Marcus Alves Grando
26e6464db9
- memcached -- memcached stats maps Information Disclosure Weakness
...
PR: 134206
Submitted by: Mark Foster <mark___foster.cc>
2009-08-17 13:26:56 +00:00
Martin Wilke
a4b3ce54d5
- Update latest wordpress entry
...
* add wordpress-mu which was also affected
- Mark latest fetchmail entry as safe
2009-08-13 09:55:13 +00:00
Steven Kreuzer
7e56d9a294
Document remote admin password reset vulnerability in wordpress <= 3.8.3
...
Reviewed by: simon
2009-08-12 14:57:25 +00:00
Dmitry Marakasov
5ece323d77
- Document fetchmail -- improper SSL certificate subject verification
2009-08-11 14:54:15 +00:00
Steven Kreuzer
8f0396b267
Fix typo in affected version number for vid
...
739b94a4-838b-11de-938e-003048590f9e
Submitted by: Roberto Nunnari <robi@nunnisoft.ch> (Private eMail)
Reviewed by: simon
2009-08-11 13:35:15 +00:00
Steven Kreuzer
4809b1d326
- Fix improper formatting reported by miwi
...
- Add additioinal reference url for vid 739b94a4-838b-11de-938e-003048590f9e
reported by miwi
Reviewed by: miwi
2009-08-07 21:24:48 +00:00
Steven Kreuzer
eeb8739db6
Document com_mailto Timeout Issue in www/joomla15
2009-08-07 20:06:23 +00:00
Simon L. B. Nielsen
b8763cbc76
Cleanup whitespace and XML format using 'make tidy' and a bit manual
...
editing.
2009-08-07 16:30:31 +00:00
Simon L. B. Nielsen
c1f51dfec3
When running the tidy target:
...
- Pipe ouput into vuln.xml.tidy instead of stdout.
- Don't hide what command we are running so it's clear where the tidy
version of the output went.
2009-08-07 16:25:52 +00:00
Simon L. B. Nielsen
948097f746
Various affects fixes to the last 3 Mozilla/Firefox entries to make then
...
match correctly against package names. In particular the port name
instead of package name was used in a couple of places. For Seamonkey
and Thunderbird where no known fixes exist don't include a fixed
version.
2009-08-07 13:18:43 +00:00
Martin Wilke
bca2f3a744
- Update previous subversion entry,
...
add missing p5-subversion and py-subversion
2009-08-07 10:48:55 +00:00
Martin Wilke
0f1c4967d5
- Fix latest firefox entry.
...
Reported by: b.f <bf1793@gmail.com>
2009-08-07 09:31:30 +00:00
Simon L. B. Nielsen
e341f2cd72
Document subversion -- heap overflow vulnerability.
2009-08-06 21:41:57 +00:00
Simon L. B. Nielsen
27300f3251
Add a few CVE names to the 'squid -- several remote denial of service
...
vulnerabilities' entry.
2009-08-05 23:23:26 +00:00
Simon L. B. Nielsen
ffa5a2aa6e
Document bugzilla -- product name information leak.
2009-08-05 23:19:37 +00:00
Martin Wilke
b2bf020f5a
- Mark squid 3.1.0.12 as safe
2009-08-04 23:15:11 +00:00
Martin Wilke
2d8c727e39
- Document mozilla -- multiple vulnerabilities
2009-08-04 22:57:02 +00:00
Wesley Shields
43938ae30f
- Add bind9-sdb-ldap and bind9-sdb-postgresql to recent BIND DoS.
...
Reviewed by: miwi
2009-08-04 18:20:18 +00:00
Wesley Shields
7ef95f2d74
- Document silc-client and silc-irssi-plugin format string vulnerability.
...
Reviewed by: miwi
2009-08-04 18:06:58 +00:00
Thierry Thomas
9bd4a28be3
Mark mail/squirrelmail-multilogin-plugin as FORBIDDEN and add the
...
corresponding entry in VuXML.
Security: VuXML: 0d0237d0-7f68-11de-984d-0011098ad87f
2009-08-02 14:11:24 +00:00
Wesley Shields
bad56ae20d
- White space fixes and correct the entry date in
...
vid 83725c91-7c7e-11de-9672-00e0815b8da8
2009-08-01 14:25:45 +00:00
Wesley Shields
3409d821d2
s/package/system/ for vid fbc8413f-2f7a-11de-9a3f-001b77d09812.
...
Reviewed by: remko
Approved by: secteam (remko)
2009-08-01 14:17:29 +00:00
Wesley Shields
2094b16c21
- Document BIND DoS in base and ports.
...
