Summary
Detail | |||
---|---|---|---|
Vendor | Freebsd | First view | 1990-05-09 |
Product | Freebsd | Last view | 2024-09-05 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.8 | 2024-09-05 | CVE-2024-8178 | The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. |
7.5 | 2024-09-05 | CVE-2024-45287 | A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data. |
8.8 | 2024-09-05 | CVE-2024-45063 | The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. |
8.8 | 2024-09-05 | CVE-2024-43110 | The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. |
10 | 2024-09-05 | CVE-2024-43102 | Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be freed too early. A malicious code exercizing the UMTX_SHM_DESTROY sub-request in parallel can panic the kernel or enable further Use-After-Free attacks, potentially including code execution or Capsicum sandbox escape. |
8.8 | 2024-09-05 | CVE-2024-42416 | The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. |
8.2 | 2024-09-05 | CVE-2024-32668 | An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. |
8.1 | 2024-08-12 | CVE-2024-7589 | A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by default). This signal handler executes in the context of the sshd(8)'s privileged code, which is not sandboxed and runs with full root privileges. This issue is another instance of the problem in CVE-2024-6387 addressed by FreeBSD-SA-24:04.openssh. The faulty code in this case is from the integration of blacklistd in OpenSSH in FreeBSD. As a result of calling functions that are not async-signal-safe in the privileged sshd(8) context, a race condition exists that a determined attacker may be able to exploit to allow an unauthenticated remote code execution as root. |
7.5 | 2024-08-12 | CVE-2024-6760 | A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which they would not otherwise have access, such as the local password database. |
5.3 | 2024-08-12 | CVE-2024-6759 | When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir(3) and related functions to return filesystem entries with names containing additional path components. The lack of validation described above gives rise to a confused deputy problem. For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory. |
8.1 | 2024-07-01 | CVE-2024-6387 | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. |
0 | 2024-04-11 | CVE-2024-29937 | NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption. |
0 | 2024-02-15 | CVE-2024-25941 | The jail(2) system call has not limited a visiblity of allocated TTYs (the kern.ttys sysctl). This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the information printed by "pstat -t" may be leaked. |
0 | 2024-02-15 | CVE-2024-25940 | `bhyveload -h |
0 | 2024-02-15 | CVE-2022-23093 | ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header. The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes. The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash. The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur. |
0 | 2024-02-15 | CVE-2022-23092 | The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve guest kernel to overwrite memory in the bhyve(8) process. This could potentially lead to user-mode code execution on the host, subject to bhyve's Capsicum sandbox. |
0 | 2024-02-15 | CVE-2022-23091 | A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel. |
0 | 2024-02-15 | CVE-2022-23090 | The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free (UAF). |
0 | 2024-02-15 | CVE-2022-23089 | When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash. |
0 | 2024-02-15 | CVE-2022-23088 | The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution. |
8.8 | 2024-02-15 | CVE-2022-23087 | The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When checksum offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to specify the checksum offset in the on-stack buffer. The offset was not validated for certain packet types. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host, possibly leading to code execution in the host context. The bhyve process runs in a Capsicum sandbox, which (depending on the FreeBSD version and bhyve configuration) limits the impact of exploiting this issue. |
7.8 | 2024-02-15 | CVE-2022-23086 | Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small. Users with access to the mpr, mps or mpt device node may overwrite heap data, potentially resulting in privilege escalation. Note that the device node is only accessible to root and members of the operator group. |
8.2 | 2024-02-15 | CVE-2022-23085 | A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment. |
7.5 | 2024-02-15 | CVE-2022-23084 | The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment. |
5.3 | 2023-12-24 | CVE-2023-51765 | sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
10% (28) | CWE-20 | Improper Input Validation |
9% (27) | CWE-264 | Permissions, Privileges, and Access Controls |
9% (25) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
7% (21) | CWE-200 | Information Exposure |
6% (19) | CWE-787 | Out-of-bounds Write |
4% (12) | CWE-416 | Use After Free |
4% (12) | CWE-362 | Race Condition |
4% (12) | CWE-189 | Numeric Errors |
4% (11) | CWE-399 | Resource Management Errors |
4% (11) | CWE-330 | Use of Insufficiently Random Values |
3% (9) | CWE-190 | Integer Overflow or Wraparound |
2% (8) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
2% (7) | CWE-476 | NULL Pointer Dereference |
2% (7) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (7) | CWE-125 | Out-of-bounds Read |
1% (5) | CWE-287 | Improper Authentication |
1% (4) | CWE-665 | Improper Initialization |
1% (4) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
1% (3) | CWE-345 | Insufficient Verification of Data Authenticity |
1% (3) | CWE-203 | Information Exposure Through Discrepancy |
0% (2) | CWE-772 | Missing Release of Resource after Effective Lifetime |
0% (2) | CWE-770 | Allocation of Resources Without Limits or Throttling |
0% (2) | CWE-667 | Insufficient Locking |
0% (2) | CWE-415 | Double Free |
0% (2) | CWE-404 | Improper Resource Shutdown or Release |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-25 | Forced Deadlock |
CAPEC-26 | Leveraging Race Conditions |
CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
CAPEC-30 | Hijacking a Privileged Thread of Execution |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-42 | MIME Conversion |
CAPEC-44 | Overflow Binary Resource File |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-51 | Poison Web Service Registry |
CAPEC-58 | Restful Privilege Elevation |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-63 | Simple Script Injection |
CAPEC-67 | String Format Overflow in syslog() |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:5931 | The vacation program erroneously passes parameters to sendmail. |
oval:org.mitre.oval:def:10888 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys... |
oval:org.mitre.oval:def:1828 | Buffer Overflow in "in.telnetd"or "telnetd"Process |
oval:org.mitre.oval:def:9 | Solaris 8 RPC xdr_array Buffer Overflow |
oval:org.mitre.oval:def:4728 | SunRPC xdr_array Function Integer Overflow |
oval:org.mitre.oval:def:42 | Solaris 7 RPC xdr_array Buffer Overflow |
oval:org.mitre.oval:def:2539 | BIND SIG Resource Records Buffer Overflow |
oval:org.mitre.oval:def:449 | Bind OPT Resource Record DoS Vulnerability |
oval:org.mitre.oval:def:2094 | BIND DoS via SIG RR Elements |
oval:org.mitre.oval:def:2665 | Data Leak in NIC |
oval:org.mitre.oval:def:28706 | Critical Patch Update January 2015 |
oval:org.mitre.oval:def:230 | xdrmem_bytes() Integer Overflow Vulnerability |
oval:org.mitre.oval:def:1970 | Off-by-one Error in fb_realpath() |
oval:org.mitre.oval:def:597 | Denial of Service in Sendmail via the enhdnsbl Feature |
oval:org.mitre.oval:def:603 | Sendmail BO in prescan Function |
oval:org.mitre.oval:def:572 | Sendmail BO in Prescan Function |
oval:org.mitre.oval:def:2975 | Sendmail prescan function Buffer Overflow |
oval:org.mitre.oval:def:2011 | ISC BIND Cache Poison Denial Of Service |
oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Telnetd Encryption Key ID Code Execution | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78020 | FreeBSD telnetd Multiple telnet/libtelnet/encrypt.c encrypt_keyid() Function ... |
76945 | OpenPAM Pam Services Traversal Local Privilege Escalation |
75788 | FreeBSD UNIX Domain Socket sys/kern/uipc_usrreq.c uipc_bind() Function Local ... |
75249 | OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS |
75248 | OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS |
75011 | crontab crontab.c Temporary File Symlink Arbitrary MD5 Hash Comparison |
