Users login

Create an account »


Users login

Home » Security Advisories » FreeBSD

FreeBSD Security Advisories

Here you'll find the latest security advisories from FreeBSD. Our database currently contains 309 FreeBSD security advisories.
Page: 123456 out of 13

FreeBSD-SA-02:29-Buffer overflow in tcpdump when handling NFS packets | SA-02:29 | July 14, 2002
I. Background The tcpdump utility is used to capture and examining network traffic. II. Problem Description Versions of tcpdump up to and including 3.7.1 contain a buffer overflow that ma

FreeBSD-SA-02:28-resolv | SA-02:28 | June 28, 2002
The resolver implements functions for making, sending and interpreting query and reply messages with Internet domain name servers. Hostnames, IP addresses, and other information are queried using th

FreeBSD-SA-02:27-rc | SA-02:27 | May 29, 2002
rc is the system startup script (/etc/rc). It is run when the FreeBSD is booted multi-user, and performs a multitude of tasks to bring the system up. One of these tasks is to remove lock files lef

FreeBSD-SA-02:26-accept | SA-02:26 | May 29, 2002
FreeBSD features an accept_filter(9) mechanism which allows an application to request that the kernel pre-process incoming connections. For example, the accf_http(9) accept filter prevents accept(2)

FreeBSD-SA-02:24-k5su | SA-02:24 | May 21, 2002
The k5su utility is a SU utility similar to su(1), and is used to switch privileges after authentication using Kerberos 5 or the local passwd(5) file. k5su is installed as part of the `krb5' d

FreeBSD-SA-02:25-bzip2 contains multiple security vulnerabilities | SA-02:25 | May 20, 2002
I. Background bzip2 is an advanced block-sorting file compression utility. II. Problem Description When creating a file during decompression, the bzip2 utility failed to use the O_EXCL fl

FreeBSD-SA-02:23.stdio | SA-02:23 | April 22, 2002
By convention, POSIX systems associate file descriptors 0, 1, and 2 with standard input, standard output, and standard error, respectively. Almost all applications give these stdio file descriptor

FreeBSD-SA-02:21.tcpip - routing table memory leak | SA-02:21 | April 18, 2002
A bug was introduced into ip_output() wherein the processing of an ICMP echo reply message would cause a reference count on a routing table entry to never be decremented. Thus, memory allocated for th

FreeBSD-SA-02:20-syncache/syncookies denial of service | SA-02:20 | April 17, 2002
The SYN cache ("syncache") and SYN cookie mechanism ("syncookie") are features of the TCP/IP stack intended to improve resistance to a class of denial of service attacks known as

FreeBSD-SA-02:19-squid heap buffer overflow in DNS handling | SA-02:19 | March 26, 2002
Incorrect handling of compressed DNS responses could result in a heap buffer overflow. The squid port is not installed by default, nor is it "part of FreeBSD" as such: it is part of the F

FreeBSD-SA-02:18-zlib double-free | SA-02:18 | March 19, 2002
A programming error in zlib may cause segments of dynamically allocated memory to be released more than once (double-freed). If an attacker is able to pass a specially-crafted block of invalid comp

FreeBSD-SA-02:17-mod_frontpage port contains exploitable buffer overflow | SA-02:17 | March 13, 2002
Affected versions of the mod_frontpage port contains several exploitable buffer overflows in the fpexec wrapper, which is installed setuid root.

FreeBSD-SA-02:16-GIF/JPEG comment vulnerability in Netscape | SA-02:16 | March 12, 2002
The GIF89a and JPEG standards permit images to have embedded comments, in which any kind of textual data may be stored. Versions 4.76 and earlier of the Netscape browser will execute JavaScript con

FreeBSD-SA-02:15-cyrus-sasl library contains format string vulnerability | SA-02:15 | March 12, 2002
Affected versions of the cyrus-sasl port contain a format string vulnerability. The format string vulnerability occurs during a call to the syslog(3) function.

FreeBSD-SA-02:14-pam-pgsql port authentication bypass | SA-02:14 | March 12, 2002
pam-pgsql is a PAM module which allows PAM-enabled applications such as login(1) to use a PostgreSQL database for user authentication.

FreeBSD-SA-02:12: multiple security vulnerabilities in squid port | SA-02:12 | February 21, 2002
Topic: multiple security vulnerabilities in squid port Category: ports Module: squid24 Announced: 2002-02-21 Credits: Jouko Pynnonen Henrik N

FreeBSD-SA-02:11: ucd-snmp/net-snmp remotely exploitable vulnerabilities | SA-02:11 | February 14, 2002
The Net-SNMP (previously known as UCD-SNMP) package is a set of Simple Network Management Protocol tools, including an agent, library, and applications for generating and handling requests and traps

FreeBSD-SA-02:09: fstatfs race condition may allow local DoS via procfs | SA-02:09 | February 06, 2002
A race condition existed where a file could be removed between calling fstatfs() and the point where the file is accessed causing the file descriptor to become invalid. This may allow unprivileged

FreeBSD-SA-02:10: rsync port contains remotely exploitable vulnerability | SA-02:10 | February 06, 2002
The rsync port, versions prior to rsync-2.5.1_1, is not careful enough about reading integers from the network. In several places, signed and unsigned numbers are mixed, resulting in erroneous compu

Exec race condition local root compromise | SA-02:08 | January 24, 2002
It is possible for a user to attach a debugger to a process while it is exec'ing, but before the kernel has determined that the process is set-user-ID or set-group-ID.

Kerberos 5 getlogin error | SA-02:07 | January 18, 2002
The k5su command included with FreeBSD, versions prior to 4.5-RELEASE, and the su command included in the heimdal port, versions prior to heimdal-0.4e_2, use the getlogin system call in order to deter

Sudo port enables local privilege escalation | SA-02:06 | January 16, 2002
The sudo port, versions prior to sudo-, contains a vulnerability that may allow a local user to obtain superuser privileges.

Pine port insecure URL handling | SA-02:05 | January 04, 2002
Due to a programming error, PINE does not properly escape meta-characters in the URL before passing it to the command shell as an argument to the web browser.

Mutt ports remotely exploitable buffer overflow | SA-02:04 | January 04, 2002
The mutt ports, versions prior to mutt-1.2.5_1 and mutt-devel-1.3.24_2, contain a buffer overflow in the handling of email addresses in headers.

Mod_auth_pgsql port authentication bypass | SA-02:03 | January 04, 2002
The mod_auth_pgsql port, versions prior to mod_auth_pgsql-0.9.9, contain a vulnerability that may allow a remote user to cause arbitrary SQL code to be execute.

Page: 123456 out of 13

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »