Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » FreeBSD

FreeBSD Security Advisories

Here you'll find the latest security advisories from FreeBSD. Our database currently contains 309 FreeBSD security advisories.
Page: 123456 out of 13

Jail startup script conflicts | EN-06:01.jail | July 07, 2006
The names of several internal variables in the jail startup script conflicted with those of global variables that could be set by administrators. In addition, some configuration variables are not p

Sendmail incorrect multipart handling | SA-06:17.sendmail | June 14, 2006
An attacker able to send mail to, or via, a server can cause queued messages on the system to not be delivered, by causing the sendmail process which handles queued messages to crash. Note that this
» CVE-2006-1173 Low: Sendmail before 8.13.7 allows remote a (0.00)

Smbfs chroot escape | SA-06:16.smbfs | May 31, 2006
When inside a chroot environment which resides on a smbfs mounted file-system it is possible for an attacker to escape out of this chroot to any other directory on the smbfs mounted file-system.
» CVE-2006-1863 Low: Directory traversal vulnerability in C (0.00) » CVE-2006-1864 Low: Directory traversal vulnerability in s (0.00) » CVE-2006-2654 Low: Directory traversal vulnerability in s (0.00)

Ypserv inoperative access controls | SA-06:15.ypserv | May 31, 2006
Ypserv will not load or process any of the networks or hosts specified in the /var/yp/securenets file, rendering those access controls ineffective.
» CVE-2006-2655 Low: The build process for ypserv in FreeBS (0.00)

FPU information disclosure | SA-06:14.fpu | April 19, 2006
On affected processors, a local attacker can monitor the execution path of a process which uses floating-point operations. This may allow an attacker to steal cryptographic keys or other sensitive inf
» CVE-2006-1056 Low: The Linux kernel before 2.6.16.9 and t (0.00)

Sendmail arbitrary code execution | SA-06:13.sendmail | March 22, 2006
A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
» CVE-2006-0058 Low: Signal handler race condition in Sendm (0.00)

OPIE arbitrary password change | SA-06:12.opie | March 22, 2006
If the attacker is able to authenticate as root using OPIE authentication, for example if "PermitRootLogin" is set to "yes" in sshd_config or the attacker has access to a local user in the "wheel" gro
» CVE-2006-1283 Low: opiepasswd in One-Time Passwords in Ev (0.00)

IPsec replay attack vulnerability | SA-06:11.ipsec | March 22, 2006
An attacker able to to intercept IPSec packets can replay them. If higher level protocols which do not provide any protection against packet replays are used, this may have a variety of effects.
» CVE-2006-0905 Low: A "programming error" in fast_ipsec in (0.00)

NFS server remote denial of service | SA-06:10.nfs | March 01, 2006
A part of the NFS server code charged with handling incoming RPC messages via TCP had an error which, when the server received a message with a zero-length payload, would cause a NULL pointer derefere
» CVE-2006-0900 Low: nfsd in FreeBSD 6.0 kernel allows remo (0.00)

OpenSSH remote denial of service | SA-06:09.openssh | March 01, 2006
By repeatedly connecting to a vulnerable server, waiting for a password prompt, and closing the connection, an attacker can cause OpenSSH to stop accepting client connections until the system restart
» CVE-2006-0883 Low: OpenSSH on FreeBSD 5.3 and 5.4, when u (0.00)

OpenSSH remote denial of service | SA-06:09.openssh | March 01, 2006
By repeatedly connecting to a vulnerable server, waiting for a password prompt, and closing the connection, an attacker can cause OpenSSH to stop accepting client connections until the system restart
» CVE-2006-0883 Low: OpenSSH on FreeBSD 5.3 and 5.4, when u (0.00)

SACK denial of service | SA-06:08.sack | February 01, 2006
When insufficient memory is available to handle an incoming selective acknowledgement, the TCP/IP stack may enter an infinite loop. By opening a TCP connection and sending a carefully crafted series o
» CVE-2006-0433 Low: Selective Acknowledgement (SACK) in Fr (0.00)

Pf ruleset crash | SA-06:07.pf | January 25, 2006
By sending carefully crafted sequence of IP packet fragments, a remote attacker can cause a system running pf with a ruleset containing a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule to cra
» CVE-2006-0381 Low: A logic error in the IP fragment cache (0.00)

Kernel memory disclosure | SA-06:06.kmem | January 25, 2006
Portions of kernel memory may be disclosed to local users. Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly u
» CVE-2006-0379 Low: FreeBSD kernel 5.4-STABLE and 6.0 does (0.00) » CVE-2006-0380 Low: A logic error in FreeBSD kernel 5.4-ST (0.00)

IEEE 802.11 buffer overflow | SA-06:05.80211 | January 18, 2006
An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer.
» CVE-2006-0226 Low: Integer overflow in IEEE 802.11 networ (0.00)

Texindex temp file privilege escalation #2 | SA-06:01.texindex:2 | January 11, 2006
This updated advisory provides corrected instructions for rebuilding texindex.

ipfw IP fragment DoS | SA-06:04.ipfw | January 11, 2006
An attacker can cause the firewall to crash by sending ICMP IP fragments to or through firewalls which match any reset, reject or unreach actions.
» CVE-2006-0054 Low: The ipfw firewall in FreeBSD 6.0-RELEA (0.00)

Cpio multiple vulnerabilities | SA-06:03.cpio | January 11, 2006
The first problem can allow a local attacker to change the permissions of files owned by the user executing cpio providing that they have write access to the directory in which the file is being extra
» CVE-2005-1111 Low: Race condition in cpio 2.6 and earlier (0.00) » CVE-2005-1229 Low: Directory traversal vulnerability in c (0.00) » CVE-2005-4268 Low: Buffer overflow in cpio 2.6-8.FC4 on 6 (0.00)

ee temporary file privilege escalation | SA-06:02.ee | January 11, 2006
These predictable temporary file names are problematic because they allow an attacker to take advantage of a race condition in order to execute a symlink attack, which could enable them to overwrite f
» CVE-2006-0055 Low: The ispell_op function in ee on FreeBS (0.00)

Texindex temporary file privilege escalation | SA-06:01.texindex | January 11, 2006
These predictable temporary file names are problematic because they allow an attacker to take advantage of a race condition in order to execute a symlink attack, which could enable them to overwrite f

NFS kernel panic | EN-05:04.nfs | December 19, 2005
Due to a locking issue in nfs_lookup() a call to vrele() might be made while holding the vnode mutex, which results in kernel panic when doing VFS operations under certain load patterns.

OpenSSL security issue | SA-05:21.openssl | October 11, 2005
If the SSL_OP_MSIE_SSLV2_RSA_PADDING option is enabled in a server application using OpenSSL, an attacker who is able to intercept and tamper with packets transmitted between a client and the server c

Cvsbug race condition | SA-05:20.cvsbug | September 07, 2005
A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file. While cvsbug is b

Cvsbug race condition | SA-05:20.cvsbug | September 07, 2005
A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.

AES-XCBC-MAC Incorrect key usage | SA-05:19.ipsec | July 27, 2005
If the AES-XCBC-MAC algorithm is used for authentication in the absence of any encryption, then an attacker may be able to forge packets which appear to originate from a different system and thereby

Page: 123456 out of 13

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »