CVE-2009-2208
https://notcve.org/view.php?id=CVE-2009-2208
FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU. FreeBSD v6.3, v6.4, v7.1, y v7.2 no respeta los permisos sobre SIOCSIFINFO_IN6 IOCTL, lo que permite a usuarios locales modificar o deshabilitar interfaces de red IPv6, como se ha desmostrado modificando el MTU. • http://secunia.com/advisories/35410 http://security.FreeBSD.org/advisories/FreeBSD-SA-09:10.ipv6.asc http://www.securityfocus.com/bid/35285 http://www.securitytracker.com/id?1022367 https://exchange.xforce.ibmcloud.com/vulnerabilities/51044 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-1935
https://notcve.org/view.php?id=CVE-2009-1935
Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pages via unspecified vectors. Desbordamiento de entero en la función pipe_build_write_buffer (sys/kern/sys_pipe.c) en la característica de escritura directa en la implementación del filtro en FreeBSD v7.1 hasta v7.2 y v6.3 hasta v6.4, permite a usuarios locales saltarse las búsquedas de direcciones virtual-to-physical, y leer información sensible en paginas de memoria a través de vectores no específicos. • http://osvdb.org/55044 http://secunia.com/advisories/35398 http://security.freebsd.org/advisories/FreeBSD-SA-09:09.pipe.asc http://security.freebsd.org/patches/SA-09:09/pipe.patch http://www.securityfocus.com/bid/35279 http://www.securitytracker.com/id?1022365 https://exchange.xforce.ibmcloud.com/vulnerabilities/51109 • CWE-189: Numeric Errors •
CVE-2009-1436 – FreeBSD 7.1 - libc Berkley DB Interface Uninitialized Memory Local Information Disclosure
https://notcve.org/view.php?id=CVE-2009-1436
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file. La interfaz de base de datos en libc en FreeBSD 6.3, 6.4, 7.0, 7.1, y 7.2-PRERELEASE no inicializa correctamente la memoria para las estructuras de la base de datos Berkeley DB v1.85, lo cual permite a usuarios locales obtener información sensible mediante la lectura de un archivo de base de datos. • https://www.exploit-db.com/exploits/32946 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10756 http://osvdb.org/53918 http://secunia.com/advisories/34810 http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc http://www.securityfocus.com/bid/34666 http://www.securitytracker.com/id?1022113 • CWE-20: Improper Input Validation •
CVE-2008-5736 – FreeBSD 6.4 - Netgraph Privilege Escalation
https://notcve.org/view.php?id=CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets. Múltiples vulnerabilidades sin especificar en FreeBSD 6 antes de 6.4-STABLE, 6.3 antes de 6.3-RELEASE-p7, 6.4 antes de 6.4-RELEASE-p1, 7.0 antes de 7.0-RELEASE-p7, 7.1 antes de 7.1-RC2 y 7 antes de 7.1-PRERELEASE permite a usuarios locales obtener privilegios mediante vectores de ataque desconocidos relacionados con punteros de funciones que "no están correctamente inicializados" para sockets(1) netgraph y (2) bluetooth. • https://www.exploit-db.com/exploits/16951 http://osvdb.org/50936 http://secunia.com/advisories/33209 http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc http://securityreason.com/securityalert/8124 http://www.exploit-db.com/exploits/16951 http://www.securityfocus.com/bid/32976 http://www.securitytracker.com/id?1021491 https://exchange.xforce.ibmcloud.com/vulnerabilities/47570 https://www.exploit-db.com/exploits/7581 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, permite a atacantes remotos provocar una denegación de servicio (agotamiento de cola de conexión) a través de múltiples vectores que manipulan información en la tabla de estados del TCP, como lo demuestra sockstress. • http://blog.robertlee.name/2008/10/conjecture-speculation.html http://insecure.org/stf/tcp-dos-attack-explained.html http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html http://www.cpni • CWE-16: Configuration •