Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2013/11/15 12:0 a.m.22 views

subversion -- multiple vulnerabilities

Subversion Project reports: moddontdothat does not restrict requests from serf based clients moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs...

3.5CVSS6.3AI score0.07858EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2013/09/10 12:0 a.m.22 views

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system...

10CVSS6.5AI score0.05759EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2013/06/07 12:0 a.m.22 views

xdm -- remote denial of service

nvd.nist.gov reports X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service NULL pointer dereference and crash by attempting to log int...

4.3CVSS4AI score0.02437EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2012/12/31 12:0 a.m.22 views

ircd-ratbox and charybdis -- remote DoS vulnerability

atheme.org reports: All versions of Charybdis are vulnerable to a remotely-triggered crash bug caused by code originating from ircd-ratbox 2.0. Incidentally, this means all versions since ircd-ratbox 2.0 are also vulnerable...

2.8AI score
Exploits0References1
FreeBSD
FreeBSD
added 2012/08/14 12:0 a.m.22 views

roundcube -- cross-site scripting in HTML email messages

RoundCube branch 0.8.x prior to the version 0.8.1 is prone to the cross-scripting attack XSS originating from incoming HTML e-mails: due to the lack of proper sanitization of JavaScript code inside the "href" attribute, sender could launch XSS attack when recipient opens the message in RoundCube...

4.3CVSS5.9AI score0.04198EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2012/03/29 12:0 a.m.22 views

coppermine -- Multiple vulnerabilities

The Coppermine Team reports: The release covers several path disclosure vulnerabilities. If unpatched, it's possible to generate an error that will reveal the full path of the script. A remote user can determine the full path to the web root directory and other potentially sensitive information...

6AI score
Exploits0References2
FreeBSD
FreeBSD
added 2012/03/08 12:0 a.m.22 views

mutt-devel -- failure to check SMTP TLS server certificate

Dave B reports on Full Disclosure: It seems that mutt fails to check the validity of a SMTP servers certificate during a TLS connection. ... This means that an attacker could potentially MITM a mutt user connecting to their SMTP server even when the user has forced a TLS connection...

5.8CVSS2.6AI score0.01475EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2012/02/10 12:0 a.m.22 views

mozilla -- use-after-free in nsXBLDocumentInfo::ReadPrototypeBindings

The Mozilla Project reports: MFSA 2012-10 use after free in nsXBLDocumentInfo::ReadPrototypeBindings...

7.5CVSS9.4AI score0.03079EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2012/02/10 12:0 a.m.22 views

surf -- private information disclosure

surf does not protect its cookie jar against access read access from other local users...

5.5CVSS5.5AI score0.00381EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2012/01/10 12:0 a.m.22 views

PowerDNS -- Denial of Service Vulnerability

The PowerDNS Team reports: Using well crafted UDP packets, one or more PowerDNS servers could be made to enter a tight packet loop, causing temporary denial of service...

5CVSS6.3AI score0.05264EPSS
Exploits0
FreeBSD
FreeBSD
added 2011/12/23 12:0 a.m.22 views

FreeBSD -- pam_ssh() does not validate service names

Problem Description: Some third-party applications, including KDE's kcheckpass command, allow the user to specify the name of the policy on the command line. Since OpenPAM treats the policy name as a path relative to /etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run such an...

6.9CVSS6.6AI score0.00905EPSS
Exploits1
FreeBSD
FreeBSD
added 2011/12/19 12:0 a.m.22 views

unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence

Unbound developer reports: Unbound crashes when confronted with a non-standard response from a server for a domain. This domain produces duplicate RRs from a certain type and is DNSSEC signed. Unbound also crashes when confronted with a query that eventually, and under specific circumstances,...

5CVSS6.4AI score0.02944EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2011/10/19 12:0 a.m.22 views

kdeutils4 -- Directory traversal vulnerability

Tim Brown from Nth Dimention reports: I recently discovered that the Ark archiving tool is vulnerable to directory traversal via malformed. When attempts are made to view files within the malformed Zip file in Ark's default view, the wrong file may be displayed due to incorrect construction of th...

