Lucene search
K
FreebsdRecent

6578 matches found

FreeBSD
FreeBSD
•added 2004/08/02 12:0 a.m.•34 views

mozilla -- SOAPParameter integer overflow

zen-parse discovered and iDEFENSE reported an exploitable integer overflow in a scriptable Mozilla component SOAPParameter': Improper input validation to the SOAPParameter object constructor in Netscape and Mozilla allows execution of arbitrary code. The SOAPParameter object's constructor contain...

10CVSS7.1AI score0.13248EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/08/02 12:0 a.m.•7 views

popfile file disclosure

John Graham-Cumming reports that certain configurations of POPFile may allow the retrieval of any files with the extensions .gif, .png, .ico, .css, as well as some files with the extension .html...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2004/07/30 12:0 a.m.•13 views

ripMIME -- decoding bug allowing content filter bypass

ripMIME may prematurely terminate decoding Base64 encoded messages when it encounters multiple blank lines or other non-standard Base64 constructs. Virus scanning and content filtering tools that use ripMIME may therefore be bypassed. The ripMIME CHANGELOG file says: There's viruses going around...

0.6AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2004/07/28 12:0 a.m.•42 views

SoX buffer overflows when handling .WAV files

Ulf Härnhammar discovered a pair of buffer overflows in the WAV file handling code of SoX. If an attacker can cause her victim to process a specially-crafted WAV file with SoX e.g. through social engineering or through some other program that relies on SoX, arbitrary code can be executed with the...

10CVSS7AI score0.2508EPSS
Exploits7References3
FreeBSD
FreeBSD
•added 2004/07/25 12:0 a.m.•58 views

Mozilla certificate spoofing

Mozilla and Mozilla Firefox contains a flaw that may allow a malicious user to spoof SSL certification...

5CVSS6.3AI score0.05736EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2004/07/22 12:0 a.m.•43 views

mozilla -- POP client heap overflow

zen-parse discovered a heap buffer overflow in Mozilla's POP client implementation. A malicious POP server could exploit this vulnerability to cause Mozilla to execute arbitrary code...

10CVSS7AI score0.05346EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/07/21 12:0 a.m.•9 views

moinmoin -- ACL group bypass

The moinmoin package contains two bugs with ACLs and anonymous users. Both bugs may permit anonymous users to gain access to administrative functions; for example the delete function. There is no known workaround, the vulnerability exists regardless if a site is using ACLs or not...

6.5AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2004/07/19 12:0 a.m.•32 views

Mozilla / Firefox user interface spoofing vulnerability

The Mozilla project's family of browsers contain a design flaw that can allow a website to spoof almost perfectly any part of the Mozilla user interface, including spoofing web sites for phishing or internal elements such as the "Master Password" dialog box. This achieved by manipulating "chrome"...

10CVSS6.4AI score0.03231EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2004/07/16 12:0 a.m.•44 views

apache13-modssl -- format string vulnerability in proxy support

A OpenPKG Security Advisory reports: Triggered by a report to Packet Storm from Virulent, a format string vulnerability was found in modssl, the Apache SSL/TLS interface to OpenSSL, version up to and including 2.8.18 for Apache 1.3. The modssl in Apache 2.x is not affected. The vulnerability coul...

7.5CVSS6.2AI score0.05802EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2004/07/14 12:0 a.m.•39 views

Multiple Potential Buffer Overruns in Samba

Evgeny Demidov discovered that the Samba server has a buffer overflow in the Samba Web Administration Tool SWAT on decoding Base64 data during HTTP Basic Authentication. Versions 3.0.2 through 3.0.4 are affected. Another buffer overflow bug has been found in the code used to support the "mangling...

6.9AI score
Exploits0References7
FreeBSD
FreeBSD
•added 2004/07/13 12:0 a.m.•15 views

mozilla -- insecure permissions for some downloaded files

In a Mozilla bug report, Daniel Kleinsinger writes: I was comparing treatment of attachments opened directly from emails on different platforms. I discovered that Linux builds save attachments in /tmp with world readable rights. This doesn't seem like a good thing. Couldn't someone else logged on...

1.5AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2004/07/11 12:0 a.m.•31 views

mozilla -- NULL bytes in FTP URLs

When handling FTP URLs containing NULL bytes, Mozilla will interpret the file content as HTML. This may allow unexpected execution of Javascript when viewing plain text or other file types via FTP...

6.4CVSS6.7AI score0.08827EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/07/07 12:0 a.m.•40 views

apache2 -- SSL remote DoS

The Apache HTTP Server 2.0.51 release notes report that the following issues have been fixed: A segfault in modssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. CAN-2004-0751 A potential infinite loop in modssl which could be triggered given...

5CVSS6.4AI score0.69653EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2004/07/07 12:0 a.m.•57 views

php -- memory_limit related vulnerability

Stefan Esser of e-matters discovered a condition within PHP that may lead to remote execution of arbitrary code. The memorylimit facility is used to notify functions when memory contraints have been met. Under certain conditions, the entry into this facility is able to interrupt functions such as...

5.1CVSS6.9AI score0.54856EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2004/07/07 12:0 a.m.•41 views

php -- strip_tags cross-site scripting vulnerability

Stefan Esser of e-matters discovered that PHP's striptags function would ignore certain characters during parsing of tags, allowing these tags to pass through. Select browsers could then parse these tags, possibly allowing cross-site scripting attacks...

6.8CVSS6AI score0.45159EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2004/07/06 12:0 a.m.•22 views

cyrus-sasl -- potential buffer overflow in DIGEST-MD5 plugin

The Cyrus SASL DIGEST-MD5 plugin contains a potential buffer overflow when quoting is required in the output...

3.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2004/07/06 12:0 a.m.•26 views

multiple vulnerabilities in ethereal

Issues have been discovered in multiple protocol dissectors...

5CVSS6.7AI score0.17961EPSS
Exploits3References5
FreeBSD
FreeBSD
•added 2004/07/01 12:0 a.m.•37 views

MySQL authentication bypass / buffer overflow

By submitting a carefully crafted authentication packet, it is possible for an attacker to bypass password authentication in MySQL 4.1. Using a similar method, a stack buffer used in the authentication mechanism can be overflowed...

6.8AI score
Exploits0References6
FreeBSD
FreeBSD
•added 2004/06/30 12:0 a.m.•31 views

Pavuk HTTP Location header overflow

When pavuk sends a request to a web server and the server sends back the HTTP status code 305 Use Proxy, pavuk copies data from the HTTP Location header in an unsafe manner. This leads to a stack-based buffer overflow with control over EIP...

7.6CVSS7AI score0.0292EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/06/29 12:0 a.m.•34 views

mozilla -- built-in CA certificates may be overridden

Under some situations, Mozilla will automatically import a certificate from an email message or web site. This behavior can be used as a denial-of-service attack: if the certificate has a distinguished name DN identical to one of the built-in Certificate Authorities CAs, then Mozilla will no long...

5CVSS6.4AI score0.03146EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/06/29 12:0 a.m.•11 views

Remote code injection in phpMyAdmin

This vulnerability would allow remote user to inject PHP code to be executed by eval function. This vulnerability is only exploitable if variable $cfg'LeftFrameLight' is set to FALSE in file config.inc.php...

3.8AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2004/06/23 12:0 a.m.•25 views

distcc -- incorrect parsing of IP access control rules

Fix bug that might cause IP-based access control rules not to be interpreted correctly on 64-bit platforms...

7.5CVSS6.5AI score0.01585EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/06/22 12:0 a.m.•34 views

isc-dhcp3-server buffer overflow in logging mechanism

A buffer overflow exists in the logging functionality of the DHCP daemon which could lead to Denial of Service attacks and has the potential to allow attackers to execute arbitrary code...

10CVSS7.3AI score0.45333EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2004/06/21 12:0 a.m.•31 views

gnats -- format string vulnerability

Gnats suffers from a format string bug, which may enable an attacker to execute arbitary code...

10CVSS6.7AI score0.04487EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/06/19 12:0 a.m.•26 views

rssh -- file name disclosure bug

rssh expands command line paramters before invoking chroot. This could result in the disclosure to the client of file names outside of the chroot directory. A posting by the rssh author explains: The cause of the problem identified by Mr. McCaw is that rssh expanded command-line arguments prior t...

5CVSS6.3AI score0.01409EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/06/19 12:0 a.m.•25 views

sup -- format string vulnerability

Debian Security Advisory reports: [email protected] discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the...

