Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
added 2012/01/10 12:0 a.m.22 views

PowerDNS -- Denial of Service Vulnerability

The PowerDNS Team reports: Using well crafted UDP packets, one or more PowerDNS servers could be made to enter a tight packet loop, causing temporary denial of service...

5CVSS6.3AI score0.05264EPSS
Exploits0
FreeBSD
FreeBSD
added 2011/12/23 12:0 a.m.22 views

FreeBSD -- pam_ssh() does not validate service names

Problem Description: Some third-party applications, including KDE's kcheckpass command, allow the user to specify the name of the policy on the command line. Since OpenPAM treats the policy name as a path relative to /etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run such an...

6.9CVSS6.6AI score0.00905EPSS
Exploits1
FreeBSD
FreeBSD
added 2011/12/19 12:0 a.m.22 views

unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence

Unbound developer reports: Unbound crashes when confronted with a non-standard response from a server for a domain. This domain produces duplicate RRs from a certain type and is DNSSEC signed. Unbound also crashes when confronted with a query that eventually, and under specific circumstances,...

5CVSS6.4AI score0.02944EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2011/10/19 12:0 a.m.22 views

kdeutils4 -- Directory traversal vulnerability

Tim Brown from Nth Dimention reports: I recently discovered that the Ark archiving tool is vulnerable to directory traversal via malformed. When attempts are made to view files within the malformed Zip file in Ark's default view, the wrong file may be displayed due to incorrect construction of th...

6.8CVSS6.4AI score0.02952EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2011/09/28 12:0 a.m.22 views

FreeBSD -- Buffer overflow in handling of UNIX socket addresses

Problem Description: When a UNIX-domain socket is attached to a location using the bind2 system call, the length of the provided path is not validated. Later, when this address was returned via other system calls, it is copied into a fixed-length buffer. Linux uses a larger socket address structu...

1.1AI score
Exploits0
FreeBSD
FreeBSD
added 2011/08/25 12:0 a.m.22 views

stunnel -- heap corruption vulnerability

Michal Trojnara reports: Version 4.42, 2011.08.18, urgency: HIGH: Fixed a heap corruption vulnerability in versions 4.40 and 4.41. It may possibly be leveraged to perform DoS or remote code execution attacks...

9.3CVSS6.9AI score0.05711EPSS
Exploits0
FreeBSD
FreeBSD
added 2011/08/16 12:0 a.m.22 views

OTRS -- Vulnerabilities in OTRS-Core allows read access to any file on local file system

OTRS Security Advisory reports: An attacker with valid session and admin permissions could get read access to any file on the servers local operating system. For this it would be needed minimum one installed OTRS package...

4CVSS6AI score0.01737EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2011/05/28 12:0 a.m.22 views

Subversion -- multiple vulnerabilities

Subversion team reports: Subversion's moddavsvn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources. This can lead to a DoS. An exploit has been tested, and tools or users have been observed triggering this problem in the wild. Subversion's...

5CVSS6.5AI score0.08483EPSS
Exploits2
FreeBSD
FreeBSD
added 2010/06/02 12:0 a.m.22 views

sudo -- Secure path vulnerability

Todd Miller reports: Most versions of the C library function getenv return the first instance of an environment variable to the caller. However, some programs, notably the GNU Bourne Again SHell bash, do their own environment parsing and may choose the last instance of a variable rather than the...

6.2CVSS6.5AI score0.00457EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2010/05/20 12:0 a.m.22 views

ziproxy -- atypical huge picture files vulnerability

Ziproxy 3.0.1 release fixes a security vulnerability related to atypical huge picture files 4GB of size once expanded...

6.8CVSS5.9AI score0.03297EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2010/04/07 12:0 a.m.22 views

mediawiki -- authenticated CSRF vulnerability

A MediaWiki security announcement reports: MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to log in as the attacker, via a script on an external website. If the wiki is configured to allow user scripts, say with...

6CVSS6.1AI score0.01298EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2009/04/30 12:0 a.m.22 views

drupal -- cross site scripting

Drupal Security Team reports: When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte...

5.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2009/03/23 12:0 a.m.22 views

drupal6-cck -- cross-site scripting

Drupal CCK plugin developer reports: The Node reference and User reference sub-modules, which are part of the Content Construction Kit CCK project, lets administrators define node fields that are references to other nodes or to users. When displaying a node edit form, the titles of candidate...

4.3CVSS6.3AI score0.01223EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2008/11/08 12:0 a.m.22 views

trac -- potential DOS vulnerability

Trac development team reports: 0.11.2 is a new stable maintenance release. It contains several security fixes and everyone is recommended to upgrade their installations. Bug fixes: Fixes potential DOS vulnerability with certain wiki markup...

2.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2008/10/17 12:0 a.m.22 views

habari -- Cross-Site Scripting Vulnerability

Secunia reports: Input passed via the "habariusername" parameter when logging in is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

4.3CVSS7AI score0.02962EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2008/10/14 12:0 a.m.22 views

mantis -- session hijacking vulnerability

The mantis Team reports: When configuring a web application to use only ssl e. g. by forwarding all http-requests to https, a user would expect that sniffing and hijacking the session is impossible. Though, for this to be secure, one needs to set the session cookie to have the secure flag. Else t...

5CVSS6.4AI score0.01884EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2008/09/05 12:0 a.m.22 views

emacs -- run-python vulnerability

Emacs developers report: The Emacs command run-python' launches an interactive Python interpreter. After the Python process starts up, Emacs automatically sends it the line: import emacs which normally imports a script named emacs.py which is distributed with Emacs. This script, which is typicall...

7.2CVSS6.5AI score0.00528EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2008/09/03 12:0 a.m.23 views

FreeBSD -- Remote kernel panics on IPv6 connections

Problem Description: In case of an incoming ICMPv6 'Packet Too Big Message', there is an insufficient check on the proposed new MTU for a path to the destination. Impact: When the kernel is configured to process IPv6 packets and has active IPv6 TCP sockets, a specifically crafted ICMPv6 'Packet T...

7.1CVSS6.2AI score0.04513EPSS
Exploits1
FreeBSD
FreeBSD
added 2008/05/28 12:0 a.m.22 views

py-pylons -- Path traversal bug

Pylons team reports: The error.py controller uses paste.fileapp to serve the static resources to the browser. The default error.py controller uses os.path.join to combine the id from Routes with the media path. Routes prior to 1.8 double unquoted the PATHINFO, resulting in FileApp returning files...

1.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2008/05/15 12:0 a.m.22 views

cdf3 -- Buffer overflow vulnerability

NASA Goddard Space Flight Center reports: The libraries for the scientific data file format, Common Data Format CDF version 3.2 and earlier, have the potential for a buffer overflow vulnerability when reading specially-crafted invalid CDF files. If successful, this could trigger execution of...

7.5CVSS7.1AI score0.03868EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2008/03/19 12:0 a.m.22 views

gnupg -- memory corruption vulnerability

Secunia reports: A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system. The vulnerability is caused due to an error when importing keys with duplicated IDs. This can be exploited to cause a memory corruption when importing keys via...

9.3CVSS6.7AI score0.04041EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2007/09/14 12:0 a.m.22 views

coppermine -- multiple vulnerabilities

The coppermine development team reports two vulnerabilities with the coppermine application. These vulnerabilities are caused by improper checking of the log variable in "viewlog.php" and improper checking of the referer variable in "mode.php". This could allow local file inclusion, potentially...

5.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2007/09/10 12:0 a.m.22 views

wordpress -- remote sql injection vulnerability

Alexander Concha reports: While testing WordPress, it has been discovered a SQL Injection vulnerability that allows an attacker to retrieve remotely any user credentials from a vulnerable site, this bug is caused because of early database escaping and the lack of validation in query string like...

7.5CVSS6.7AI score0.03637EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2007/08/28 12:0 a.m.22 views

irc/bitchx -- multiple vulnerabilities

bannedit reports: Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable. Nico Golde reports: There is a security issue in ircii-pana in bitchx' hostname command. The ehostname function...

10CVSS7.6AI score0.14686EPSS
Exploits0
FreeBSD
FreeBSD
added 2007/02/07 12:0 a.m.22 views

rar -- password prompt buffer overflow vulnerability

iDefense reports: Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker to execute arbitrary code with the privileges of the user opening the archive. Unrar is prone to a stack based buffer overflow when processing specially crafted password...

6.8CVSS7.7AI score0.03954EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/11/26 12:0 a.m.22 views

tdiary -- cross site scripting vulnerability

tDiary was vulnerable to an unspecified Cross-Site Scripting vulnerability...

4.3CVSS6.2AI score0.01612EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/10/04 12:0 a.m.22 views

mono -- "System.CodeDom.Compiler" Insecure Temporary Creation

Sebastian Krahmer reports: Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program...

6.2CVSS6.5AI score0.00449EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/06/12 12:0 a.m.22 views

wv2 -- Integer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in wvWare wv2 Library, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error in "wordhelper.h" when handling a Word document. This can b...

6.5CVSS7AI score0.02523EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/06/01 12:0 a.m.22 views

squirrelmail -- plugin.php local file inclusion vulnerability

The SquirrelMail Project Team reports: A security issue has been uncovered in functions/plugin.php that could allow a remote user to access local files on the server without requiring login. This issue manifests itself if registerglobals is enabled, and magicquotesgpc is disabled...

2.1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2006/03/30 12:0 a.m.22 views

samba -- Exposure of machine account credentials in winbind log files

Samba Security Advisory: The machine trust account password is the secret shared between a domain controller and a specific member server. Access to the member server machine credentials allows an attacker to impersonate the server in the domain and gain access to additional information regarding...

1.2CVSS6.5AI score0.00463EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/03/23 12:0 a.m.22 views

linux-realplayer -- buffer overrun

Secunia Advisories Reports: A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system...

9.3CVSS6.8AI score0.16744EPSS
Exploits11References2
FreeBSD
FreeBSD
added 2006/03/01 12:0 a.m.22 views

nfs -- remote denial of service

Problem description: A part of the NFS server code charged with handling incoming RPC messages via TCP had an error which, when the server received a message with a zero-length payload, would cause a NULL pointer dereference which results in a kernel panic. The kernel will only process the RPC...

7.8CVSS6.3AI score0.64373EPSS
Exploits2
FreeBSD
FreeBSD
added 2005/12/31 12:0 a.m.22 views

rxvt-unicode -- restore permissions on tty devices

A rxvt-unicode changelog reports: SECURITY FIX: on systems using openpty, permissions were not correctly updated on the tty device and were left as world-readable and world-writable likely in original rxvt, too, and were not restored properly. Affected are only systems where non-unix ptys were us...

1.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2005/12/18 12:0 a.m.22 views

rssh -- privilege escalation vulnerability

Pizzashack reports: Max Vozeler has reported a problem whereby rssh can allow users who have shell access to systems where rssh is installed and rsshchroothelper is installed SUID to gain root access to the system, due to the ability to chroot to arbitrary locations. There are a lot of potentiall...

7.2CVSS6.8AI score0.00381EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/12/13 12:0 a.m.22 views

mantis -- "view_filters_page.php" cross-site scripting vulnerability

r0t reports: Mantis contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to "targetfield" parameter in "viewfilterspage.php" isn't properly sanitised before being returned to the user. This could allow a user to create a specially crafted URL tha...

2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2005/07/26 12:0 a.m.22 views

proftpd -- format string vulnerabilities

The ProFTPD release notes states: sean found two format string vulnerabilities, one in modsql's SQLShowInfo directive, and one involving the 'ftpshut' utility. Both can be considered low risk, as they require active involvement on the part of the site administrator in order to be exploited. These...

6.4CVSS6.1AI score0.09198EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/07/12 12:0 a.m.22 views

heartbeat -- insecure temporary file creation vulnerability

Eric Romang reports a temporary file creation vulnerability within heartbeat. The vulnerability is caused by hardcoded temporary file usage. This can cause an attacker to create an arbitrary symlink causing the application to overwrite the symlinked file with the permissions of the user executing...