6.8CVSS6.4AI score0.02952EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2011/09/28 12:0 a.m.22 views

FreeBSD -- Buffer overflow in handling of UNIX socket addresses

Problem Description: When a UNIX-domain socket is attached to a location using the bind2 system call, the length of the provided path is not validated. Later, when this address was returned via other system calls, it is copied into a fixed-length buffer. Linux uses a larger socket address structu...

1.1AI score
Exploits0
FreeBSD
FreeBSD
added 2011/08/25 12:0 a.m.22 views

stunnel -- heap corruption vulnerability

Michal Trojnara reports: Version 4.42, 2011.08.18, urgency: HIGH: Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may possibly be leveraged to perform DoS or remote code execution attacks...

9.3CVSS6.9AI score0.05711EPSS
Exploits0
FreeBSD
FreeBSD
added 2011/08/16 12:0 a.m.22 views

OTRS -- Vulnerabilities in OTRS-Core allows read access to any file on local file system

OTRS Security Advisory reports: An attacker with valid session and admin permissions could get read access to any file on the servers local operating system. For this it would be needed minimum one installed OTRS package...

4CVSS6AI score0.01737EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2010/06/02 12:0 a.m.22 views

sudo -- Secure path vulnerability

Todd Miller reports: Most versions of the C library function getenv return the first instance of an environment variable to the caller. However, some programs, notably the GNU Bourne Again SHell bash, do their own environment parsing and may choose the last instance of a variable rather than the...

6.2CVSS6.5AI score0.00457EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2010/05/20 12:0 a.m.22 views

ziproxy -- atypical huge picture files vulnerability

Ziproxy 3.0.1 release fixes a security vulnerability related to atypical huge picture files 4GB of size once expanded...

6.8CVSS5.9AI score0.03297EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2010/04/07 12:0 a.m.22 views

mediawiki -- authenticated CSRF vulnerability

A MediaWiki security announcement reports: MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to log in as the attacker, via a script on an external website. If the wiki is configured to allow user scripts, say with...

6CVSS6.1AI score0.01298EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2009/04/30 12:0 a.m.22 views

drupal -- cross site scripting

Drupal Security Team reports: When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte...

5.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2009/03/23 12:0 a.m.22 views

drupal6-cck -- cross-site scripting

Drupal CCK plugin developer reports: The Node reference and User reference sub-modules, which are part of the Content Construction Kit CCK project, lets administrators define node fields that are references to other nodes or to users. When displaying a node edit form, the titles of candidate...

4.3CVSS6.3AI score0.01223EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2008/11/08 12:0 a.m.22 views

trac -- potential DOS vulnerability

Trac development team reports: 0.11.2 is a new stable maintenance release. It contains several security fixes and everyone is recommended to upgrade their installations. Bug fixes: Fixes potential DOS vulnerability with certain wiki markup...

2.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2008/10/17 12:0 a.m.22 views

habari -- Cross-Site Scripting Vulnerability

Secunia reports: Input passed via the "habariusername" parameter when logging in is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

4.3CVSS7AI score0.02962EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2008/10/14 12:0 a.m.22 views

mantis -- session hijacking vulnerability

The mantis Team reports: When configuring a web application to use only ssl e. g. by forwarding all http-requests to https, a user would expect that sniffing and hijacking the session is impossible. Though, for this to be secure, one needs to set the session cookie to have the secure flag. Else t...

5CVSS6.4AI score0.01884EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2008/09/05 12:0 a.m.22 views

emacs -- run-python vulnerability

Emacs developers report: The Emacs command run-python' launches an interactive Python interpreter. After the Python process starts up, Emacs automatically sends it the line: import emacs which normally imports a script named emacs.py which is distributed with Emacs. This script, which is typicall...

7.2CVSS6.5AI score0.00528EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2008/09/03 12:0 a.m.23 views

FreeBSD -- Remote kernel panics on IPv6 connections

Problem Description: In case of an incoming ICMPv6 'Packet Too Big Message', there is an insufficient check on the proposed new MTU for a path to the destination. Impact: When the kernel is configured to process IPv6 packets and has active IPv6 TCP sockets, a specifically crafted ICMPv6 'Packet T...

