Lucene search
K
FreebsdRecent

6583 matches found

FreeBSD
FreeBSD
•added 2013/08/07 12:0 a.m.•24 views

nas -- multiple vulnerabilities

Hamid Zamani reports: multiple security problems buffer overflows, format string vulnerabilities and missing input sanitising, which could lead to the execution of arbitrary code...

7.5CVSS6.9AI score0.0408EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2013/08/06 12:0 a.m.•51 views

cacti -- allow remote attackers to execute arbitrary SQL commands

Cacti release reports: Multiple security vulnerabilities have been fixed: SQL injection vulnerabilities...

7.5CVSS7.2AI score0.02391EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/08/06 12:0 a.m.•54 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2013-63 Miscellaneous memory safety hazards rv:23.0 / rv:17.0.8 MFSA 2013-64 Use after free mutating DOM during SetBody MFSA 2013-65 Buffer underflow when generating CRMF requests MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater MFS...

10CVSS8.1AI score0.40118EPSS
Exploits15References11
FreeBSD
FreeBSD
•added 2013/08/05 12:0 a.m.•37 views

samba -- denial of service vulnerability

The Samba project reports: All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file...

5CVSS6.2AI score0.69008EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2013/08/04 12:0 a.m.•13 views

phpMyAdmin -- clickJacking protection can be bypassed

The phpMyAdmin development team reports: phpMyAdmin has a number of mechanisms to avoid a clickjacking attack, however these mechanisms either work only in modern browser versions, or can be bypassed. "We have no solution for 3.5.x, due to the proposed solution requiring JavaScript. We don't want...

2.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2013/07/30 12:0 a.m.•48 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: Eleven vulnerabilities, including: 257748 Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik Bhargavan. 260106 High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer. 260165 High CVE-2013-2883: Use-after-free in MutationObserver. Cred...

7.5CVSS1.3AI score0.02493EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2013/07/30 12:0 a.m.•40 views

typo3 -- Multiple vulnerabilities in TYPO3 Core

Typo Security Team reports: It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting and Remote Code Execution. TYPO3 bundles flash files for video and audio playback. Old versions of FlowPlayer and flashmedia are susceptible to Cross-Site Scripting. No authentication is...

9.3AI score
Exploits0
FreeBSD
FreeBSD
•added 2013/07/28 12:0 a.m.•11 views

phpMyAdmin -- multiple vulnerabilities

The phpMyAdmin development team reports: XSS due to unescaped HTML Output when executing a SQL query. 5 XSS vulnerabilities in setup, chart display, process list, and logo link. If a crafted version.json would be presented, an XSS could be introduced. Full path disclosure vulnerabilities. XSS...

7.3AI score
Exploits0References9
FreeBSD
FreeBSD
•added 2013/07/26 12:0 a.m.•45 views

bind -- denial of service vulnerability

ISC reports: A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query...

7.8CVSS7.5AI score0.3415EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/07/24 12:0 a.m.•44 views

openafs -- single-DES cell-wide key brute force vulnerability

OpenAFS Project reports: The small size of the DES key space permits an attacker to brute force a cell's service key and then forge traffic from any user within the cell. The key space search can be performed in under 1 day at a cost of around $100 using publicly available services...

4.3CVSS6.3AI score0.00761EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2013/07/22 12:0 a.m.•26 views

lcms2 -- Null Pointer Dereference Denial of Service Vulnerability

Mageia security team reports: It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash CVE-2013-4160...

5CVSS6.3AI score0.02809EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2013/07/19 12:0 a.m.•30 views

subversion -- remotely triggerable "Assertion failed" DoS vulnerability or read overflow.

Subversion Project reports: Subversion's moddavsvn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a SEGFAULT or equivalent or undefined behavior...

4CVSS6.5AI score0.04383EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/07/18 12:0 a.m.•29 views

GnuPG and Libgcrypt -- side-channel attack vulnerability

Werner Koch of the GNU project reports: Noteworthy changes in version 1.5.3: Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys... Note that Libgcrypt is used by GnuPG 2.x and thus this release fixes the above problem. The fix for GnuPG less than 2.0 can be found in th...

