| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of FreeBSD
FreeBSD: denial of service via epoch
Synthesis of the vulnerability
An attacker can trigger a fatal error via epoch of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 07/08/2019.
Identifiers: FreeBSD-EN-19:14.epoch, VIGILANCE-VUL-29963.
Description of the vulnerability
An attacker can trigger a fatal error via epoch of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
FreeBSD: information disclosure via freebsd32_ioctl
Synthesis of the vulnerability
A local attacker can read a memory fragment via freebsd32_ioctl of FreeBSD, in order to obtain sensitive information.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 25/07/2019.
Identifiers: CVE-2019-5605, FreeBSD-SA-19:14.freebsd32, VIGILANCE-VUL-29876.
Description of the vulnerability
A local attacker can read a memory fragment via freebsd32_ioctl of FreeBSD, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
FreeBSD: information disclosure via UFS/FFS
Synthesis of the vulnerability
A local attacker can read a memory fragment via UFS/FFS of FreeBSD, in order to obtain sensitive information.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 03/07/2019.
Identifiers: CVE-2019-5601, FreeBSD-SA-19:10.ufs, VIGILANCE-VUL-29675.
Description of the vulnerability
A local attacker can read a memory fragment via UFS/FFS of FreeBSD, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
FreeBSD: denial of service via IPv6
Synthesis of the vulnerability
An attacker can send fragmented IPv6 packets to FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD, Solaris, pfSense.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 15/05/2019.
Identifiers: cpujul2019, CVE-2019-5597, FreeBSD-SA-19:05.pf, VIGILANCE-VUL-29304.
Description of the vulnerability
An attacker can send fragmented IPv6 packets to FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Intel processors: information disclosure via performance measurement
Synthesis of the vulnerability
An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Impacted products: XenServer, Debian, Fedora, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, HP ProLiant, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 2019, Windows 7, Windows 8, Windows RT, OpenBSD, openSUSE Leap, PAN-OS, pfSense, RHEL, SIMATIC, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, ESXi, vCenter Server, VMware vSphere Hypervisor, Xen.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 4.
Creation date: 15/05/2019.
Revision date: 15/05/2019.
Identifiers: CERTFR-2019-AVI-209, CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-213, CERTFR-2019-AVI-215, CERTFR-2019-AVI-217, CERTFR-2019-AVI-229, CERTFR-2019-AVI-230, CERTFR-2019-AVI-233, CERTFR-2019-AVI-311, CTX251995, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, DLA-1787-1, DLA-1789-1, DLA-1789-2, DLA-1799-1, DLA-1799-2, DSA-4444-1, DSA-4447-1, DSA-4447-2, FEDORA-2019-0731828893, FEDORA-2019-1f5832fc0e, FEDORA-2019-640f8d8dd1, FEDORA-2019-6458474bf2, FEDORA-2019-c36afa818c, FEDORA-2019-e6bf55e821, FEDORA-2019-eb08fb0c5f, FG-IR-18-002, FreeBSD-SA-19:07.mds, HPESBHF03933, INTEL-SA-00233, openSUSE-SU-2019:1402-1, openSUSE-SU-2019:1403-1, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1405-1, openSUSE-SU-2019:1407-1, openSUSE-SU-2019:1408-1, openSUSE-SU-2019:1419-1, openSUSE-SU-2019:1420-1, openSUSE-SU-2019:1468-1, openSUSE-SU-2019:1505-1, openSUSE-SU-2019:1805-1, openSUSE-SU-2019:1806-1, PAN-SA-2019-0012, RHSA-2019:1155-01, RHSA-2019:1167-01, RHSA-2019:1168-01, RHSA-2019:1169-01, RHSA-2019:1170-01, RHSA-2019:1171-01, RHSA-2019:1172-01, RHSA-2019:1174-01, RHSA-2019:1175-01, RHSA-2019:1176-01, RHSA-2019:1177-01, RHSA-2019:1178-01, RHSA-2019:1180-01, RHSA-2019:1181-01, RHSA-2019:1182-01, RHSA-2019:1183-01, RHSA-2019:1184-01, RHSA-2019:1185-01, RHSA-2019:1186-01, RHSA-2019:1187-01, RHSA-2019:1188-01, RHSA-2019:1189-01, RHSA-2019:1190-01, RHSA-2019:1193-01, RHSA-2019:1194-01, RHSA-2019:1195-01, RHSA-2019:1196-01, RHSA-2019:1197-01, RHSA-2019:1198-01, SSA-616472, SUSE-SU-2019:1235-1, SUSE-SU-2019:1236-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1243-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1248-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:1296-1, SUSE-SU-2019:1313-1, SUSE-SU-2019:1347-1, SUSE-SU-2019:1348-1, SUSE-SU-2019:1349-1, SUSE-SU-2019:1356-1, SUSE-SU-2019:1371-1, SUSE-SU-2019:14048-1, SUSE-SU-2019:14051-1, SUSE-SU-2019:14052-1, SUSE-SU-2019:14063-1, SUSE-SU-2019:14133-1, SUSE-SU-2019:1423-1, SUSE-SU-2019:1438-1, SUSE-SU-2019:1452-1, SUSE-SU-2019:1490-1, SUSE-SU-2019:1547-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1909-1, SUSE-SU-2019:1910-1, SUSE-SU-2019:1954-1, Synology-SA-19:24, USN-3977-1, USN-3977-2, USN-3977-3, USN-3978-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, USN-3983-1, USN-3983-2, USN-3984-1, USN-3985-1, USN-3985-2, VIGILANCE-VUL-29300, VMSA-2019-0008, XSA-297, ZombieLoad.
