15 matches found
EUVD-2020-28580
Malware in sbrugna...
CVE-2020-7454
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module...
CVE-2020-7455
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel for kernel NAT or natd process...
CVE-2020-7454
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module...
CVE-2020-7454
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module...
CVE-2020-7455
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel for kernel NAT or natd process...
CVE-2020-7455
The vulnerability CVE-2020-7455 affects FreeBSD via the libalias FTP packet handler. The issue is an incorrect calculation of some packet lengths in libalias, which can disclose small memory amounts from either kernel space (in-kernel NAT) or natd process space (userspace NAT). Affects FreeBSD 12...
CVE-2020-7454
CVE-2020-7454 affects FreeBSD libalias/NAT, where libalias does not properly validate packet length, causing out-of-bounds read/write and potentially code execution. Affected: FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1, and 11.3-RE...
CVE-2020-7454
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module...
FreeBSD : FreeBSD -- Insufficient packet length validation in libalias (30ce591c-947b-11ea-92ab-00163e433440)
libalias3 packet handlers do not properly validate the packet length before accessing the protocol headers. As a result, if a libalias3 module does not properly validate the packet length before accessing the protocol header, it is possible for an out of bound read or write condition to occur...
FreeBSD : FreeBSD -- Memory disclosure vulnerability in libalias (78992249-947c-11ea-92ab-00163e433440)
The FTP packet handler in libalias incorrectly calculates some packet lengths. This may result in disclosing small amounts of memory from the kernel for the in-kernel NAT implementation or from the process space for natd for the userspace implementation. Impact : A malicious attacker could send...
FreeBSD-SA-20:13.libalias
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:13.libalias Security Advisory The FreeBSD Project Topic: Memory disclosure vulnerability in libalias Category: core Module: libalias Announced: 2020-05-12...
FreeBSD-SA-20:12.libalias
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:12.libalias Security Advisory The FreeBSD Project Topic: Insufficient packet length validation in libalias Category: core Module: libalias Announced:...
FreeBSD -- Insufficient packet length validation in libalias
Problem Description: libalias3 packet handlers do not properly validate the packet length before accessing the protocol headers. As a result, if a libalias3 module does not properly validate the packet length before accessing the protocol header, it is possible for an out of bound read or write...
FreeBSD -- Memory disclosure vulnerability in libalias
Problem Description: The FTP packet handler in libalias incorrectly calculates some packet lengths. This may result in disclosing small amounts of memory from the kernel for the in-kernel NAT implementation or from the process space for natd for the userspace implementation. Impact: A malicious...