1.9CVSS6.6AI score0.00533EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2013/07/18 12:0 a.m.•16 views

gnupg -- side channel attack on RSA secret keys

A Yarom and Falkner paper reports: Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy...

3AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2013/07/13 12:0 a.m.•34 views

squid -- denial of service

Squid project reports: Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted HTTP requests This problem allows any client who can generate HTTP requests to perform a denial of service attack on the Squid service...

5CVSS6.3AI score0.80451EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/07/11 12:0 a.m.•51 views

apache24 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports: moddav: Sending a MERGE request against a URI handled by moddavsvn with the source href sent as part of the request body as XML pointing to a URI that is not configured for DAV will trigger a segfault. modsessiondbd: Make sure that dirty flag is respected when...

7.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2013/07/10 12:0 a.m.•43 views

PHP5 -- Heap corruption in XML parser

The PHP development team reports: ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the...

6.8CVSS7AI score0.05186EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/07/09 12:0 a.m.•34 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some since fixed server-side bugs. 252216 Low CVE-2013-2867: Block pop-unders in various scenarios. 252062 High CVE-2013-2879: Confusion setting up sign-in and...

9.3CVSS1.2AI score0.04733EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/07/09 12:0 a.m.•19 views

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system...

10CVSS6.5AI score0.08031EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/07/09 12:0 a.m.•54 views

otrs -- Sql Injection + Xss Issue

The OTRS Project reports: An attacker with a valid agent login could manipulate URLs leading to SQL injection. An attacker with a valid agent login could manipulate URLs in the ITSM ConfigItem search, leading to a JavaScript code injection XSS problem...

8.8CVSS7.8AI score0.01322EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/07/08 12:0 a.m.•37 views

PuTTY -- Four security holes in versions before 0.63

Simon Tatham reports: This 0.63 release fixes multiple security holes in previous versions of PuTTY, which can allow an SSH-2 server to make PuTTY overrun or underrun buffers and crash. ... These vulnerabilities can be triggered before host key verification, which means that you are not even safe...

6.8CVSS6.3AI score0.03447EPSS
Exploits4References5
FreeBSD
FreeBSD
•added 2013/07/06 12:0 a.m.•33 views

FreeBSD -- Incorrect privilege validation in the NFS server

Problem Description: The kernel incorrectly uses client supplied credentials instead of the one configured in exports5 when filling out the anonymous credential for a NFS export, when -network or -host restrictions are used at the same time. Impact: The remote client may supply privileged...

6.4CVSS6.3AI score0.02137EPSS
Exploits1
FreeBSD
FreeBSD
•added 2013/07/05 12:0 a.m.•39 views

puppet -- multiple vulnerabilities

Puppet Labs reports: By using the resourcetype service, an attacker could cause puppet to load arbitrary Ruby files from the puppet master node's file system. While this behavior is not enabled by default, auth.conf settings could be modified to allow it. The exploit requires local file system...

5.1CVSS6.4AI score0.01643EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2013/06/30 12:0 a.m.•24 views

phpMyAdmin -- Global variable scope injection

The phpMyAdmin development team reports: The import.php script was vulnerable to GLOBALS variable injection. Therefore, an attacker could manipulate any configuration parameter. This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents...

5.5CVSS6.6AI score0.01055EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2013/06/28 12:0 a.m.•27 views

gallery -- multiple vulnerabilities

Red Hat Security Response Team reports: Gallery upstream has released 3.0.9 version, correcting two security flaws: Issue 1 - Improper stripping of URL fragments in flowplayer SWF file might lead to reply attacks a different flaw than CVE-2013-2138. Issue 2 - gallery3: Multiple information exposu...

7.5CVSS6.2AI score0.02707EPSS
Exploits1References5
FreeBSD
FreeBSD
•added 2013/06/27 12:0 a.m.•30 views

libzrtpcpp -- multiple security vulnerabilities

Mark Dowd reports: Vulnerability 1. Remote Heap Overflow: If an attacker sends a packet larger than 1024 bytes that gets stored temporarily which occurs many times - such as when sending a ZRTP Hello packet, a heap overflow will occur, leading to potential arbitrary code execution on the vulnerab...