10CVSS6.8AI score0.0439EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/06/19 12:0 a.m.•13 views

Remote Denial of Service of HTTP server and client

giFT-FastTrack is susceptible to a remote Denial of Service attack which could allow a remote attacker to render HTTP services unusable. According to the developers, no code execution is possible; however, they recommend an immediate upgrade...

5.6AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2004/06/18 12:0 a.m.•26 views

Linux binary compatibility mode input validation error

A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation. It may be possible for a local attacker to read and/or overwrite portions of kernel memory, resulting in disclosure of sensitive information or potential privile...

2.1CVSS5.9AI score0.00377EPSS
Exploits0
FreeBSD
FreeBSD
•added 2004/06/10 12:0 a.m.•29 views

apache -- heap overflow in mod_proxy

A buffer overflow exists in modproxy which may allow an attacker to launch local DoS attacks and possibly execute arbitrary code...

10CVSS7.2AI score0.33639EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/06/05 12:0 a.m.•30 views

mozilla -- users may be lured into bypassing security dialogs

According to the Mozilla project: An attacker who could lure users into clicking in particular places, or typing specific text, could cause a security permission or software installation dialog to pop up under the user's mouse click, clicking on the grant or install button...

5CVSS6.3AI score0.01984EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/06/04 12:0 a.m.•39 views

mysql -- mysql_real_connect buffer overflow vulnerability

The mysqlrealconnect function doesn't properly handle DNS replies by copying the IP address into a buffer without any length checking. A specially crafted DNS reply may therefore be used to cause a buffer overflow on affected systems. Note that whether this issue can be exploitable depends on the...

10CVSS6.5AI score0.09801EPSS
Exploits1References4
FreeBSD
FreeBSD
•added 2004/06/01 12:0 a.m.•31 views

Gallery 1.4.3 and ealier user authentication bypass

A flaw exists in Gallery versions previous to 1.4.3-pl1 and post 1.2 which may give an attacker the potential to log in under the "admin" account. Data outside of the gallery is unaffected and the attacker cannot modify any data other than the photos or photo albums...

10CVSS6.3AI score0.02831EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/05/30 12:0 a.m.•18 views

Arbitrary code execution via a format string vulnerability in jftpgw

The log functions in jftpgw may allow remotely authenticated user to execute arbitrary code via the format string specifiers in certain syslog messages...

10CVSS6.9AI score0.04343EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/05/29 12:0 a.m.•25 views

bmon -- unsafe set-user-ID application

Jon Nistor reported that the FreeBSD port of bmon was installed set-user-ID root, and executes commands using relative paths. This could allow local user to easily obtain root privileges...

3.2AI score
Exploits0
FreeBSD
FreeBSD
•added 2004/05/29 12:0 a.m.•31 views

"Content-Type" XSS vulnerability affecting other webmail systems

Roman Medina-Heigl Hernandez did a survey which other webmail systems where vulnerable to a bug he discovered in SquirrelMail. This advisory summarizes the results...

6.8CVSS6.4AI score0.22528EPSS
Exploits1References4
FreeBSD
FreeBSD
•added 2004/05/25 12:0 a.m.•53 views

libxine -- multiple buffer overflows in RTSP

A xine security announcement states: Multiple vulnerabilities have been found and fixed in the Real-Time Streaming Protocol RTSP client for RealNetworks servers, including a series of potentially remotely exploitable buffer overflows. This is a joint advisory by the MPlayer and xine teams as the...

10CVSS7.6AI score0.05116EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/05/20 12:0 a.m.•48 views

cvs -- numerous vulnerabilities

A number of vulnerabilities were discovered in CVS by Stefan Esser, Sebastian Krahmer, and Derek Price. Insufficient input validation while processing "Entry" lines. CVE-2004-0414 A double-free resulting from erroneous state handling while processing "Argumentx" commands. CVE-2004-0416 Integer...

10CVSS7.2AI score0.13206EPSS
Exploits0References12
FreeBSD
FreeBSD
•added 2004/05/20 12:0 a.m.•33 views

Buffer overflow in Squid NTLM authentication helper

Remote exploitation of a buffer overflow vulnerability in the NTLM authentication helper routine of the Squid Web Proxy Cache could allow a remote attacker to execute arbitrary code. A remote attacker can compromise a target system if the Squid Proxy is configured to use the NTLM authentication...

