EUVD-2009-4326

Malware in sbrugna...

FreeBSD : py-matrix-synapse -- multiple vulnerabilities in versions prior to 1.120.1 (71f3e9f0-bafc-11ef-885d-901b0e934d69)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 71f3e9f0-bafc-11ef-885d-901b0e934d69 advisory. element-hq/synapse developers report: The 1.120.1 release fixes multiple security...

FreeBSD-SA-23:15.stdio

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:15.libc Security Advisory The FreeBSD Project Topic: libc stdio buffer overflow Category: core Module: libc Announced: 2023-11-07 Credits: inooo All supporte...

Vulnerability fixed in libarchive

A vulnerability has been fixed in libarchive, a widely used library used by backup tools and tools such as tar, cpio etc. A local malicious person could exploit the vulnerability to cause a buffer overflow and thus potentially execute arbitrary code execute arbitrary code. In reporting the...

FreeBSD-SA-22:06.ioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:06.ioctl Security Advisory The FreeBSD Project Topic: mpr/mps/mpt driver ioctl heap out-of-bounds write Category: core Module: mpr, mps, mpt Announced:...

Vulnerabilities fixed in OpenSSL

The developers of OpenSSL have fixed two vulnerabilities. The vulnerabilities allow an unauthenticated remote malicious person to remotely able to cause a denial-of-service, or potentially gain access to sensitive data, including possibly private keys currently actively in use on the system. Misu...

FreeBSD-SA-19:07.mds

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:07.mds Security Advisory The FreeBSD Project Topic: Microarchitectural Data Sampling MDS Category: core Module: kernel Announced: 2019-05-14 Credits: Refer t...

FreeBSD-SA-14:24.sshd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:24.sshd Security Advisory The FreeBSD Project Topic: Denial of service attack against sshd8 Category: contrib Module: openssh Announced: 2014-11-04 Credits:...

FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:11.sendmail Security Advisory The FreeBSD Project Topic: sendmail improper close-on-exec flag handling Category: contrib Module: sendmail Announced: 2014-06-...

FreeBSD Security Advisory FreeBSD-SA-14:12.ktrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:12.ktrace Security Advisory The FreeBSD Project Topic: ktrace kernel memory disclosure Category: core Module: kern Announced: 2014-06-03 Credits: Jilles...

FreeBSD-SA-11:08.telnetd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:08.telnetd Security Advisory The FreeBSD Project Topic: telnetd code execution vulnerability Category: core Module: contrib Announced: 2011-12-23 Affects: All...

FreeBSD-SA-11:01.mountd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:01.mountd Security Advisory The FreeBSD Project Topic: Network ACL mishandling in mountd8 Category: core Module: mountd Announced: 2011-04-20 Credits: Ruslan...

FreeBSD : FreeBSD -- Inappropriate directory permissions in freebsd-update(8) (6e87b696-ca3e-11df-aade-0050568f000c)

When downloading updates to FreeBSD via 'freebsd-update fetch' or 'freebsd-update upgrade', the freebsd-update8 utility copies currently installed files into its working directory /var/db/freebsd-update by default both for the purpose of merging changes to configuration files and in order to be...

FreeBSD-SA-10:07.mbuf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:07.mbuf Security Advisory The FreeBSD Project Topic: Lost mbuf flag resulting in data corruption Category: core Module: kern Announced: 2010-07-13 Credits: Min...

FreeBSD-SA-10:05.opie

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:05.opie Security Advisory The FreeBSD Project Topic: OPIE off-by-one stack overflow Category: contrib Module: contribopie Announced: 2010-05-27 Credits:...

CVE-2009-4358

freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory /var/db/freebsd-update by default, which allows local users to read copies of sensitive files after a 1 freebsd-update fetch fetch or 2 freebsd-update upgrade upgrade operation...

CVE-2009-4358

CVE-2009-4358 affects FreeBSD 8.0, 7.2, 7.1, 6.4 and 6.3. The issue is insecure permissions in the working directory (/var/db/freebsd-update) used during freebsd-update fetch or upgrade, allowing local users to read copies of sensitive files. No exploitation details are provided here. The vulnera...

CVE-2009-4358

freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory /var/db/freebsd-update by default, which allows local users to read copies of sensitive files after a 1 freebsd-update fetch fetch or 2 freebsd-update upgrade upgrade operation...

FreeBSD Security Advisory (FreeBSD-SA-09:17.freebsd.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:17.freebsd.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD 'freebsd-update'工具不安全目录权限漏洞

Bugraq ID: 37190 FreeBSD是一款开放源代码的基于BSD的操作系统。 freebsd-update8工具用于下载，安装，升级。当通过'freebsd-update fetch'或 'freebsd-update upgrade'下载升级时，freebsd-update8工具会拷贝当前安装文件到工作目录默认为/var/db/freebsd-update，用于配置文件的合并更改，并能够回滚安装的更新。...