Archive for November, 1999

Wazi » Security Notifications » Freebsd 6.4 and prior [Medium]

Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer …

November 29th, 1999 | Posted in FreeBSD | No Comments

Wazi » Security Notifications » Freebsd 8.0 and prior [Medium]

freebsd -update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/ freebsd -update by default), which allows local users to read copies of sensitive files after a (1) freebsd -update fetch …

November 29th, 1999 | Posted in FreeBSD | No Comments