7.1CVSS6.2AI score0.04513EPSS
Exploits1
FreeBSD
FreeBSD
added 2008/05/28 12:0 a.m.22 views

py-pylons -- Path traversal bug

Pylons team reports: The error.py controller uses paste.fileapp to serve the static resources to the browser. The default error.py controller uses os.path.join to combine the id from Routes with the media path. Routes prior to 1.8 double unquoted the PATHINFO, resulting in FileApp returning files...

1.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2008/05/15 12:0 a.m.22 views

cdf3 -- Buffer overflow vulnerability

NASA Goddard Space Flight Center reports: The libraries for the scientific data file format, Common Data Format CDF version 3.2 and earlier, have the potential for a buffer overflow vulnerability when reading specially-crafted invalid CDF files. If successful, this could trigger execution of...

7.5CVSS7.1AI score0.03868EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2008/03/19 12:0 a.m.22 views

gnupg -- memory corruption vulnerability

Secunia reports: A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system. The vulnerability is caused due to an error when importing keys with duplicated IDs. This can be exploited to cause a memory corruption when importing keys via...

9.3CVSS6.7AI score0.04041EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2007/09/14 12:0 a.m.22 views

coppermine -- multiple vulnerabilities

The coppermine development team reports two vulnerabilities with the coppermine application. These vulnerabilities are caused by improper checking of the log variable in "viewlog.php" and improper checking of the referer variable in "mode.php". This could allow local file inclusion, potentially...

5.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2007/09/10 12:0 a.m.22 views

wordpress -- remote sql injection vulnerability

Alexander Concha reports: While testing WordPress, it has been discovered a SQL Injection vulnerability that allows an attacker to retrieve remotely any user credentials from a vulnerable site, this bug is caused because of early database escaping and the lack of validation in query string like...

7.5CVSS6.7AI score0.03637EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2007/08/28 12:0 a.m.22 views

irc/bitchx -- multiple vulnerabilities

bannedit reports: Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable. Nico Golde reports: There is a security issue in ircii-pana in bitchx' hostname command. The ehostname function...

10CVSS7.6AI score0.14686EPSS
Exploits0
FreeBSD
FreeBSD
added 2007/07/24 12:0 a.m.22 views

fsplib -- multiple vulnerabilities

A Secunia Advisory reports: fsplib can be exploited to compromise an application using the library. A boundary error exists in the processing of file names in fspreaddirnative, which can be exploited to cause a stack-based buffer overflow if the defined MAXNAMLEN is bigger than 256. A boundary...

7.5CVSS6.7AI score0.05169EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2007/02/07 12:0 a.m.22 views

rar -- password prompt buffer overflow vulnerability

iDefense reports: Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...

6.8CVSS7.7AI score0.03954EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/11/26 12:0 a.m.22 views

tdiary -- cross site scripting vulnerability

tDiary was vulnerable to an unspecified Cross-Site Scripting vulnerability...

4.3CVSS6.2AI score0.01612EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/10/04 12:0 a.m.22 views

mono -- "System.CodeDom.Compiler" Insecure Temporary Creation

Sebastian Krahmer reports: Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program...

6.2CVSS6.5AI score0.00449EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/06/12 12:0 a.m.22 views

wv2 -- Integer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in wvWare wv2 Library, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error in "wordhelper.h" when handling a Word document. This can b...

6.5CVSS7AI score0.02523EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/06/01 12:0 a.m.22 views

squirrelmail -- plugin.php local file inclusion vulnerability

The SquirrelMail Project Team reports: A security issue has been uncovered in functions/plugin.php that could allow a remote user to access local files on the server without requiring login. This issue manifests itself if registerglobals is enabled, and magicquotesgpc is disabled...

2.1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2006/03/30 12:0 a.m.22 views

samba -- Exposure of machine account credentials in winbind log files

Samba Security Advisory: The machine trust account password is the secret shared between a domain controller and a specific member server. Access to the member server machine credentials allows an attacker to impersonate the server in the domain and gain access to additional information regarding...

