Users login

Create an account »


Users login

Home » Security Advisories » FreeBSD

FreeBSD Security Advisories

Here you'll find the latest security advisories from FreeBSD. Our database currently contains 309 FreeBSD security advisories.
Page: 123456 out of 13

Insufficient range checking of signal numbers | SA-03:09 | August 26, 2003
Some mechanisms for causing a signal to be sent did not properly validate the signal number, in some cases allowing the kernel to attempt to deliver a negative or out-of-range signal number.

Kernel memory disclosure via ibcs2 | SA-03:10 | August 10, 2003
The iBCS2 system call translator for statfs(2) erroneously used the user-supplied length parameter when copying a kernel data structure into userland. If the length parameter were larger than require

Single byte buffer overflow in realpath(3) | SA-03:08 | August 03, 2003
An off-by-one error exists in a portion of realpath(3) that computes the length of the resolved pathname. As a result, if the resolved path name is exactly 1024 characters long and contains at least t

Samba multiple vulnerabilities | SN-03:01 | April 09, 2003
Several vulnerabilities have been found in Samba which, if exploited, could allow remote attackers to execute arbitrary code with root privileges and gain root access.

sendmail header parsing buffer overflow | SA-03:07 | March 30, 2003
A buffer overflow that may occur during header parsing was identified. The overflow is possible due to a programming error involving type conversions in the C programming language.

Brute force attack on SYN cookies | SA-03:03 | February 24, 2003
The FreeBSD syncookie implementation protects the generated ISN using a MAC that is keyed on one of several internal secret keys which are rotated periodically. However, the keys are only 32 bits in

remotely exploitable vulnerability in cvs server | SA-03:01 | February 04, 2003
The implementation of the CVS server contains a programming error which can lead to a block of memory being freed more than once (i.e. a double-free bug).

FreeBSD Security Advisory FreeBSD-SA-02:44.filedesc | SA-02:44 | January 08, 2003
A programming error in the fpathconf system call can result in the given file descriptor's reference count being erroneously incremented.

FreeBSD-SA-02:43.bind [REVISED] | SA-02:43 | November 17, 2002
BIND 8 is an implementation of the Domain Name System (DNS) protocols.

FreeBSD-SA-02:41.smrsh [REVISED] | SA-02:41 | November 17, 2002
Topic: smrsh restrictions can be bypassed [REVISED]

FreeBSD-SA-02:43-bind | SA-02:43 | November 14, 2002
BIND 8 is an implementation of the Domain Name System (DNS) protocols.

FreeBSD-SA-02:41-smrsh | SA-02:41 | November 14, 2002
The sendmail Restricted Shell command (smrsh) is intended as a replacement for the system shell (/bin/sh) for use by sendmail. It limits the set of programs that can be executed through sendmail to

FreeBSD-SA-02:42-resolv | SA-02:42 | November 13, 2002
The resolver implements functions for making, sending and interpreting query and reply messages with Internet domain name servers. Hostnames, IP addresses, and other information are queried using th

FreeBSD-SA-02:40-kadmind | SA-02:40 | November 13, 2002
The Kerberos 4 administrative server, kadmind, runs on the Kerberos Key Distribution Center (KDC) and provides administrative access to the Kerberos database. It is part of the KTH Kerberos 4 impl

FreeBSD-SA-02:39.libkvm | SA-02:39 | September 17, 2002
The kvm(3) library provides a uniform interface for accessing kernel virtual memory images, including live systems and crash dumps. Access to live systems is via /dev/mem and /dev/kmem. Memory can

FreeBSD-SA-02:38.signed-error | SA-02:38 | August 19, 2002
The issue described in this advisory affects the accept(2), getsockname(2), and getpeername(2) system calls, and the vesa(4) FBIO_GETPALETTE ioctl(2).

FreeBSD-SA-02:37.kqueue | SA-02:37 | August 06, 2002
The kqueue mechanism allows a process to register interest in particular events on particular file descriptors, and receive asynchronous notification when these events occur on the selected descrip

FreeBSD-SA-02:36.nfs | SA-02:36 | August 06, 2002
The Network File System (NFS) allows a host to export some or all of its filesystems, or parts of them, so that other hosts can access them over the network and mount them as if they were on local d

FreeBSD-SA-02:35.ffs | SA-02:35 | August 06, 2002
A bug in the calculation of the maximum permitted FFS file size allows users to create files that are larger than FreeBSD's virtual memory system can handle. The integer overflows that result w

FreeBSD-SA-02:34.rpc | SA-02:34 | August 01, 2002
Sun RPC is a remote procedure call framework which allows clients to invoke procedures in a server process over a network somewhat transparently. XDR is a mechanism for encoding data structures for

FreeBSD-SA-02:34.rpc | SA-02:34 | August 01, 2002
Sun RPC is a remote procedure call framework which allows clients to invoke procedures in a server process over a network somewhat transparently. XDR is a mechanism for encoding data structures for

FreeBSD-SA-02:32.pppd | SA-02:32 | July 31, 2002
FreeBSD ships with several implementations of the Point-to-Point Protocol (PPP). The pppd program is one of these implementations. It provides basic support for negotiating a link, while encapsula

FreeBSD-SA-02:23.stdio | SA-02:23 | July 30, 2002
By convention, POSIX systems associate file descriptors 0, 1, and 2 with standard input, standard output, and standard error, respectively. Almost all applications give these stdio file descriptor

FreeBSD-SA-02:31-openssh contains remote vulnerability | SA-02:31 | July 16, 2002
OpenSSH is a free implementation of the SSH protocol suite, and provides encrypted and authenticated remote login, file transfer and command execution.

FreeBSD-SA-02:30-Users may trace previously privileged processes | SA-02:30 | July 14, 2002
The ktrace utility is a debugging tool that allows users to trace system calls, I/O, and file system lookup operations executed by or on behalf of a process and its children. Since this could poten

Page: 123456 out of 13

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »