Computer Security

Search:Software:FreeBSD 5.5
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



See also
  FREEBSD : FreeBSD 9.0
  FREEBSD : FreeBSD 8.2
  FREEBSD : FreeBSD 7.4
  FREEBSD : FreeBSD 8.1
  FREEBSD : FreeBSD 7.3
  FREEBSD : FreeBSD 8.0
  FREEBSD : FreeBSD 7.2
  FREEBSD : FreeBSD7.0
  FREEBSD : FreeBSD 6.4
  FREEBSD : FreeBSD 7.1
  FREEBSD : FreeBSD 6.3
  FREEBSD : FreeBSD 6.2
  FREEBSD : FreeBSD 7.0
  FREEBSD : FreeBSD 6.0
  FREEBSD : FreeBSD 4.11
Name:FREEBSD : FreeBSD 5.5

 FreeBSD sendfile() privilege escalation
document Syscall allows read access to write-only files.
 FreeBSD pty hijacking
document 'script' users openpty in insecure way, ptsname incorrectly extracts device name.
6!FreeBSD pseudo-random numbers generator weakness
document SAme PRNG sequence may be reproduced twice under some conditions.
 libarchive multiple security vulnerabilities
document Memory corruption, buffer overflow, NULL pointer dereference.
6!Linux and BSD based Unix system IPv6 traffic amplification
document IPv6 routing header allows to set route in a way to trasmit packet for multiple times over the same link.
 FreeBSD jail rc.d symbolic links problem
document Multiple conditions allow to write files begind jailed environment, as an example symbolic link /var/log/console.log.
6!FireWire IOCTL integer overflow in different BSD-based Unix system
updated since 16.11.2006
document Negative IOCTL paramter value allows read access to kernel memory.
 Multiple FreeBSD kernel integer overflow
document Integer overflow and signed/unsigned conversion problems in i386_set_ldt().
 FreeBSD sppp buffer overflow
updated since 24.08.2006
document Buffer overflow on synchronous PPP LCP option parsing.
6!Linux / FreeBSD kernel SMBFS/CIFSFS chroot restriction bypass
updated since 28.04.2006
document It's possible to traverse chroot directory.
6!FreeBSD ypserv NIS access protection bypass
document /var/yp/securenets access control restrictions do not work.
9!Sendmail mail server race conditions
updated since 22.03.2006
document Race conditions on signals processing with setjmp/longjmp allow remote code execution.
6!FreeBSD IPSec replay attack
document fast_ipsec implementation doesn't increment packet sequence number, allowing replay attack for captured packet.
6!opie one time password system privilege escalation
document Under some conditions unprivileged user can be validated as 'root'.
                    
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server