Computer Security
[EN] securityvulns.ru no-pyccku


OpenPAM protection bypass
Published:04.06.2014
Source:
SecurityVulns ID:13807
Type:library
Threat Level:
5/10
Description:In some situations policy from valid location may not be loaded.
CVE:CVE-2014-3879
Original documentdocumentFREEBSD, [oss-security] FreeBSD Security Advisory FreeBSD-SA-14:13.pam (04.06.2014)

FreeBSD ktrace information leakage
Published:04.06.2014
Source:
SecurityVulns ID:13808
Type:local
Threat Level:
7/10
Description:It's possible to obtain kernel memory content.
Affected:FREEBSD : FreeBSD 8.4
 FREEBSD : FreeBSD 9.2
CVE:CVE-2014-3873 (The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-14:12.ktrace (04.06.2014)

sendmail file descriptor leakage
Published:04.06.2014
Source:
SecurityVulns ID:13809
Type:local
Threat Level:
5/10
Description:File descriptors are not closed on external applications call.
Affected:SENDMAIL : Sendmail 8.14
CVE:CVE-2014-3956 (The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail (04.06.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod