Lucene search
K
FreebsdRecent

6581 matches found

FreeBSD
FreeBSD
•added 2008/12/23 12:0 a.m.•32 views

FreeBSD -- Cross-site request forgery in ftpd(8)

Problem Description: The ftpd8 server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command. Impact: This could, with a specifically crafted command, be used in a cross-site request forgery attack. FreeBSD...

7.5CVSS6.8AI score0.04045EPSS
Exploits1
FreeBSD
FreeBSD
•added 2008/12/23 12:0 a.m.•13 views

FreeBSD -- netgraph / bluetooth privilege escalation

Problem Description: Some function pointers for netgraph and bluetooth sockets are not properly initialized. Impact: A local user can cause the FreeBSD kernel to execute arbitrary code. This could be used by an attacker directly; or it could be used to gain root privilege or to escape from a jail...

3.3AI score
Exploits0
FreeBSD
FreeBSD
•added 2008/12/21 12:0 a.m.•77 views

php-mbstring -- php mbstring buffer overflow vulnerability

SecurityFocus reports: PHP is prone to a buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. The issue affects the 'mbstring' extension included in the standard distribution. An attacker can exploit th...

10CVSS7.1AI score0.07371EPSS
Exploits2
FreeBSD
FreeBSD
•added 2008/12/20 12:0 a.m.•14 views

git -- gitweb privilege escalation

Git maintainers report: gitweb has a possible local privilege escalation bug that allows a malicious repository owner to run a command of his choice by specifying diff.external configuration variable in his repository and running a crafted gitweb query...

5.5AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2008/12/19 12:0 a.m.•23 views

netatalk -- arbitrary command execution in papd daemon

Secunia reports: A vulnerability has been reported in Netatalk, which potentially can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to the papd daemon improperly sanitising several received parameters before passing them in a call to popen. Thi...

9.3CVSS7AI score0.04526EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/12/17 12:0 a.m.•33 views

mozilla -- multiple vulnerabilities

The Mozilla Foundation reports: MFSA 2008-69 XSS vulnerabilities in SessionStore MFSA 2008-68 XSS and JavaScript privilege escalation MFSA 2008-67 Escaped null characters ignored by CSS parser MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters MFSA 2008-65 Cross-domai...

10CVSS9.4AI score0.03201EPSS
Exploits0References10
FreeBSD
FreeBSD
•added 2008/12/16 12:0 a.m.•23 views

imap-uw -- imap c-client buffer overflow

SANS reports: The University of Washington IMAP library is a library implementing the IMAP mail protocol. University of Washington IMAP is exposed to a buffer overflow issue that occurs due to a boundary error within the rfc822outputchar function in the c-client library. The University of...

4.3CVSS6.8AI score0.01764EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2008/12/15 12:0 a.m.•24 views

mediawiki -- multiple vulnerabilities

The MediaWiki development team reports: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Certain unspecified input related to uploads i...

6.8AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2008/12/14 12:0 a.m.•28 views

mplayer -- twinvq processing buffer overflow vulnerability

A trapkit reports: MPlayer contains a stack buffer overflow vulnerability while parsing malformed TwinVQ media files. The vulnerability may be exploited by a remote attacker to execute arbitrary code in the context of MPlayer...

10CVSS7.6AI score0.07694EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2008/12/12 12:0 a.m.•30 views

roundcube -- remote execution of arbitrary code

Entry for CVE-2008-5619 says: html2text.php in RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with the eval switch...

10CVSS6.9AI score0.54003EPSS
Exploits15References1
FreeBSD
FreeBSD
•added 2008/12/11 12:0 a.m.•31 views

drupal -- multiple vulnerabilities

The Drupal Project reports: The update system is vulnerable to Cross site request forgeries. Malicious users may cause the superuser user 1 to execute old updates that may damage the database. When an input format is deleted, not all existing content on a site is updated to reflect this deletion...

4.3CVSS6.4AI score0.02008EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2008/12/09 12:0 a.m.•30 views

vinagre -- format string vulnerability

CORE Security Technologies reports: A format string error has been found on the vinagreutilsshowerror function that can be exploited via commands issued from a malicious server containing format string specifiers on the VNC name. In a web based attack scenario, the user would be required to conne...

