kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add an entry for recent isc-dhcp3-server buffer overflows.

Browse source 
Remove the one in portaudit.txt.
This commit is contained in:
Tom Rhodes 2004-06-25 20:01:28 +00:00
parent ffecdfda4a
commit 2da36a743f
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=112270
3 changed files with 29 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
ports-mgmt/portaudit-db/database/portaudit.txt
View file

@ -29,7 +29,6 @@ roundup<0.7.3|http://www.osvdb.org/6691 http://xforce.iss.net/xforce/xfdb/16350
sqwebmail<4.0.5|http://www.securityfocus.com/archive/1/366595|Sqwebmail XSS vulnerability|c3e56efa-c42f-11d8-864c-02e0185c0b53
isc-dhcp3<3.0.1.r11|http://www.cert.org/advisories/CA-2003-01.html http://www.kb.cert.org/vuls/id/284857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0026|ISC DHCPD minires library contains multiple buffer overflows|f71745cd-c509-11d8-8898-000d6111a684
isc-dhcp3<3.0.1.r11_1|http://www.kb.cert.org/vuls/id/149953 http://www.securityfocus.com/bid/6628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0039|ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received|02957734-c50b-11d8-8898-000d6111a684
isc-dhcp3-{relay,server}>=3.0.1.r12<3.0.1.r14|http://www.us-cert.gov/cas/techalerts/TA04-174A.html http://www.kb.cert.org/vuls/id/317350 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0460|ISC DHCP remote exploitable stack buffer overflow vulnerability|7a9d5dfe-c507-11d8-8898-000d6111a684
icecast2<2.0.1,1|http://secunia.com/advisories/11578 http://www.osvdb.org/6075|Icecast remote DoS vulnerability|8de7cf18-c5ca-11d8-8898-000d6111a684
rssh<2.2.1|http://secunia.com/advisories/11926 http://www.securityfocus.com/archive/1/366691|rssh file existence information disclosure weakness|a4815970-c5cc-11d8-8898-000d6111a684
sup<=2.0|http://secunia.com/advisories/11898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0451|CMU SUP logging format string vulnerabilities|238ea8eb-c5cf-11d8-8898-000d6111a684

1
security/portaudit-db/database/portaudit.txt
View file

@ -29,7 +29,6 @@ roundup<0.7.3|http://www.osvdb.org/6691 http://xforce.iss.net/xforce/xfdb/16350
sqwebmail<4.0.5|http://www.securityfocus.com/archive/1/366595|Sqwebmail XSS vulnerability|c3e56efa-c42f-11d8-864c-02e0185c0b53
isc-dhcp3<3.0.1.r11|http://www.cert.org/advisories/CA-2003-01.html http://www.kb.cert.org/vuls/id/284857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0026|ISC DHCPD minires library contains multiple buffer overflows|f71745cd-c509-11d8-8898-000d6111a684
isc-dhcp3<3.0.1.r11_1|http://www.kb.cert.org/vuls/id/149953 http://www.securityfocus.com/bid/6628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0039|ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received|02957734-c50b-11d8-8898-000d6111a684
isc-dhcp3-{relay,server}>=3.0.1.r12<3.0.1.r14|http://www.us-cert.gov/cas/techalerts/TA04-174A.html http://www.kb.cert.org/vuls/id/317350 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0460|ISC DHCP remote exploitable stack buffer overflow vulnerability|7a9d5dfe-c507-11d8-8898-000d6111a684
icecast2<2.0.1,1|http://secunia.com/advisories/11578 http://www.osvdb.org/6075|Icecast remote DoS vulnerability|8de7cf18-c5ca-11d8-8898-000d6111a684
rssh<2.2.1|http://secunia.com/advisories/11926 http://www.securityfocus.com/archive/1/366691|rssh file existence information disclosure weakness|a4815970-c5cc-11d8-8898-000d6111a684
sup<=2.0|http://secunia.com/advisories/11898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0451|CMU SUP logging format string vulnerabilities|238ea8eb-c5cf-11d8-8898-000d6111a684

29
security/vuxml/vuln.xml
View file

@ -32,6 +32,35 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="7a9d5dfe-c507-11d8-8898-000d6111a684">
<topic>isc-dhcp3-server buffer overflow in logging mechanism</topic>
<affects>
<package>
<name>isc-dhcp3-server</name>
<range><lt>3.0.1.r12</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A buffer overflow exists in the logging functionality
of the DHCP daemon which could lead to Denial of Service
attacks and has the potential to allow attackers to
execute arbitrary code.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0460</cvename>
<url>http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:061</url>
<url>http://www.us-cert.gov/cas/techalerts/TA04-174A.html</url>
<url>http://www.kb.cert.org/vuls/id/317350</url>
<url>http://marc.theaimsgroup.com/?l=bugtraq&amp;m=108795911203342&amp;w=2</url>
</references>
<dates>
<discovery>2004-06-22</discovery>
<entry>2004-06-25</entry>
</dates>
</vuln>
<vuln vid="1f738bda-c6ac-11d8-8898-000d6111a684">
<topic>Remote Denial of Service of HTTP server and client</topic>
<affects>