Reviewed by: remko
Approved by: secteam (remko)
2009-08-01 14:13:24 +00:00
Martin Wilke
d947ead030
- Close tag
2009-07-29 16:17:17 +00:00
Martin Wilke
e86908df1b
- Document Mono XML Signature HMAC Truncation Spoofing
2009-07-29 16:00:52 +00:00
Xin LI
72af14bbb5
Document squid remote denial of service vulnerabilities.
...
Submitted by: Thomas-Martin Seck <tmseck@web.de>
PR: ports/137184
2009-07-27 19:39:34 +00:00
Josh Paetzel
63813e06f2
Fix security advsory with patches from Ubuntu project.
...
http://vuxml.FreeBSD.org/c444c8b7-7169-11de-9ab7-000c29a67389.html
PR: ports/136891
Submitted by: wxs@
Reviewed by: simon@
Approved by: itetcu@ (mentor)
2009-07-22 00:11:48 +00:00
Martin Wilke
f734ecf8f7
- Fix a typo
2009-07-17 10:18:29 +00:00
Martin Wilke
33a8225a03
- Document firefox35 -- corrupt JIT state after deep return from native function
2009-07-17 07:58:05 +00:00
Wesley Shields
cbf1427e69
- Document isc-dhcp*-client stack overflow.
2009-07-15 18:34:19 +00:00
Wesley Shields
c06a91a738
- Tweak nagios version information a bit for the command injection
...
vulnerability. Patches for net-mgmt/nagios and net-mgmt/nagios2 coming
shortly.
2009-07-14 03:17:16 +00:00
Martin Wilke
9df985b5c9
- Document drupal -- multiple vulnerabilities
...
Submitted by: Nick Hilliard (based on)
2009-07-13 19:01:16 +00:00
Beat Gaetzi
533fe41217
- Mark linux-firefox 3.0.11 and higher as safe
...
Approved by: secteam (miwi)
2009-07-12 13:51:05 +00:00
Wesley Shields
8356984ff1
- Document remote command execution in net-mgmt/nfsen
...
PR: ports/136070
Submitted by: Bjoern Engels <engels@openit.de>
2009-07-03 01:35:18 +00:00
Wesley Shields
fac77905ea
- Add syslog-ng package to the list of vulnerable versions for the chroot
...
vulnerability.
2009-07-02 20:38:11 +00:00
Wesley Shields
a8865f66e7
- Add newly created CVE for nagios command injection vulnerability.
...
- Add the other two nagios packages to the list.
- Add modified entry accordingly.
2009-07-01 13:01:54 +00:00
Xin LI
e9af760f31
Document phpMyAdmin XSS vulnerability
2009-06-30 19:10:50 +00:00
Wesley Shields
3067ed90db
- Document nagios command injection vulnerability.
2009-06-30 14:13:03 +00:00
Wesley Shields
b6b9a5d686
- s/secunia reports/Secnuia reports/
...
- Fix whitespace
Approved by: secteam (miwi)
2009-06-24 16:54:17 +00:00
Wesley Shields
e7283ad40f
- Document tor-devel DNS resolution issue.
...
PR: ports/135925
Submitted by: bf <bf1783@gmail.com>
2009-06-23 13:03:52 +00:00
Martin Wilke
92126df09b
- Document cscope -- multiple buffer overflows
...
PR: 135097
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-06-16 20:59:01 +00:00
Martin Wilke
f68da5472d
- Document cscope -- buffer overflow
...
PR: based on 135097
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-06-16 20:52:44 +00:00
Martin Wilke
68392d80b3
- Fix a typo from previous commit
2009-06-16 20:45:46 +00:00
Steven Kreuzer
39085497d6
Document joomla -- multiple vulnerabilities
...
Approved by: wxs (mentor)
2009-06-16 20:10:43 +00:00
Martin Wilke
4be3fc9402
- Document pidgin -- multiple vulnerabilities
...
PR: 135239 (based on)
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-06-16 20:04:12 +00:00
Wesley Shields
c3bcf48e3c
- Document git-daemon DoS.
2009-06-15 13:57:18 +00:00
Stanislav Sedov
8b9c58bfeb
- Fix the latest ruby entry: 1.9 branch is not vulnerable.
2009-06-12 22:46:49 +00:00
Stanislav Sedov
e1015ae668
- Document ruby denial of sevice vulnerability in BigDecimal.
2009-06-12 22:07:41 +00:00
Beat Gaetzi
eddbffdde0
- Fix firefox3 version in da185955-5738-11de-b857-000f20797ede
...
Approved by: miwi (secteam)
2009-06-12 15:40:32 +00:00
Beat Gaetzi
2f56593a56
- Document mozilla -- multiple vulnerabilities
...
Approved by: miwi (secteam)
2009-06-12 14:55:51 +00:00