New vulnerabilities in FreeBSD – October 24, 2014

Posted: October 24, 2014 in Vulnerabilities
Tags: ,

Vulnerabilities in FreeBSD#1 Denial of service and system compromise in FreeBSD (Remote Buffer Overflow vulnerability)

Danger level: High
Availability Corrections: Yes
Quantity of vulnerabilities: 1

CVSSv2 Rating: (AV: L / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: O / RC: C) = Base: 6.9 / Temporal: 5.1
CVE ID: CVE-2014-3954

Vector of operation: Remote
Impact: Remote Buffer Overflow (Denial of service, system compromise)

Affected products: FreeBSD 9.x
Affected versions: FreeBSD 9.1, FreeBSD 9.2, FreeBSD 9.3

Description:

[CVE-2014-3954] The vulnerability allows a remote user to cause a denial of service and to compromise a vulnerable system.

The vulnerability is caused due to a missing length check in the code that handles DNS parameters, in the function “dname_labeldec ()” in the file usr.sbin / rtsold / rtsol.c when processing messages router advertisement. This can be exploited to cause a buffer overflow on the stack and cause a denial of service.

Note: The successful exploitation this vulnerability allows execution of arbitrary code on the target system.

Solution: Install the latest version from the manufacturer’s website.

Link: https://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A20.rtsold.asc

#2 Denial of service vulnerability in FreeBSD

Danger level: Low
Availability Corrections: Yes
Number of vulnerabilities: 1

CVSSv2 Rating: (AV: A / AC: L / Au: N / C: N / I: N / A: P / E: U / RL: O / RC: C) = Base: 3.3 / Temporal: 2.4
CVE ID: CVE-2014-3955

Vector of operation: Local Network
Impact: Denial of service

Affected products: FreeBSD 9.x
Affected versions: FreeBSD 9.1, FreeBSD 9.2, FreeBSD 9.3

Description:

[CVE-2014-3955] The vulnerability allows a remote user to cause a denial of service.

The vulnerability is caused due to an error in the routed daemon when processing certain RIP requests. A remote user can cause denial of service.

Solution: Install the latest version from the manufacturer’s website.

Link: https://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A21.routed.asc

#3 Disclosure of sensitive data in FreeBSD (OpenSSL Vulnerabilities)

Danger level: Low
Availability fixes: No
Quantity of vulnerabilities: 1

CVSSv2 Rating: (AV: N / AC: L / Au: N / C: P / I: P / A: N / E: U / RL: W / RC: C) = Base: 6.4 / Temporal: 5.2
CVE ID: CVE-2014-3566

Vector of operation: Remote
Impact: Disclosure of sensitive data

Affected products: FreeBSD 8.0, FreeBSD 9.x
Affected versions: FreeBSD 8.0, FreeBSD 9.x

Description:

[CVE-2014-3566] The vulnerability allows a remote user to gain access to sensitive data.

The SSL protocol 3.0 allows to obtain cleartext data via a padding-oracle attack, aka the “POODLE” issue.

Solution: Ways of elimination of vulnerability doesn’t exist now.

Link: https://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A23.openssl.asc


FreeBSD logoManufacturer URLs:
http://www.freebsd.org/releases/9.0R/announce.html
http://www.freebsd.org/releases/8.0R/announce.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s