Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
•added 2013/06/30 12:0 a.m.•24 views

phpMyAdmin -- Global variable scope injection

The phpMyAdmin development team reports: The import.php script was vulnerable to GLOBALS variable injection. Therefore, an attacker could manipulate any configuration parameter. This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents...

5.5CVSS6.6AI score0.01055EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2013/05/27 12:0 a.m.•24 views

telepathy-gabble -- TLS verification bypass

Simon McVittie reports: This release fixes a man-in-the-middle attack. If you use an unencrypted connection to a "legacy Jabber" pre-XMPP server, this version of Gabble will not connect until you make one of these configuration changes: . upgrade the server software to something that supports XMP...

6.8CVSS6.2AI score0.02027EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/03/19 12:0 a.m.•24 views

OpenVPN -- potential side-channel/timing attack when comparing HMACs

The OpenVPN project reports: OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function...

2.6CVSS6.7AI score0.02813EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2012/09/26 12:0 a.m.•24 views

dns/bind9* -- crash on deliberately constructed combination of records

ISC reports: A deliberately constructed combination of records could cause named to hang while populating the additional section of a response...

7.8CVSS8.5AI score0.34196EPSS
Exploits0
FreeBSD
FreeBSD
•added 2012/08/15 12:0 a.m.•24 views

GNU gatekeeper -- denial of service

Jan Willamowius reports: GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service connection and thread consumption via a large number of connections...

5CVSS6.2AI score0.03871EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2012/08/12 12:0 a.m.•24 views

phpMyAdmin -- Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages

The phpMyAdmin development team reports: Using a crafted table name, it was possible to produce a XSS : 1 On the Database Structure page, creating a new table with a crafted name 2 On the Database Structure page, using the Empty and Drop links of the crafted table name 3 On the Table Operations...

3.5CVSS5.8AI score0.01449EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2012/08/08 12:0 a.m.•24 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 136643 137721 137957 High CVE-2012-2862: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team. 136968 137361 High CVE-2012-2863: Out-of-bounds writes in PDF viewer. Credit to...

7.5CVSS1.3AI score0.01116EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2012/07/19 12:0 a.m.•24 views

dns/nsd -- DoS vulnerability from non-standard DNS packet

Marek Vavrusa and Lubos Slovak report: It is possible to crash SIGSEGV a NSD child server process by sending it a non-standard DNS packet from any host on the internet. A crashed child process will automatically be restarted by the parent process, but an attacker may keep the NSD server occupied...

5CVSS6.3AI score0.09235EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2012/04/18 12:0 a.m.•24 views

bugzilla -- multiple vulnerabilities

A Bugzilla Security Advisory reports: The following security issues have been discovered in Bugzilla: Unauthorized Access Due to a lack of proper validation of the X-FORWARDED-FOR header of an authentication request, an attacker could bypass the current lockout policy used for protection against...

6.8AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2012/03/14 12:0 a.m.•24 views

rubygem-mail -- multiple vulnerabilities

rubygem-mail -- multiple vulnerabilities Two issues were fixed. They are a file system traversal in filedelivery method and arbitrary command execution when using exim or sendmail from the command line...

7.5CVSS6.9AI score0.04923EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2011/08/17 12:0 a.m.•24 views

PHP -- crypt() returns only the salt for MD5

PHP development team reports: If crypt is executed with MD5 salts, the return value consists of the salt only. DES and BLOWFISH salts work as expected...

1.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2010/07/29 12:0 a.m.•24 views

isolate -- local root exploit

Isolate currently suffers from some bad security bugs! These are local root privilege escalation bugs. Thanks to the helpful person who reported them email Chris if you want credit!. We're working to fix them ASAP, but until then, isolate is unsafe and you should uninstall it. Sorry!...

1.7AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2010/05/26 12:0 a.m.•24 views

mDNSResponder -- corrupted stack crash when parsing bad resolv.conf

Juli Mallett reports: mdnsd will crash on some systems with a corrupt stack and once that's fixed it will still leak a file descriptor when parsing resolv.conf. The crash is because scanf is used with %10s for a buffer that is only 10 chars long. The buffer size needs increased to 11 chars to hol...