1.2CVSS6.5AI score0.00463EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/03/23 12:0 a.m.22 views

linux-realplayer -- buffer overrun

Secunia Advisories Reports: A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system...

9.3CVSS6.8AI score0.16744EPSS
Exploits11References2
FreeBSD
FreeBSD
added 2006/03/01 12:0 a.m.22 views

nfs -- remote denial of service

Problem description: A part of the NFS server code charged with handling incoming RPC messages via TCP had an error which, when the server received a message with a zero-length payload, would cause a NULL pointer dereference which results in a kernel panic. The kernel will only process the RPC...

7.8CVSS6.3AI score0.64373EPSS
Exploits2
FreeBSD
FreeBSD
added 2005/12/31 12:0 a.m.22 views

rxvt-unicode -- restore permissions on tty devices

A rxvt-unicode changelog reports: SECURITY FIX: on systems using openpty, permissions were not correctly updated on the tty device and were left as world-readable and world-writable likely in original rxvt, too, and were not restored properly. Affected are only systems where non-unix ptys were us...

1.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2005/12/13 12:0 a.m.22 views

mantis -- "view_filters_page.php" cross-site scripting vulnerability

r0t reports: Mantis contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "targetfield" parameter in "viewfilterspage.php" isn't properly sanitised before being returned to the user. This could allow a user to create a specially crafted URL tha...

2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2005/07/26 12:0 a.m.22 views

proftpd -- format string vulnerabilities

The ProFTPD release notes states: sean found two format string vulnerabilities, one in modsql's SQLShowInfo directive, and one involving the 'ftpshut' utility. Both can be considered low risk, as they require active involvement on the part of the site administrator in order to be exploited. These...

6.4CVSS6.1AI score0.09198EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/07/12 12:0 a.m.22 views

heartbeat -- insecure temporary file creation vulnerability

Eric Romang reports a temporary file creation vulnerability within heartbeat. The vulnerability is caused by hardcoded temporary file usage. This can cause an attacker to create an arbitrary symlink causing the application to overwrite the symlinked file with the permissions of the user executing...

2.1CVSS6.4AI score0.00358EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/05/07 12:0 a.m.22 views

mysql-server -- insecure temporary file creation

A Zataz advisory reports that MySQL contains a security flaw which could allow a malicious local user to inject arbitrary SQL commands during the initial database creation process. The problem lies in the mysqlinstalldb script which creates temporary files based on the PID used by the script...

4.6CVSS6.8AI score0.00615EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/04/13 12:0 a.m.22 views

junkbuster -- heap corruption vulnerability and configuration modification vulnerability

A Debian advisory reports: James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidently overwriting a global variable. Tavis Ormandy from the Gentoo Security Team discovered several heap corruptions due to inconsistent use of an internal...

6.7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2005/02/16 12:0 a.m.22 views

typespeed -- arbitrary code execution

Debian reports: Ulf Härnhammar from the Debian Security Audit Project discovered a problem in typespeed, a touch-typist trainer disguised as game. This could lead to a local attacker executing arbitrary code...

4.6CVSS6.2AI score0.00713EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/11/01 12:0 a.m.22 views

proxytunnel -- format string vulnerability

A Gentoo Linux Security Advisory reports: Florian Schilhabel of the Gentoo Linux Security Audit project found a format string vulnerability in Proxytunnel. When the program is started in daemon mode -a port, it improperly logs invalid proxy answers to syslog. A malicious remote server could send...

10CVSS6.9AI score0.04278EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/09/19 12:0 a.m.22 views

jabberd -- denial-of-service vulnerability

José Antonio Calvo discovered a bug in the Jabber 1.x server. According to Matthias Wimmer: Without this patch, it is possible to remotly crash jabberd14, if there is access to one of the following types of network sockets: Socket accepting client connections Socket accepting connections from oth...

5CVSS3.1AI score0.02441EPSS
Exploits0References2
Total number of security vulnerabilities5000