FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

FreeBSD

[by package name] [by topic] [by CVE name] [by entry date] [by modified date] [by VuXML ID]
FreeBSD at FreshPorts.org
Entered Topic
2013-04-29 FreeBSD -- NFS remote denial of service
2013-04-02 FreeBSD -- BIND remote denial of service
FreeBSD -- OpenSSL multiple vulnerabilities
2013-02-21 FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query
FreeBSD -- glob(3) related resource exhaustion
2012-11-24 FreeBSD -- Insufficient message length validation for EAP-TLS messages
FreeBSD -- Linux compatibility layer input validation error
FreeBSD -- Multiple Denial of Service vulnerabilities with named(8)
2012-08-07 FreeBSD -- named(8) DNSSEC validation Denial of Service
2012-06-27 FreeBSD -- Incorrect crypt() hashing
FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8)
FreeBSD -- OpenSSL multiple vulnerabilities
FreeBSD -- Privilege escalation when returning from kernel
2012-01-29 FreeBSD -- Buffer overflow in handling of UNIX socket addresses
FreeBSD -- errors handling corrupt compress file in compress(1) and gzip(1)
FreeBSD -- Network ACL mishandling in mountd(8)
FreeBSD -- pam_ssh improperly grants access when user account has unencrypted SSH private keys
FreeBSD -- pam_ssh() does not validate service names
2011-12-26 krb5-appl -- telnetd code execution vulnerability
2011-12-23 proftpd -- arbitrary code execution vulnerability with chroot
2011-11-16 BIND -- Remote DOS
2010-10-24 FreeBSD -- BIND named(8) cache poisoning with DNSSEC validation
FreeBSD -- Improper environment sanitization in rtld(1)
FreeBSD -- Inappropriate directory permissions in freebsd-update(8)
FreeBSD -- Insufficient environment sanitization in jail(8)
FreeBSD -- Integer overflow in bzip2 decompression
FreeBSD -- Lost mbuf flag resulting in data corruption
FreeBSD -- ntpd mode 7 denial of service
FreeBSD -- OPIE off-by-one stack overflow
FreeBSD -- SSL protocol flaw
FreeBSD -- Unvalidated input in nfsclient
FreeBSD -- ZFS ZIL playback with insecure permissions

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.