0.5AI score
Exploits0
FreeBSD
FreeBSD
•added 2010/04/30 12:0 a.m.•24 views

quagga -- two DoS vulnerabilities

Quagga developers report: Quagga 0.99.18 has been released. This release fixes 2 denial of services in bgpd, which can be remotely triggered by malformed AS-Pathlimit or Extended-Community attributes. These issues have been assigned CVE-2010-1674 and CVE-2010-1675. Support for AS-Pathlimit has be...

5CVSS6.6AI score0.13426EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2009/11/20 12:0 a.m.•24 views

dovecot -- Insecure directory permissions

Dovecot author reports: Dovecot v1.2.x had been creating basedir and its parents if necessary with 0777 permissions. The basedir's permissions get changed to 0755 automatically at startup, but you may need to chmod the parent directories manually...

5.5CVSS6.4AI score0.00375EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2009/10/15 12:0 a.m.•24 views

Enhanced cTorrent -- stack-based overflow

Securityfocus reports: cTorrent and dTorrent are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remote attackers to execute arbitrary...

9.3CVSS6.6AI score0.1414EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2009/09/14 12:0 a.m.•24 views

vlc -- stack overflow in MPA, AVI and ASF demuxer

VideoLAN reports: When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow. If successful, a malicious third party could trigger execution of arbitrary code within the context of...

4.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2009/06/04 12:0 a.m.•24 views

git -- denial of service vulnerability

SecurityFocus reports: Git is prone to a denial-of-service vulnerability because it fails to properly handle some client requests. Attackers can exploit this issue to cause a daemon process to enter an infinite loop. Repeated exploits may consume excessive system resources, resulting in a denial ...

5CVSS6.2AI score0.05819EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2009/03/16 12:0 a.m.•24 views

ejabberd -- cross-site scripting vulnerability

SecurityFocus reports: The ejabberd application is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials...

4.3CVSS6.8AI score0.01604EPSS
Exploits0
FreeBSD
FreeBSD
•added 2009/02/10 12:0 a.m.•24 views

tor -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Tor, where one has an unknown impact and others can be exploited by malicious people to cause a DoS. An error when running Tor as a directory authority can be exploited to trigger the execution of an infinite loop. An unspecified error...

5CVSS6.7AI score0.0192EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2009/02/04 12:0 a.m.•24 views

squid -- remote denial of service vulnerability

Squid security advisory 2009:1 reports: Due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests. This problem allows any client to perform a denial of service attack on the Squid service...

5CVSS3.8AI score0.71986EPSS
Exploits8References2
FreeBSD
FreeBSD
•added 2008/12/24 12:0 a.m.•24 views

ampache -- insecure temporary file usage

Secunia reports: A security issue has been reported in Ampache, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the "gather-messages.sh" script handling temporary files in an insecure manner. This can be...

7.2CVSS6.1AI score0.00392EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2008/12/15 12:0 a.m.•24 views

mediawiki -- multiple vulnerabilities

The MediaWiki development team reports: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Certain unspecified input related to uploads i...

6.8AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2008/11/11 12:0 a.m.•24 views

optipng -- arbitrary code execution via crafted BMP image

Secunia reports: A vulnerability has been reported in OptiPNG, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the BMP reader and can be exploited to cause a buffer overflow by tricking a user into...

9.3CVSS6.6AI score0.04023EPSS
Exploits2References3
FreeBSD
FreeBSD
•added 2008/08/24 12:0 a.m.•24 views

mgetty+sendfax -- symlink attack via insecure temporary files

Debian reports: Faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp. temporary file...

6.9CVSS6.2AI score0.00415EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/03/31 12:0 a.m.•24 views

powerdns-recursor -- DNS cache poisoning

If the system random number generator can be predicted by its past output, then an attacker may spoof Recursor to accept mallicious data. This leads to DNS cache poisoning and client redirection...

