CVE-2015-1417
https://notcve.org/view.php?id=CVE-2015-1417
The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 on systems with VNET enabled and at least 16 VNET instances allows remote attackers to cause a denial of service (mbuf consumption) via multiple concurrent TCP connections. El módulo inet en FreeBSD versión 10.2x anterior a 10.2-PRERELEASE, versión 10.2-BETA2-p2, versión 10.2-RC1-p1, versión 10.1x anterior a 10.1-RELEASE-p16, versión 9.x anterior a 9.3-STABLE, versión 9.3-RELEASE-p21, y versión 8. x anterior a 8.4-ESTABLE, versión 8.4-RELEASE-p35 en sistemas con VNET habilitado y al menos 16 peticiones VNET permiten a los atacantes remotos causar una denegación de servicio (consumo de mbuf) por medio de múltiples conexiones TCP concurrentes. • http://www.securityfocus.com/bid/76112 http://www.securitytracker.com/id/1033111 https://www.freebsd.org/security/advisories/FreeBSD-SA-15:15.tcp.asc • CWE-400: Uncontrolled Resource Consumption •
CVE-2015-2923
https://notcve.org/view.php?id=CVE-2015-2923
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. La implementación del protocolo Neighbor Discovery (ND) en la pila de IPv6 en FreeBSD versiones hasta 10.1, permite a atacantes remotos reconfigurar una configuración de hop-limit por medio de un valor hop_limit pequeño en un mensaje Router Advertisement (RA). • http://openwall.com/lists/oss-security/2015/04/04/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041934.html https://www.freebsd.org/security/advisories/FreeBSD-SA-15:09.ipv6.asc • CWE-20: Improper Input Validation •
CVE-2015-1415 – FreeBSD 10.x ZFS encryption.key Disclosure
https://notcve.org/view.php?id=CVE-2015-1415
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file. El instalador bsdinstall en FreeBSD 10.x anterior a 10.1 p9, cuando configura ZFS codificado de disco completo, utiliza permisos de lectura universal para el fichero de claves GELI (/boot/encryption.key), lo que permite a usuarios locales obtener información sensible de claves mediante la lectura del fichero. FreeBSD 10.x installer supports the installation of FreeBSD 10.x on an encrypted ZFS filesystem by default. When using the encryption system within ZFS during the installation of FreeBSD 10.0 and FreeBSD 10.1, the encryption.key has wrong permissions which allow local users to read this file. Even if the keyfile is passphrase-encrypted, it can present a risk. • http://packetstormsecurity.com/files/131338/FreeBSD-10.x-ZFS-encryption.key-Disclosure.html http://www.securityfocus.com/archive/1/535209/100/0/threaded http://www.securitytracker.com/id/1032042 https://www.freebsd.org/security/advisories/FreeBSD-SA-15:08.bsdinstall.asc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1414
https://notcve.org/view.php?id=CVE-2015-1414
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory. Desbordamiento de enteros en FreeBSD anterior a 8.4 p24, 9.x anterior a 9.3 p10. 10.0 anterior a p18, y 10.1 anterior a p6 permite a atacantes remotos causar una denegación de servicio (caída) a través de un paquete IGMP, lo que provoca un cálculo de tamaño incorrecto y una reserva de memoria insuficiente. • http://www.debian.org/security/2015/dsa-3175 http://www.securityfocus.com/bid/72777 http://www.securitytracker.com/id/1031798 https://kc.mcafee.com/corporate/index?page=content&id=SB10107 https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc •
CVE-2014-8613
https://notcve.org/view.php?id=CVE-2014-8613
The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk. El módulo sctp en FreeBSD 10.1 anterior a p5, 10.0 anterior a p17, 9.3 anterior a p9, y 8.4 anterior a p23 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y pánico del kernel) a través de un fragmento RE_CONFIG manipulado. • http://www.securityfocus.com/bid/72345 http://www.securitytracker.com/id/1031649 https://www.freebsd.org/security/advisories/FreeBSD-SA-15:03.sctp.asc •