2 matches found
Another tcpdump BGP infinite loop vulnerability (CAN-2005-1267)
Hello While working on the FreeBSD Security Advisory for the recent tcpdump issues CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280 I noticed another similar infinite loop DoS vulnerability in the BGP handling code. It affects at least tcpdump 3.8.3 and tcpdump 3.9 snapshots from before May 5. The...
portupgrade -- insecure temporary file handling vulnerability
Simon L. Nielsen discovered that portupgrade handles temporary files in an insecure manner. This could allow an unprivileged local attacker to execute arbitrary commands or overwrite arbitrary files with the permissions of the user running portupgrade, typically root, by way of a symlink attack...