2.1CVSS6.4AI score0.00358EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/05/07 12:0 a.m.22 views

mysql-server -- insecure temporary file creation

A Zataz advisory reports that MySQL contains a security flaw which could allow a malicious local user to inject arbitrary SQL commands during the initial database creation process. The problem lies in the mysqlinstalldb script which creates temporary files based on the PID used by the script...

4.6CVSS6.8AI score0.00615EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/04/13 12:0 a.m.22 views

junkbuster -- heap corruption vulnerability and configuration modification vulnerability

A Debian advisory reports: James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidently overwriting a global variable. Tavis Ormandy from the Gentoo Security Team discovered several heap corruptions due to inconsistent use of an internal...

6.7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2005/02/16 12:0 a.m.22 views

typespeed -- arbitrary code execution

Debian reports: Ulf Härnhammar from the Debian Security Audit Project discovered a problem in typespeed, a touch-typist trainer disguised as game. This could lead to a local attacker executing arbitrary code...

4.6CVSS6.2AI score0.00713EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/11/01 12:0 a.m.22 views

proxytunnel -- format string vulnerability

A Gentoo Linux Security Advisory reports: Florian Schilhabel of the Gentoo Linux Security Audit project found a format string vulnerability in Proxytunnel. When the program is started in daemon mode -a port, it improperly logs invalid proxy answers to syslog. A malicious remote server could send...

10CVSS6.9AI score0.04278EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/09/19 12:0 a.m.22 views

jabberd -- denial-of-service vulnerability

José Antonio Calvo discovered a bug in the Jabber 1.x server. According to Matthias Wimmer: Without this patch, it is possible to remotly crash jabberd14, if there is access to one of the following types of network sockets: Socket accepting client connections Socket accepting connections from oth...

5CVSS3.1AI score0.02441EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/09/15 12:0 a.m.22 views

php -- vulnerability in RFC 1867 file upload processing

Stefano Di Paola discovered an issue with PHP that could allow someone to upload a file to any directory writeable by the httpd process. Any sanitizing performed on the prepended directory path is ignored. This bug can only be triggered if the $FILES element name contains an underscore...

1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2004/08/20 12:0 a.m.22 views

xv -- exploitable buffer overflows

In a Bugtraq posting, infamous41mdathotpop.com reported: there are at least 5 exploitable buffer and heap overflows in the image handling code. this allows someone to craft a malicious image, trick a user into viewing the file in xv, and upon viewing that image execute arbitrary code under...

1AI score
Exploits0References1
FreeBSD
FreeBSD
added 2004/05/13 12:0 a.m.22 views

multiple vulnerabilities in ethereal

Issues have been discovered in multiple protocol dissectors...

10CVSS6.7AI score0.0764EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2004/02/22 12:0 a.m.22 views

hsftp format string vulnerabilities

Ulf Härnhammar discovered a format string bug in hsftp's file listing code may allow a malicious server to cause arbitrary code execution by the client...

2.2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2004/02/11 12:0 a.m.22 views

Buffer overflow in Mutt 1.4

Mutt 1.4 contains a buffer overflow that could be exploited with a specially formed message, causing Mutt to crash or possibly execute arbitrary code...

7.5CVSS7.4AI score0.05427EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2003/04/25 12:0 a.m.22 views

ChiTeX/ChiLaTeX unsafe set-user-id root

Niels Heinen reports that ChiTeX installs set-user-id root executables that invoked system3 without setting up the environment, trivially allowing local root compromise...

3.5AI score
Exploits0References1
FreeBSD
FreeBSD
added 2001/04/12 12:0 a.m.22 views

nap allows arbitrary file access

According to the author: Fixed security loophole which allowed remote clients to access arbitrary files on our system...

3.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2026/05/24 12:0 a.m.21 views

Roundcube Webmail -- Multiple vulnerabilities

The Roundcube Webmail project reports: See link for details. No CVE numbers available at the moment...

5.8AI score
Exploits0References1
Total number of security vulnerabilities5000