDC program contains a double-free vulnerability that potentially allows a remote attacker to execute arbitrary code. Compromise of a KDC host compromises the security of the entire...
heimdal kadmind remote heap buffer overflow
An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data int...
Kame Racoon Invalid Cookie Handling Remote DoS
The remote system appears to have a problem with processing requests with invalid cookie values. At least one VPN product racoon demonstrates this flaw. Racoon is integrated with: FreeBSD 4.0 and beyond OpenBSD 2.7 and beyond NetBSD 1.5 and beyond BSD/OS 4.2 and beyond However, the bug has only...
WMAPM 3.1 - Local Privilege Escalation
WMAPM 3.1 - Local Privilege Escalation source: https://www.securityfocus.com/bid/8995/info wmapm has been reported prone to a local privilege escalation vulnerability. The vulnerability has been conjectured to result from a lack of relative path usage while the vulnerable dock app is invoking a...
Samba 2.2.8 Remote Root Exploit - sambal.c
Exploit for linux platform in category remote exploits ========================================== Samba 2.2.8 Remote Root Exploit - sambal.c ========================================== / Remote root exploit for Samba 2.2.x and prior that works against Linux all distributions, FreeBSD 4.x, 5.x,...
Samba < 2.2.8 (Linux/BSD) - Remote Code Execution
/ Remote root exploit for Samba 2.2.x and prior that works against Linux all distributions, FreeBSD 4.x, 5.x, NetBSD 1.x and OpenBSD 2.x, 3.x and 3.2 non-executable stack. sambal.c is able to identify samba boxes. It will send a netbios name packet to port 137. If the box responds with the mac...
Samba Multiple Unspecified Remote Buffer Overflow Vulnerabilities
Description Multiple remote buffer overflow vulnerabilities have been reported for Samba and Samba-TNG. Although unspecified, it is likely that these issues are exploitable by an attacker to execute arbitrary code. All code executed in this manner would be run with the privileges of Samba,...
Cyrus IMAP pre-authentication heap overflow vulnerability
In December 2002, Timo Sirainen reported: Cyrus IMAP server has a remotely exploitable pre-login buffer overflow. ... Note that you don't have to log in before exploiting this, and since Cyrus runs everything under one UID, it's possible to read every user's mail in the system. It is unknown...
Apache 1.x2.0.x - Chunked-Encoding Memory Corruption (1)
Apache 1.x2.0.x - Chunked-Encoding Memory Corruption 1 // source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretatio...
Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (2)
// source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer value. Consequently, several...
Pine Internet Advisory: Setuid application execution may give local root in FreeBSD
-----BEGIN PGP SIGNED MESSAGE----- ----------------------------------------------------------------------------- Pine Internet Security Advisory ----------------------------------------------------------------------------- Advisory ID : PINE-CERT-20020401 Authors : Joost Pol [email protected] Issue...
Security Advisory FreeBSD-SA-01:52.fragment
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:52 Security Advisory FreeBSD, Inc. Topic: Denial of service using fragmented IPv4 packets Category: kernel Announced: 2001-08-06 Credits: "James Thomas" via NetBSD Affect...
CVE-2001-0230
Buffer overflow in dc20ctrl before 0.41 in FreeBSD, and possibly other operating systems, allows local users to gain privileges...
FreeBSD-SA-01:39.tcp-isn
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:39 Security Advisory FreeBSD, Inc. Topic: TCP initial sequence number generation contains statistical vulnerability Category: core Module: kernel Announced: 2001-05-02...
FreeBSD-SA-01:12.periodic
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:12 Security Advisory FreeBSD, Inc. Topic: periodic uses insecure temporary files REVISED Category: core Module: periodic Announced: 2001-01-29 Revised: 2001-01-29 Credits...
Race condition in periodic
Overview A race condition in the 'periodic' script allows local files to be overwritten. We believe that 'periodic' is typically used only with FreeBSD systems, though it may be installed on other systems. Description 'periodic' is a script used in conjunction with cron to execute jobs at specifi...
FreeBSD-SA-00:54.fingerd
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:54 Security Advisory FreeBSD, Inc. Topic: fingerd allows remote reading of filesystem Category: core Module: fingerd Announced: 2000-10-13 Credits: NIIMI Satoshi Affects:...
Security Advisory: FreeBSD-SA-00:23.ip-options
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:23 Security Advisory FreeBSD, Inc. Topic: Remote denial-of-service in IP stack Category: core Module: kernel Announced: 2000-06-19 Affects: FreeBSD systems prior to the...