6.8CVSS7.4AI score0.09121EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/12/09 12:0 a.m.•28 views

phpmyadmin -- cross-site request forgery vulnerability

The phpMyAdmin Team reports: A logged-in user can be subject of SQL injection through cross site request forgery. Several scripts in phpMyAdmin are vulnerable and the attack can be made through table parameter...

6CVSS7.5AI score0.0215EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2008/12/08 12:0 a.m.•21 views

phppgadmin -- directory traversal with register_globals enabled

Secunia reports: Dun has discovered a vulnerability in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information. Input passed via the "language" parameter to libraries/lib.inc.php is not properly sanitised before being used to include files. This can be exploited t...

4.3CVSS6.2AI score0.12865EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2008/12/07 12:0 a.m.•28 views

php5 -- potential magic_quotes_gpc vulnerability

PHP Developers reports: Due to a security bug found in the PHP 5.2.7 release, it has been removed from distribution. The bug affects configurations where magicquotesgpc is enabled, because it remains off even when set to on...

7.5CVSS6.4AI score0.01664EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2008/12/05 12:0 a.m.•16 views

pdfjam -- insecure temporary files

Secunia reports: Some security issues have been reported in PDFjam, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issues are caused due to the "pdf90", "pdfjoin", and "pdfnup" scripts using temporary files in an insecure manner...

6.9CVSS6.5AI score0.00406EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/12/05 12:0 a.m.•27 views

twiki -- multiple vulnerabilities

Marc Schoenefeld and Steve Milner of RedHat SRT and Peter Allor of IBM ISS report: XSS vulnerability with URLPARAM variable SEARCH variable allows arbitrary shell command execution...

10CVSS6.6AI score0.0464EPSS
Exploits1References7
FreeBSD
FreeBSD
•added 2008/12/04 12:0 a.m.•46 views

php -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. An input validation error exists within the "ZipArchive::extractTo"...

7.5CVSS7.1AI score0.06847EPSS
Exploits6References5
FreeBSD
FreeBSD
•added 2008/12/03 12:0 a.m.•33 views

squirrelmail -- Cross site scripting vulnerability

Squirrelmail team reports: An issue was fixed that allowed an attacker to send specially- crafted hyperlinks in a message that could execute cross-site scripting XSS when the user viewed the message in SquirrelMail...

4.3CVSS5.9AI score0.01776EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/30 12:0 a.m.•27 views

vlc -- arbitrary code execution in the RealMedia processor

Tobias Klein from TrapKit reports: The VLC media player contains an integer overflow vulnerability while parsing malformed RealMedia .rm files. The vulnerability leads to a heap overflow that can be exploited by a remote attacker to execute arbitrary code in the context of VLC media player...

9.3CVSS7.4AI score0.07842EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/28 12:0 a.m.•14 views

codeigniter -- arbitrary script execution in the new Form Validation class

znirkel reports: The eval function in resetpostarray crashes when posting certain data. By passing in carefully-crafted input data, the eval function could also execute malicious PHP code. Note that CodeIgniter applications that either do not use the new Form Validation class or use the old...

1.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2008/11/28 12:0 a.m.•19 views

php -- ini database truncation inside dba_replace() function

securityfocus research reports: A bug that leads to the emptying of the INI file contents if the database key was not found exists in PHP dba extension in versions 5.2.6, 4.4.9 and earlier. Function dbareplace are not filtering strings key and value. There is a possibility for the destruction of...

6.4CVSS6.4AI score0.01591EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/28 12:0 a.m.•28 views

p5-File-Path -- rmtree allows creation of setuid files

Jan Lieskovsky reports: perl-File-Path rmtree race condition CVE-2005-0448 was assigned to address this This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1. It's also present in File::Path 2.xx, up to and including 2.07 which has only a partial fix...

1.2CVSS6.1AI score0.00387EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2008/11/27 12:0 a.m.•26 views

samba -- potential leakage of arbitrary memory contents

Samba Team reports: Samba 3.0.29 and beyond contain a change to deal with gcc 4 optimizations. Part of the change modified range checking for client-generated offsets of secondary trans, trans2 and nttrans requests. These requests are used to transfer arbitrary amounts of memory from clients to...