10CVSS7.5AI score0.7107EPSS
Exploits6References4
FreeBSD
FreeBSD
•added 2004/05/19 12:0 a.m.•39 views

XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0

When the IPv6 code was added to xdm a critical test to disable xdmcp was accidentally removed. This caused xdm to create the chooser socket regardless if DisplayManager.requestPort was disabled in xdm-config or not...

7.5CVSS6.5AI score0.02477EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/05/19 12:0 a.m.•34 views

neon date parsing vulnerability

Stefan Esser reports: A vulnerability within a libneon date parsing function could cause a heap overflow which could lead to remote code execution, depending on the application using libneon. The vulnerability is in the function nerfc1036parse, which is in turn used by the function nehttpdatepars...

7.5CVSS6.7AI score0.05015EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/05/19 12:0 a.m.•44 views

subversion date parsing vulnerability

Stefan Esser reports: Subversion versions up to 1.0.2 are vulnerable to a date parsing vulnerability which can be abused to allow remote code execution on Subversion servers and therefore could lead to a repository compromise. NOTE: This vulnerability is similar to the date parsing issue that...

7.5CVSS7AI score0.7525EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2004/05/17 12:0 a.m.•32 views

lha -- numerous vulnerabilities when extracting archives

Source code reviews of lha by Lukasz Wojtow, Thomas Biege, and others uncovered a number of vulnerabilities affecting lha: Buffer overflows when handling archives and filenames. CVE-2004-0694 Possible command execution via shell meta-characters when built with NOMKDIR. CVE-2004-0745 Buffer overfl...

10CVSS7.6AI score0.18827EPSS
Exploits1References4
FreeBSD
FreeBSD
•added 2004/05/15 12:0 a.m.•32 views

mailman -- password disclosure

Barry Warsaw reports: Today I am releasing Mailman 2.1.5, a bug fix release ... This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sites upgrade to the latest version...

5CVSS6.3AI score0.02984EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/05/13 12:0 a.m.•22 views

multiple vulnerabilities in ethereal

Issues have been discovered in multiple protocol dissectors...

10CVSS6.7AI score0.0764EPSS
Exploits0References6
FreeBSD
FreeBSD
•added 2004/05/12 12:0 a.m.•23 views

Cyrus IMSPd multiple vulnerabilities

The Cyrus team reported multiple vulnerabilities in older versions of Cyrus IMSPd: These releases correct a recently discovered buffer overflow vulnerability, as well as clean up a significant amount of buffer handling throughout the code...

2.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2004/05/12 12:0 a.m.•36 views

URI handler vulnerabilities in several browsers

Karol Wiesek and Greg MacManus reported via iDEFENSE that the Opera web browser contains a flaw in the handling of certain URIs. When presented with these URIs, Opera would invoke external commands to process them after some validation. However, if the hostname component of a URI begins with a -'...

7.5CVSS6.5AI score0.07778EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2004/05/06 12:0 a.m.•31 views

exim buffer overflow when verify = header_syntax is used

A remote exploitable buffer overflow has been discovered in exim when verify = headersyntax is used in the configuration file. This does not affect the default configuration...

7.5CVSS6.9AI score0.06974EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2004/05/05 12:0 a.m.•25 views

Several vulnerabilities found in PHPNuke

Janek Vind "waraxe" reports that several issues in the PHPNuke software may be exploited via carefully crafted URL requests. These URLs will permit the injection of SQL code, cookie theft, and the readability of the PHPNuke administrator account...

6.4CVSS7.4AI score0.08095EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2004/05/05 12:0 a.m.•36 views

heimdal kadmind remote heap buffer overflow

An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data int...

10CVSS7.1AI score0.07159EPSS
Exploits0
FreeBSD
FreeBSD
•added 2004/05/04 12:0 a.m.•30 views

MoinMoin administrative group name privilege escalation vulnerability

A serious flaw exists in the MoinMoin software which may allow a malicious user to gain access to unauthorized privileges...

7.5CVSS6.5AI score0.01752EPSS
Exploits0References2
Total number of security vulnerabilities6578