75010 | crontab crontab.c realpath() Temporary File Symlink Directory Enumeration |
75009 | crontab crontab.c stat() Call Temporary File Symlink Arbitrary File Enumeration |
75007 | libc glob Expression Pathname Matching Remote DoS (2010-4754) |
74934 | KAME IPSEC Implementations Spoofed ESP Packet DoS |
74927 | X.Org libXfont src/fontfile/decompress.c BufCompressedFill() Function LZW Dec... |
73388 | Multiple Vendor libc Implentation fnmatch.c Memory Consumption DoS |
73383 | Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop... |
72130 | FreeBSD mountd mountd.c makemask Function NFS Mount Request Access Restrictio... |
68313 | FreeBSD pseudofs pfs_getattr() Function NULL Dereference Local Privilege Esca... |
68291 | NetBSD Kernel netsmb Module smb_subr.c /dev/nsmb IOCTL Operation Integer Sign... |
67346 | Multiple Unix Vendor rpc.pcnfsd pr_init() Symlink Arbitrary File Permission M... |
67330 | Coda Filesystem Kernel Module IOCTL ViceIoctl Struct Local Memory Disclosure |
66316 | FreeBSD Read-only Flag Copy Weakness Duplicate mbuf Buffer Reference Sendfile... |
65152 | FreeBSD jail(8) Descendant Process CWD Escape Arbitrary File Access |
65036 | FreeBSD nfsclient nfs_vfsops.c nfs_mount() Function File Handle Buffer Mounti... |
64949 | OPIE readrec.c __opiereadrec() Off-by-One Remote Code Execution |
63646 | J Programming Language libc dtoa Implementation Floating Point Parsing Memory... |
63641 | Matlab libc dtoa Implementation Floating Point Parsing Memory Corruption |
63639 | Apple Mac OS X libc dtoa Implementation Floating Point Parsing Memory Corruption |
ExploitDB Exploits
id | Description |
---|---|
26454 | FreeBSD 9 Address Space Manipulation Privilege Escalation |
26076 | Cisco ASA < 8.4.4.6|8.2.5.32 Ethernet Information Leak |
22131 | Linux Kernel 2.0.x/2.2.x/2.4.x,FreeBSD 4.x Network Device Driver Frame Paddin... |
16951 | FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit |
12762 | FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05) |
10380 | Sunbird 0.9 Array Overrun (code execution) 0day |
10187 | Opera 10.01 Remote Array Overrun |
10186 | K-Meleon 1.5.3 Remote Array Overrun |
10185 | SeaMonkey 1.1.8 Remote Array Overrun |
10184 | KDE KDELibs 4.3.3 Remote Array Overrun |
9082 | FreeBSD 7.0/7.1 vfs.usermount Local Privilege Escalation Exploit |
3555 | Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak) |
OpenVAS Exploits
id | Description |
---|---|
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-12-14 | Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl |
2012-12-13 | Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen) File : nvt/gb_suse_2012_0886_1.nasl |
2012-11-26 | Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD20.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-24 (PostgreSQL) File : nvt/glsa_201209_24.nasl |
2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-03 (php) File : nvt/glsa_201209_03.nasl |
2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2011-133-01 apr/apr-util File : nvt/esoft_slk_ssa_2011_133_01.nasl |
2012-08-30 | Name : Fedora Update for php FEDORA-2012-10936 File : nvt/gb_fedora_2012_10936_php_fc17.nasl |
2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11182 File : nvt/gb_fedora_2012_11182_xen_fc17.nasl |
2012-08-30 | Name : Fedora Update for xen FEDORA-2012-11755 File : nvt/gb_fedora_2012_11755_xen_fc17.nasl |
2012-08-30 | Name : Fedora Update for postgresql FEDORA-2012-12156 File : nvt/gb_fedora_2012_12156_postgresql_fc16.nasl |
2012-08-30 | Name : Fedora Update for postgresql FEDORA-2012-12165 File : nvt/gb_fedora_2012_12165_postgresql_fc17.nasl |
2012-08-30 | Name : Fedora Update for postgresql FEDORA-2012-8924 File : nvt/gb_fedora_2012_8924_postgresql_fc17.nasl |
2012-08-30 | Name : Fedora Update for xen FEDORA-2012-9386 File : nvt/gb_fedora_2012_9386_xen_fc17.nasl |
2012-08-30 | Name : Fedora Update for maniadrive FEDORA-2012-9490 File : nvt/gb_fedora_2012_9490_maniadrive_fc17.nasl |
2012-08-30 | Name : Fedora Update for php FEDORA-2012-9490 File : nvt/gb_fedora_2012_9490_php_fc17.nasl |
2012-08-24 | Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2491-1 (postgresql-8.4) File : nvt/deb_2491_1.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0222 | Multiple Security Vulnerabilities in Apple iOS Severity: Category I - VMSKEY: V0061471 |