8.5CVSS6.7AI score0.04331EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/26 12:0 a.m.•27 views

wordpress -- header rss feed script insertion vulnerability

Secunia reports: Input passed via the HTTP "Host" header is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site if malicious data is viewed...

4.3CVSS7AI score0.03233EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/25 12:0 a.m.•27 views

amaya -- multiple buffer overflow vulnerabilities

Secunia reports: A boundary error when processing "div" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long "id" parameter. A boundary error exists when processing overly long links. This can be exploited to cause a stack-based buffer overflow by tricking the user...

6.7AI score
Exploits0References5
FreeBSD
FreeBSD
•added 2008/11/24 12:0 a.m.•34 views

FreeBSD -- arc4random(9) predictable sequence vulnerability

Problem Description: When the arc4random9 random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random9; and it may take up to 5 minutes before arc4random9 is reseeded with secure entropy from the Yarrow random number...

7CVSS6.8AI score0.00319EPSS
Exploits1
FreeBSD
FreeBSD
•added 2008/11/24 12:0 a.m.•23 views

wireshark -- SMTP Processing Denial of Service Vulnerability

Secunia reports: A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS. The vulnerability is caused due to an error in the SMTP dissector and can be exploited to trigger the execution of an infinite loop via a large SMTP packet...

5CVSS6.4AI score0.02003EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2008/11/22 12:0 a.m.•14 views

verlihub -- insecure temporary file usage and arbitrary command execution

securityfocus reports: An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files,...

6.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2008/11/20 12:0 a.m.•28 views

imlib2 -- XPM processing buffer overflow vulnerability

Secunia reports: A vulnerability has been discovered in imlib2, which can be exploited by malicious people to potentially compromise an application using the library. The vulnerability is caused due to a pointer arithmetic error within the "load" function provided by the XPM loader. This can be...

7.5CVSS6.6AI score0.03641EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2008/11/18 12:0 a.m.•39 views

dovecot-managesieve -- Script Name Directory Traversal Vulnerability

Secunia reports: The security issue is caused due to an input validation error when processing script names. This can be exploited to read or modify arbitrary files having ".sieve" extensions via directory traversal attacks, with the privileges of the attacker's user id...

6.4CVSS6.4AI score0.01829EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2008/11/18 12:0 a.m.•32 views

opera -- multiple vulnerabilities

The Opera Team reports: Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code. Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be...

9.3CVSS6.8AI score0.31509EPSS
Exploits6References6
FreeBSD
FreeBSD
•added 2008/11/18 12:0 a.m.•39 views

libxml2 -- multiple vulnerabilities

Secunia reports: Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS Denial of Service or to potentially compromise an application using the library. 1 An integer overflow error in the "xmlSAX2Characters" function can be exploited to trigge...

7.6AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2008/11/15 12:0 a.m.•32 views

syslog-ng2 -- startup directory leakage in the chroot environment

Florian Grandel reports: I have not had the time to analyze all of syslog-ng code. But by reading the code section near the chroot call and looking at strace results I believe that syslog-ng does not chdir to the chroot jail's location before chrooting into it. This opens up ways to work around t...

9.3CVSS6.6AI score0.022EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2008/11/13 12:0 a.m.•45 views

mozilla -- multiple vulnerabilities

The Mozilla Foundation reports: MFSA 2008-58 Parsing error in E4X default namespace MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners same-origin violation MFSA 2008-55 Crash and remote code execution in...

10CVSS10.2AI score0.10187EPSS
Exploits2References12
FreeBSD
FreeBSD
•added 2008/11/11 12:0 a.m.•23 views

optipng -- arbitrary code execution via crafted BMP image

Secunia reports: A vulnerability has been reported in OptiPNG, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the BMP reader and can be exploited to cause a buffer overflow by tricking a user into...

9.3CVSS6.6AI score0.04023EPSS
Exploits2References3
FreeBSD
FreeBSD
•added 2008/11/10 12:0 a.m.•29 views

gnutls -- X.509 certificate chain validation vulnerability

SecurityFocus reports: GnuTLS is prone to a security-bypass vulnerability because the application fails to properly validate chained X.509 certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks by impersonating trusted servers. Unsuspecting users ma...