7.5CVSS6.9AI score0.04323EPSS
Exploits1
FreeBSD
FreeBSD
•added 2013/06/27 12:0 a.m.•35 views

ruby -- Hostname check bypassing vulnerability in SSL client

Ruby Developers report: Ruby's SSL client implements hostname identity check but it does not properly handle hostnames in the certificate that contain null bytes...

6.8CVSS6.4AI score0.02767EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/27 12:0 a.m.•28 views

apache-xml-security-c -- heap overflow during XPointer evaluation

The Apache Software Foundation reports: The attempted fix to address CVE-2013-2154 introduced the possibility of a heap overflow, possibly leading to arbitrary code execution, in the processing of malformed XPointer expressions in the XML Signature Reference processing code...

7.5CVSS6.7AI score0.06018EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/06/25 12:0 a.m.•26 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: Miscellaneous memory safety hazards rv:22.0 / rv:17.0.7 Title: Memory corruption found using Address Sanitizer Privileged content access and execution via XBL Arbitrary code execution within Profiler Execution of unmapped memory through onreadystatechange Data in the...

10CVSS8.5AI score0.69021EPSS
Exploits11References15
FreeBSD
FreeBSD
•added 2013/06/22 12:0 a.m.•31 views

cURL library -- heap corruption in curl_easy_unescape

cURL developers report: libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL-encoded strings to raw binary data. URL-encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal...

6.8CVSS6.4AI score0.11118EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2013/06/21 12:0 a.m.•35 views

polarssl -- denial of service vulnerability

Paul Bakker reports: A bug in the logic of the parsing of PEM encoded certificates in x509parsecrt can result in an infinite loop, thus hogging processing power. While parsing a Certificate message during the SSL/TLS handshake, PolarSSL extracts the presented certificates and sends them on to be...

4.3CVSS7.3AI score0.01887EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/06/21 12:0 a.m.•44 views

wordpress -- multiple vulnerabilities

The wordpress development team reports: Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site Disallow contributors from improperly publishing posts An update to the SWFUpload external library to fix cross-site scripting vulnerabilities...

4.3CVSS6.5AI score0.0296EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/06/21 12:0 a.m.•42 views

apache22 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports: The modrewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a...

7.6AI score
Exploits0
FreeBSD
FreeBSD
•added 2013/06/18 12:0 a.m.•27 views

otrs -- information disclosure

The OTRS Project reports: An attacker with a valid agent login could manipulate URLs in the ticket watch mechanism to see contents of tickets they are not permitted to see...

6.5CVSS6.7AI score0.02366EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/18 12:0 a.m.•32 views

FreeBSD -- Privilege escalation via mmap

Due to insufficient permission checks in the virtual memory system, a tracing process such as a debugger may be able to modify portions of the traced process's address space to which the traced process itself does not have write access...

6.9CVSS6.3AI score0.06942EPSS
Exploits10
FreeBSD
FreeBSD
•added 2013/06/18 12:0 a.m.•28 views

apache-xml-security-c -- heap overflow

The Apache Software Foundation reports: A heap overflow exists in the processing of the PrefixList attribute optionally used in conjunction with Exclusive Canonicalization, potentially allowing arbitary code execution. If verification of the signature occurs prior to actual evaluation of a signin...

7.5CVSS6.9AI score0.08402EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/15 12:0 a.m.•12 views

tor -- guard discovery

The Tor Project reports: Disable middle relay queue overfill detection code due to possible guard discovery attack...

0.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/13 12:0 a.m.•38 views

puppet -- Unauthenticated Remote Code Execution Vulnerability

Puppet Developers report: When making REST api calls, the puppet master takes YAML from an untrusted client, deserializes it, and then calls methods on the resulting object. A YAML payload can be crafted to cause the deserialization to construct an instance of any class available in the ruby...

