diff --git a/ports-mgmt/portaudit-db/database/portaudit.txt b/ports-mgmt/portaudit-db/database/portaudit.txt index 629400b1aedc..5fbb481597dd 100644 --- a/ports-mgmt/portaudit-db/database/portaudit.txt +++ b/ports-mgmt/portaudit-db/database/portaudit.txt @@ -54,7 +54,6 @@ pavuk<=0.9.28_5|http://www.securityfocus.com/archive/1/370248 http://archives.ne lcdproc<0.4.5|http://sourceforge.net/project/shownotes.php?release_id=230910 http://secunia.com/advisories/11333 http://www.securityfocus.com/archive/1/360209 http://www.securityfocus.com/bid/10085 http://www.osvdb.org/5157 http://www.osvdb.org/5158 http://www.osvdb.org/5159 http://www.osvdb.org/5160|LCDProc buffer overflow/format string vulnerabilities|62d23317-e072-11d8-9a79-000347dd607f sox>=12.17.1<=12.17.4_1|http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html http://secunia.com/advisories/12175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557|SoX buffer overflows when handling .WAV files|3e4ffe76-e0d4-11d8-9b0a-000347a4fa7d dansguardian<2.8.0.1|http://secunia.com/advisories/12191 http://www.securityfocus.com/archive/1/370346 http://www.osvdb.org/8270|DansGuardian banned extension filter bypass vulnerability|f6fd9200-e20e-11d8-9b0a-000347a4fa7d -firefox>=0.9.1<=0.9.2|http://www.securityfocus.com/archive/1/369953|Mozilla Firefox certificate spoofing|abe47a5a-e23c-11d8-9b0a-000347a4fa7d imp<3.2.5|http://www.greymagic.com/security/advisories/gm005-mc/ http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h http://secunia.com/advisories/12202|XSS hole in the HTML viewer - This vulnerability only exists when using the Internet Explorer to access IMP and only when using the inline MIME viewer for HTML messages.|49189b47-e24d-11d8-9f75-000bdb1444a4 phpMyAdmin<2.5.7.1|http://www.securityfocus.com/archive/1/367486 http://www.securityfocus.com/bid/10629 http://secunia.com/SA11974 http://www.osvdb.org/7314 http://www.osvdb.org/7315|phpMyAdmin configuration manipulation and code injection|56648b44-e301-11d8-9b0a-000347a4fa7d gnutls<1.0.17|http://www.hornik.sk/SA/SA-20040802.txt http://secunia.com/advisories/12156|GnuTLS certificate chain verification DoS|84ab58cf-e4ac-11d8-9b0a-000347a4fa7d diff --git a/security/portaudit-db/database/portaudit.txt b/security/portaudit-db/database/portaudit.txt index 629400b1aedc..5fbb481597dd 100644 --- a/security/portaudit-db/database/portaudit.txt +++ b/security/portaudit-db/database/portaudit.txt @@ -54,7 +54,6 @@ pavuk<=0.9.28_5|http://www.securityfocus.com/archive/1/370248 http://archives.ne lcdproc<0.4.5|http://sourceforge.net/project/shownotes.php?release_id=230910 http://secunia.com/advisories/11333 http://www.securityfocus.com/archive/1/360209 http://www.securityfocus.com/bid/10085 http://www.osvdb.org/5157 http://www.osvdb.org/5158 http://www.osvdb.org/5159 http://www.osvdb.org/5160|LCDProc buffer overflow/format string vulnerabilities|62d23317-e072-11d8-9a79-000347dd607f sox>=12.17.1<=12.17.4_1|http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html http://secunia.com/advisories/12175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557|SoX buffer overflows when handling .WAV files|3e4ffe76-e0d4-11d8-9b0a-000347a4fa7d dansguardian<2.8.0.1|http://secunia.com/advisories/12191 http://www.securityfocus.com/archive/1/370346 http://www.osvdb.org/8270|DansGuardian banned extension filter bypass vulnerability|f6fd9200-e20e-11d8-9b0a-000347a4fa7d -firefox>=0.9.1<=0.9.2|http://www.securityfocus.com/archive/1/369953|Mozilla Firefox certificate spoofing|abe47a5a-e23c-11d8-9b0a-000347a4fa7d imp<3.2.5|http://www.greymagic.com/security/advisories/gm005-mc/ http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h http://secunia.com/advisories/12202|XSS hole in the HTML viewer - This vulnerability only exists when using the Internet Explorer to access IMP and only when using the inline MIME viewer for HTML messages.|49189b47-e24d-11d8-9f75-000bdb1444a4 phpMyAdmin<2.5.7.1|http://www.securityfocus.com/archive/1/367486 http://www.securityfocus.com/bid/10629 http://secunia.com/SA11974 http://www.osvdb.org/7314 http://www.osvdb.org/7315|phpMyAdmin configuration manipulation and code injection|56648b44-e301-11d8-9b0a-000347a4fa7d gnutls<1.0.17|http://www.hornik.sk/SA/SA-20040802.txt http://secunia.com/advisories/12156|GnuTLS certificate chain verification DoS|84ab58cf-e4ac-11d8-9b0a-000347a4fa7d diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 7ea68d9a286c..41472f8167f9 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -4207,4 +4207,51 @@ misc.c: 2004-08-05 + + + Mozilla certificate spoofing + + + firefox + 0.9.10.9.2 + + + linux-mozilla + 1.7.2 + + + linux-mozilla-devel + 1.7.2 + + + mozilla + 1.7.2,2 + 1.8.*,21.8.a2,2 + + + mozilla-gtk1 + 1.7.2 + + + + +

Mozilla and Mozilla Firefox contains a flaw that may + allow a malicious user to spoof SSL certification.

+ + + + http://www.securityfocus.com/archive/1/369953 + http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory + http://secunia.com/advisories/12160 + http://bugzilla.mozilla.org/show_bug.cgi?id=253121 + http://www.osvdb.org/8238 + 10796 + CAN-2004-0763 + + + 2004-07-25 + 2004-07-30 + 2004-08-05 + +