5.9CVSS6.2AI score0.01882EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/08 12:0 a.m.•22 views

trac -- potential DOS vulnerability

Trac development team reports: 0.11.2 is a new stable maintenance release. It contains several security fixes and everyone is recommended to upgrade their installations. Bug fixes: Fixes potential DOS vulnerability with certain wiki markup...

2.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2008/11/08 12:0 a.m.•38 views

clamav -- off-by-one heap overflow in VBA project parser

Advisory from Moritz Jodeit, November 8th, 2008: ClamAV contains an off-by-one heap overflow vulnerability in the code responsible for parsing VBA project files. Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the clamd' process by sending an email...

9.3CVSS6.1AI score0.08293EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/07 12:0 a.m.•33 views

openfire -- multiple vulnerabilities

Andreas Kurtz reports: The jabber server Openfire = version 3.6.0a contains several serious vulnerabilities. Depending on the particular runtime environment these issues can potentially even be used by an attacker to execute code on operating system level. Authentication bypass - This vulnerabili...

7.5CVSS6.2AI score0.83382EPSS
Exploits9References3
FreeBSD
FreeBSD
•added 2008/11/06 12:0 a.m.•32 views

nagios -- web interface privilege escalation vulnerability

securityfocus reports: An attacker with low-level privileges may exploit this issue to bypass authorization and cause arbitrary commands to run within the context of the Nagios server. This may aid in further attacks...

6.5CVSS6.7AI score0.06738EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2008/11/05 12:0 a.m.•51 views

libcdaudio -- remote buffer overflow and code execution

securityfocus reports: The 'libcdaudio' library is prone to a remote heap code in the context of an application that uses the library. Failed attacks will cause denial-of-service conditions. A buffer-overflow in Grip occurs when the software processes a response to a CDDB query that has more than...

6.8AI score
Exploits0
FreeBSD
FreeBSD
•added 2008/11/05 12:0 a.m.•21 views

streamripper -- multiple buffer overflows

Secunia reports: A boundary error exists within httpparsescheader in lib/http.c when parsing an overly long HTTP header starting with "Zwitterion v". A boundary error exists within httpgetpls in lib/http.c when parsing a specially crafted pls playlist containing an overly long entry. A boundary...

9.3CVSS6.4AI score0.06477EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/11/05 12:0 a.m.•36 views

vlc -- cue processing stack overflow

The VLC Team reports: The VLC media player contains a stack overflow vulnerability while parsing malformed cue files. The vulnerability may be exploited by a remote attacker to execute arbitrary code in the context of VLC media player...

7.4AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2008/11/03 12:0 a.m.•36 views

opera -- multiple vulnerabilities

Opera reports: When certain parameters are passed to Opera's History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera's configuration...

9.3CVSS6.8AI score0.04504EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2008/11/01 12:0 a.m.•37 views

qemu -- Heap overflow in Cirrus emulation

Aurelien Jarno reports: CVE-2008-4539: fix a heap overflow in Cirrus emulation The code in hw/cirrusvga.c has changed a lot between CVE-2007-1320 has been announced and the patch has been applied. As a consequence it has wrongly applied and QEMU is still vulnerable to this bug if using VNC...

7.2CVSS9AI score0.00537EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2008/10/30 12:0 a.m.•21 views

phpmyadmin -- Cross-Site Scripting Vulnerability

SecurityFocus reports: phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This ma...

3.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2008/10/29 12:0 a.m.•23 views

imap-uw -- local buffer overflow vulnerabilities

SANS reports: University of Washington "tmail" and "dmail" are mail deliver agents. "tmail" and "dmail" are exposed to local buffer overflow issues because they fail to perform adequate boundary checks on user-supplied data...

4.3CVSS6.4AI score0.01764EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/10/29 12:0 a.m.•28 views

openoffice -- arbitrary code execution vulnerabilities

The OpenOffice Team reports: A security vulnerability with the way OpenOffice 2.x process WMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running...

9.3CVSS7AI score0.06752EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/10/23 12:0 a.m.•6 views

wordpress -- snoopy "_httpsrequest()" shell command execution vulnerability

The Wordpress development team reports: A vulnerability in the Snoopy library was announced today. WordPress uses Snoopy to fetch the feeds shown in the Dashboard. Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately...

4.5AI score
Exploits0References2
Total number of security vulnerabilities6581