3.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2008/02/24 12:0 a.m.•24 views

flyspray -- multiple vulnerabilities

The Flyspray Project reports: Flyspray is affected by a Cross Site scripting Vulnerability due to an error escaping PHP's $SERVER'QUERYSTRING' superglobal, that can be maliciously used to inject arbitrary code into the savesearch javascript function. There is an XSS problem in the history tab, th...

5CVSS7.2AI score0.01205EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2007/12/19 12:0 a.m.•24 views

opera -- multiple vulnerabilities

Opera Software ASA reports about multiple security fixes: Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by David Bloom. Details will be disclosed at a later date. Fixed an issue with TLS certificates that could be used to execute arbitrary code, as...

4.3CVSS7AI score0.01597EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2007/11/01 12:0 a.m.•24 views

gftp -- multiple vulnerabilities

Gentoo reports: Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names. A remote attacker could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name,...

5CVSS7.1AI score0.02069EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2007/06/06 12:0 a.m.•24 views

mplayer -- cddb stack overflow

Mplayer Team reports: A stack overflow was found in the code used to handle cddb queries. When copying the album title and category, no checking was performed on the size of the strings before storing them in a fixed-size array. A malicious entry in the database could trigger a stack overflow in...

9.3CVSS7.4AI score0.05748EPSS
Exploits0
FreeBSD
FreeBSD
•added 2007/06/05 12:0 a.m.•24 views

flac123 -- stack overflow in comment parsing

isecpartners reports: flac123, also known as flac-tools, is vulnerable to a buffer overflow in vorbis comment parsing. This allows for the execution of arbitrary code...

9.3CVSS7.1AI score0.05538EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2007/06/01 12:0 a.m.•24 views

webmin -- cross site scripting vulnerability

Secunia reports: Input passed to unspecified parameters in pamlogin.cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

4.3CVSS7AI score0.01569EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2007/02/21 12:0 a.m.•24 views

typo3 -- email header injection

Olivier Dobberkau, Andreas Otto, and Thorsten Kahler report: An unspecified error in the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for, e.g. sending spam messages...

7.5CVSS6.7AI score0.014EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2006/10/16 12:0 a.m.•24 views

NVIDIA UNIX driver -- arbitrary root code execution vulnerability

Rapid7 reports: The NVIDIA Binary Graphics Driver for Linux is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as root. This bug can be exploited both locally or remotely via a remote X client or an X client which visits a malicious web page. A working proof-of-conce...

7.5CVSS7.2AI score0.26046EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2006/09/08 12:0 a.m.•24 views

drupal-pubcookie -- authentication may be bypassed

The Drupal Project reports: It is possible for a malicious user to spoof a user's identity by bypassing the login redirection mechanism in the pubcookie module. The malicious user may gain the privileges of the user they are spoofing, including the administrative user...

7.5CVSS6.5AI score0.01567EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2006/08/17 12:0 a.m.•24 views

libmusicbrainz -- multiple buffer overflow vulnerabilities

SecurityFocus reports about libmusicbrainz: The libmusicbrainz library is prone to multiple buffer-overflow vulnerabilities because the application fails to check the size of the data before copying it into a finite-sized internal memory buffer. An attacker can exploit these issues to execute...

7.5CVSS7.2AI score0.1364EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/06/03 12:0 a.m.•24 views

freeradius -- authentication bypass vulnerability

The freeradius development team reports: A validation issue exists with the EAP-MSCHAPv2 module in all versions from 1.0.0 where the module first appeared to 1.1.0. Insufficient input validation was being done in the EAP-MSCHAPv2 state machine. A malicious attacker could manipulate their...

7.5CVSS6.5AI score0.0276EPSS
Exploits0
FreeBSD
FreeBSD
•added 2006/02/28 12:0 a.m.•24 views

crossfire-server -- denial of service and remote code execution vulnerability

FRSIRT reports: A vulnerability has been identified in CrossFire, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service. This flaw is due to a buffer overflow error in the "oldsocketmode" module that fails to properly handle overly large requests,...

6.4CVSS7.1AI score0.17253EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/02/20 12:0 a.m.•24 views

bugzilla -- multiple vulnerabilities

Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to conduct SQL injection attacks, and by malicious people to disclose sensitive information and conduct script insertion attacks...

