Multiple vulnerabilities in FreeBSD

Posted: November 24, 2012 in Vulnerabilities
Tags: , ,

FreeBSD Logo

Multiple vulnerabilities

Vulnerability: Multiple vulnerabilities in FreeBSD

Danger: Middle
Patch: Yes
Number of vulnerabilities: 2

CVE ID: CVE-2012-4244
CVE-2012-5166
Vector of operation: Remote
Impact: Denial of service
Affected products: FreeBSD 7.4, FreeBSD 8.3, FreeBSD 9.0

Affected versions: FreeBSD 7.4, 8.3, 9.0

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

The product contains the vulnerable version of ISC BIND. A detailed description of vulnerabilities can be found here:

https://malwarelist.wordpress.com/2012/11/24/denial-of-service-in-isc-bind/
https://malwarelist.wordpress.com/2012/11/24/denial-of-service-in-isc-bind-2/

Vulnerability: Denial of service in FreeBSD

Danger: Low
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-4445
Affected products: FreeBSD 7.4, 8.3, 9.0

Affected versions: FreeBSD 7.4, FreeBSD 8.3, FreeBSD 9.0

Description:

Vulnerability allows a remote user to execute arbitrary code on the target system.

The product contains the vulnerable version of hostapd. A detailed description of vulnerabilities can be found here:

https://malwarelist.wordpress.com/2012/11/24/denial-of-service-in-hostapd/

Vulnerability: Elevation in FreeBSD

Danger: Low
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-4576
Vector operation: Local
Impact: Privilege escalation

Affected products:
– FreeBSD 7.4
– FreeBSD 8.3
– FreeBSD 9.0

Affected versions:
FreeBSD 7.4
FreeBSD 8.3
FreeBSD 9.0

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

An error in the processing of certain system calls Linux. This can be exploited to overwrite certain memory objects and increase their privileges.

Manufacturer: URL: http://www.freebsd.org/

Solution: To resolve the vulnerability patch from the manufacturer.

Links:

http://www.freebsd.org/security/advisories/FreeBSD-SA-12:06.bind.asc
http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc
http://www.freebsd.org/security/advisories/FreeBSD-SA-12:08.linux.asc

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s