Description of the vulnerability
An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Full Vigil@nce bulletin... (Free trial) |
FreeBSD: adress based IP filtering bypass
Synthesis of the vulnerability
An attacker can tamper with the IP addresse of a an IP packet nested in an ICMP one, in order to bypass the FreeBSD packet filter.
Impacted products: FreeBSD, Solaris, pfSense.
Severity: 1/4.
Consequences: data flow.
Provenance: internet client.
Creation date: 15/05/2019.
Identifiers: cpujul2019, CVE-2019-5598, FreeBSD-SA-19:06.pf, VIGILANCE-VUL-29303.
Description of the vulnerability
An attacker can tamper with the IP addresse of a an IP packet nested in an ICMP one, in order to bypass the FreeBSD packet filter.
Full Vigil@nce bulletin... (Free trial) |
wpasupplicant: NULL pointer dereference via eap_server_pwd.c, eap_pwd.c
Synthesis of the vulnerability
An attacker can force a NULL pointer to be dereferenced via eap_server_pwd.c, eap_pwd.c of wpasupplicant, in order to trigger a denial of service.
Impacted products: Debian, Fedora, FreeBSD, pfSense, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 07/05/2019.
Identifiers: CVE-2019-11555, DLA-1867-1, DSA-4450-1, FEDORA-2019-28d3ca93d2, FEDORA-2019-d6bc3771a4, FEDORA-2019-ff1b728d09, FreeBSD-SA-19:03.wpa, USN-3969-1, USN-3969-2, VIGILANCE-VUL-29244.
Description of the vulnerability
An attacker can force a NULL pointer to be dereferenced via eap_server_pwd.c, eap_pwd.c of wpasupplicant, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
wpa_supplicant: six vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of wpa_supplicant.
Impacted products: Debian, Fedora, FreeBSD, Ubuntu.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: radio connection.
Number of vulnerabilities in this bulletin: 6.
Creation date: 11/04/2019.
Identifiers: Current: VU#871675, CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, DLA-1867-1, Dragonblood, DSA-4430-1, FEDORA-2019-d03bae77f5, FEDORA-2019-f409af9fbe, FreeBSD-SA-19:03.wpa, USN-3944-1, VIGILANCE-VUL-29006.
Description of the vulnerability
An attacker can use several vulnerabilities of wpa_supplicant.
Full Vigil@nce bulletin... (Free trial) |
NTP.org: NULL pointer dereference via Authenticated Mode 6
Synthesis of the vulnerability
An attacker can force a NULL pointer to be dereferenced via Authenticated Mode 6 of NTP.org, in order to trigger a denial of service.
Impacted products: Fedora, FreeBSD, AIX, Meinberg NTP Server, Data ONTAP, NTP.org, openSUSE Leap, Solaris, pfSense, RSA Authentication Manager, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user account.
Creation date: 08/03/2019.
Identifiers: 3565, bulletinapr2019, CVE-2019-8936, DSA-2019-093, FEDORA-2019-694e3aa4e8, FEDORA-2019-f781d5c4c6, FreeBSD-SA-19:04.ntp, NTAP-20190503-0001, openSUSE-SU-2019:1143-1, openSUSE-SU-2019:1158-1, SSA:2019-067-01, SUSE-SU-2019:0775-1, SUSE-SU-2019:0777-1, SUSE-SU-2019:0789-1, SUSE-SU-2019:13991-1, SUSE-SU-2019:14004-1, VIGILANCE-VUL-28701.
Description of the vulnerability
An attacker can force a NULL pointer to be dereferenced via Authenticated Mode 6 of NTP.org, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
FreeBSD: denial of service via LLE Table Lookup
Synthesis of the vulnerability
An attacker can trigger a fatal error via LLE Table Lookup of FreeBSD, in order to trigger a denial of service.
Impacted products: FreeBSD.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 06/02/2019.
Identifiers: FreeBSD-EN-19:07.lle, VIGILANCE-VUL-28448.
Description of the vulnerability
An attacker can trigger a fatal error via LLE Table Lookup of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about FreeBSD:
|