7.5CVSS7.1AI score0.01537EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2006/01/18 12:0 a.m.•24 views

IEEE 802.11 -- buffer overflow

Problem description: An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer. Impact: An attacker able broadcast a carefully crafted beacon or probe response frame may be...

10CVSS7.2AI score0.05823EPSS
Exploits1
FreeBSD
FreeBSD
•added 2005/11/17 12:0 a.m.•24 views

mambo -- "register_globals" emulation layer overwrite vulnerability

A Secunia Advisory reports: peter MC tachatte has discovered a vulnerability in Mambo, which can be exploited by malicious people to manipulate certain information and compromise a vulnerable system. The vulnerability is caused due to an error in the "registerglobals" emulation layer in...

1.7AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2005/10/21 12:0 a.m.•24 views

fetchmail -- fetchmailconf local password exposure

The fetchmail team reports: The fetchmailconf program before and excluding version 1.49 opened the run control file, wrote the configuration to it, and only then changed the mode to 0600 rw-------. Writing the file, which usually contains passwords, before making it unreadable to other users, can...

2.1CVSS6.6AI score0.00453EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/08/16 12:0 a.m.•24 views

acroread -- plug-in buffer overflow vulnerability

A Adobe Security Advisory reports: The identified vulnerability is a buffer overflow within a core application plug-in, which is part of Adobe Acrobat and Adobe Reader. If a malicious file were opened it could trigger a buffer overflow as the file is being loaded into Adobe Acrobat and Adobe...

7.5CVSS6.9AI score0.13245EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/07/05 12:0 a.m.•24 views

phppgadmin -- "formLanguage" local file inclusion vulnerability

A Secunia Advisory reports: A vulnerability has been reported in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information. Input passed to the "formLanguage" parameter in "index.php" isn't properly verified, before it is used to include files. This can be exploited...

5CVSS6.1AI score0.04638EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2005/06/15 12:0 a.m.•24 views

p5-Mail-SpamAssassin -- denial of service vulnerability

Apache SpamAssassin Security Team reports: Apache SpamAssassin 3.0.4 was recently released, and fixes a denial of service vulnerability in versions 3.0.1, 3.0.2, and 3.0.3. The vulnerability allows certain misformatted long message headers to cause spam checking to take a very long time. While th...

5CVSS6.2AI score0.08349EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/06/09 12:0 a.m.•24 views

tcpdump -- infinite loops in protocol decoding

Problem Description Several tcpdump protocol decoders contain programming errors which can cause them to go into infinite loops. Impact An attacker can inject specially crafted packets into the network which, when processed by tcpdump, could lead to a denial-of-service. After the attack, tcpdump...

6.3AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2005/05/19 12:0 a.m.•24 views

ppxp -- local root exploit

A Debian Advisory reports: Jens Steube discovered that ppxp, yet another PPP program, does not release root privileges when opening potentially user supplied log files. This can be tricked into opening a root shell...

7.2CVSS6.5AI score0.00399EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/05/11 12:0 a.m.•24 views

mozilla -- "Wrapped" javascript: urls bypass security checks

A Mozilla Foundation Security Advisory reports: Some security checks intended to prevent script injection were incorrect and could be bypassed by wrapping a javascript: url in the view-source: pseudo-protocol. Michael Krax demonstrated that a variant of his favicon exploit could still execute...

0.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2005/05/11 12:0 a.m.•24 views

squid -- DNS lookup spoofing vulnerability

The squid patches page notes: Malicious users may spoof DNS lookups if the DNS client UDP port random, assigned by OS as startup is unfiltered and your network is not protected from IP spoofing...

6.4CVSS6.4AI score0.02357EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2005/04/26 12:0 a.m.•24 views

rkhunter -- insecure temporary file creation

Gentoo reports: Sune Kloppenborg Jeppesen and Tavis Ormandy of the Gentoo Linux Security Team have reported that the checkupdate.sh script and the main rkhunter script insecurely creates several temporary files with predictable filenames. A local attacker could create symbolic links in the...

2.1CVSS6.1AI score0.00342EPSS
Exploits0References1
Total number of security vulnerabilities5000