7.5CVSS6.7AI score0.03408EPSS
Exploits0
FreeBSD
FreeBSD
•added 2013/06/13 12:0 a.m.•29 views

dbus -- local dos

Simon McVittie reports: Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in dbusprintfstringupperbound. This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. It is platform-specific: x86-64...

1.9CVSS5.5AI score0.00383EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/12 12:0 a.m.•35 views

samba -- Private key in key.pem world readable

The Samba project reports: Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesyst...

1.2CVSS5.8AI score0.00435EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/12 12:0 a.m.•29 views

samba -- ACLs are not checked on opening an alternate data stream on a file or directory

The Samba project reports: Samba versions 3.2.0 and above all versions of 3.2.x, 3.3.x, 3.4.x, 3.5.x, 3.6.x, 4.0.x and 4.1.x do not check the underlying file or directory ACL when opening an alternate data stream. According to the SMB1 and SMB2+ protocols the ACL on an underlying file or director...

4CVSS6.4AI score0.09017EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/11 12:0 a.m.•27 views

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system...

10CVSS6.5AI score0.05209EPSS
Exploits0
FreeBSD
FreeBSD
•added 2013/06/07 12:0 a.m.•22 views

xdm -- remote denial of service

nvd.nist.gov reports X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a denial of service NULL pointer dereference and crash by attempting to log int...

4.3CVSS4AI score0.02437EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/06/06 12:0 a.m.•30 views

php5 -- Heap based buffer overflow in quoted_printable_encode

The PHP development team reports: A Heap-based buffer overflow flaw was found in the php quotedprintableencode function. A remote attacker could use this flaw to cause php to crash or execute arbirary code with the permission of the user running php...

5CVSS7.1AI score0.06748EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/06/05 12:0 a.m.•33 views

phpMyAdmin -- XSS due to unescaped HTML output in Create View page

The phpMyAdmin development team reports: When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS. This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from...

3.5CVSS6.2AI score0.01149EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/04 12:0 a.m.•42 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 242322 Medium CVE-2013-2855: Memory corruption in dev tools API. Credit to "daniel.zulla". 242224 High CVE-2013-2856: Use-after-free in input handling. Credit to miaubiz. 240124 High CVE-2013-2857: Use-after-free in image handling. Credit to miaubiz. 239897 High...

10CVSS2.4AI score0.03585EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/06/04 12:0 a.m.•41 views

dns/bind9* -- A recursive resolver can be crashed by a query for a malformed zone

ISC reports: A bug has been discovered in the most recent releases of BIND 9 which has the potential for deliberate exploitation as a denial-of-service attack. By sending a recursive resolver a query for a record in a specially malformed zone, an attacker can cause BIND 9 to exit with a fatal...

7.8CVSS6.8AI score0.0511EPSS
Exploits0
FreeBSD
FreeBSD
•added 2013/05/31 12:0 a.m.•36 views

devel/subversion -- fsfs repositories can be corrupted by newline characters in filenames

Subversion team reports: If a filename which contains a newline character ASCII 0x0a is committed to a repository using the FSFS format, the resulting revision is corrupt...

5.5CVSS6.4AI score0.02814EPSS
Exploits0
FreeBSD
FreeBSD
•added 2013/05/31 12:0 a.m.•28 views

devel/subversion -- svnserve remotely triggerable DoS

Subversion team reports: Subversion's svnserve server process may exit when an incoming TCP connection is closed early in the connection process...

7.8CVSS6.5AI score0.03894EPSS
Exploits0
FreeBSD
FreeBSD
•added 2013/05/31 12:0 a.m.•36 views

devel/subversion -- contrib hook-scripts can allow arbitrary code execution

Subversion team reports: The script contrib/hook-scripts/check-mime-type.pl does not escape argv arguments to 'svnlook' that start with a hyphen. This could be used to cause 'svnlook', and hence check-mime-type.pl, to error out. The script contrib/hook-scripts/svn-keyword-check.pl parses filename...

7.1CVSS6.5AI score0.31466EPSS
Exploits5
Total number of security vulnerabilities6583