2013-A-0151 | ISC BIND 9 Remote Denial of Service Vulnerability Severity: Category I - VMSKEY: V0039823 |
2012-A-0056 | Multiple Vulnerabilities in VMWare ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0031979 |
2008-B-0070 | Multiple Vendors IPv6 Neighbor Discovery Protocol Spoofing Vulnerability Severity: Category II - VMSKEY: V0017557 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | record route rr denial of service attempt RuleID : 8730 - Type : PROTOCOL-ICMP - Revision : 6 |
2014-01-10 | vrfy decode RuleID : 672-community - Type : SERVER-MAIL - Revision : 17 |
2014-01-10 | vrfy decode RuleID : 672 - Type : SERVER-MAIL - Revision : 17 |
2014-01-10 | Sendmail expn decode RuleID : 659-community - Type : SERVER-MAIL - Revision : 18 |
2014-01-10 | Sendmail expn decode RuleID : 659 - Type : SERVER-MAIL - Revision : 18 |
2014-01-10 | RCPT TO overflow RuleID : 654-community - Type : SERVER-MAIL - Revision : 28 |
2014-01-10 | RCPT TO overflow RuleID : 654 - Type : SERVER-MAIL - Revision : 28 |
2014-01-10 | portmap pcnfsd request UDP RuleID : 581-community - Type : PROTOCOL-RPC - Revision : 18 |
2014-01-10 | portmap pcnfsd request UDP RuleID : 581 - Type : PROTOCOL-RPC - Revision : 18 |
2014-01-10 | portmap amountd request UDP RuleID : 576-community - Type : PROTOCOL-RPC - Revision : 17 |
2014-01-10 | portmap amountd request UDP RuleID : 576 - Type : PROTOCOL-RPC - Revision : 17 |
2014-01-10 | AMD Overflow RuleID : 573 - Type : RPC - Revision : 9 |
2019-08-31 | Apple DMG ffs_mountfs integer overflow exploit attempt RuleID : 50853 - Type : FILE-OTHER - Revision : 1 |
2019-08-31 | Apple DMG ffs_mountfs integer overflow exploit attempt RuleID : 50852 - Type : FILE-OTHER - Revision : 1 |
2018-09-19 | ntpq decode array buffer overflow attempt RuleID : 47585 - Type : SERVER-OTHER - Revision : 4 |
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46910 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46909 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46908 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46907 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46906 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46905 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46904 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46903 - Type : INDICATOR-COMPROMISE - Revision : 2 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46835 - Type : OS-WINDOWS - Revision : 1 |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46834 - Type : OS-WINDOWS - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-d3cb6f113c.nasl - Type: ACT_GATHER_INFO |
2018-12-11 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_32498c8ffc8411e8be12a4badb2f4699.nasl - Type: ACT_GATHER_INFO |
2018-11-30 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_sa-18-13_nfs.nasl - Type: ACT_GATHER_INFO |
2018-11-27 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-2911.nasl - Type: ACT_GATHER_INFO |
2018-11-21 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1378.nasl - Type: ACT_GATHER_INFO |
2018-11-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-1573.nasl - Type: ACT_GATHER_INFO |
2018-11-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO |
2018-11-13 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_791841a3d4844878890992ef9ce424f4.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09618.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09619.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09620.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09621.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09622.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09623.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09624.nasl - Type: ACT_GATHER_INFO |
2018-11-09 | Name: The remote AIX host is missing a security patch. File: aix_IJ09625.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote Debian host is missing a security update. File: debian_DLA-1564.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL21344224.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1263.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO |
2018-09-13 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_a67c122ab69311e8ac58a4badb2f4699.nasl - Type: ACT_GATHER_INFO |
2018-08-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_359e1548a65211e8805ba4badb2f4699.nasl - Type: ACT_GATHER_INFO |