Commit graph

2022 commits

Author SHA1 Message Date
Marcus Alves Grando
26e6464db9 - memcached -- memcached stats maps Information Disclosure Weakness
PR:		134206
Submitted by:	Mark Foster <mark___foster.cc>
2009-08-17 13:26:56 +00:00
Martin Wilke
a4b3ce54d5 - Update latest wordpress entry
* add wordpress-mu which was also affected
- Mark latest fetchmail entry as safe
2009-08-13 09:55:13 +00:00
Steven Kreuzer
7e56d9a294 Document remote admin password reset vulnerability in wordpress <= 3.8.3
Reviewed by:	simon
2009-08-12 14:57:25 +00:00
Dmitry Marakasov
5ece323d77 - Document fetchmail -- improper SSL certificate subject verification 2009-08-11 14:54:15 +00:00
Steven Kreuzer
8f0396b267 Fix typo in affected version number for vid
739b94a4-838b-11de-938e-003048590f9e

Submitted by:	Roberto Nunnari <robi@nunnisoft.ch> (Private eMail)
Reviewed by:	simon
2009-08-11 13:35:15 +00:00
Steven Kreuzer
4809b1d326 - Fix improper formatting reported by miwi
- Add additioinal reference url for vid 739b94a4-838b-11de-938e-003048590f9e
reported by miwi

Reviewed by:	miwi
2009-08-07 21:24:48 +00:00
Steven Kreuzer
eeb8739db6 Document com_mailto Timeout Issue in www/joomla15 2009-08-07 20:06:23 +00:00
Simon L. B. Nielsen
b8763cbc76 Cleanup whitespace and XML format using 'make tidy' and a bit manual
editing.
2009-08-07 16:30:31 +00:00
Simon L. B. Nielsen
c1f51dfec3 When running the tidy target:
- Pipe ouput into vuln.xml.tidy instead of stdout.
- Don't hide what command we are running so it's clear where the tidy
  version of the output went.
2009-08-07 16:25:52 +00:00
Simon L. B. Nielsen
948097f746 Various affects fixes to the last 3 Mozilla/Firefox entries to make then
match correctly against package names.  In particular the port name
instead of package name was used in a couple of places.  For Seamonkey
and Thunderbird where no known fixes exist don't include a fixed
version.
2009-08-07 13:18:43 +00:00
Martin Wilke
bca2f3a744 - Update previous subversion entry,
add missing p5-subversion and py-subversion
2009-08-07 10:48:55 +00:00
Martin Wilke
0f1c4967d5 - Fix latest firefox entry.
Reported by:	b.f <bf1793@gmail.com>
2009-08-07 09:31:30 +00:00
Simon L. B. Nielsen
e341f2cd72 Document subversion -- heap overflow vulnerability. 2009-08-06 21:41:57 +00:00
Simon L. B. Nielsen
27300f3251 Add a few CVE names to the 'squid -- several remote denial of service
vulnerabilities' entry.
2009-08-05 23:23:26 +00:00
Simon L. B. Nielsen
ffa5a2aa6e Document bugzilla -- product name information leak. 2009-08-05 23:19:37 +00:00
Martin Wilke
b2bf020f5a - Mark squid 3.1.0.12 as safe 2009-08-04 23:15:11 +00:00
Martin Wilke
2d8c727e39 - Document mozilla -- multiple vulnerabilities 2009-08-04 22:57:02 +00:00
Wesley Shields
43938ae30f - Add bind9-sdb-ldap and bind9-sdb-postgresql to recent BIND DoS.
Reviewed by:	miwi
2009-08-04 18:20:18 +00:00
Wesley Shields
7ef95f2d74 - Document silc-client and silc-irssi-plugin format string vulnerability.
Reviewed by:	miwi
2009-08-04 18:06:58 +00:00
Thierry Thomas
9bd4a28be3 Mark mail/squirrelmail-multilogin-plugin as FORBIDDEN and add the
corresponding entry in VuXML.

Security:	VuXML: 0d0237d0-7f68-11de-984d-0011098ad87f
2009-08-02 14:11:24 +00:00
Wesley Shields
bad56ae20d - White space fixes and correct the entry date in
vid 83725c91-7c7e-11de-9672-00e0815b8da8
2009-08-01 14:25:45 +00:00
Wesley Shields
3409d821d2 s/package/system/ for vid fbc8413f-2f7a-11de-9a3f-001b77d09812.
Reviewed by:	remko
Approved by:	secteam (remko)
2009-08-01 14:17:29 +00:00
Wesley Shields
2094b16c21 - Document BIND DoS in base and ports.
Reviewed by:	remko
Approved by:	secteam (remko)
2009-08-01 14:13:24 +00:00
Martin Wilke
d947ead030 - Close tag 2009-07-29 16:17:17 +00:00
Martin Wilke
e86908df1b - Document Mono XML Signature HMAC Truncation Spoofing 2009-07-29 16:00:52 +00:00
Xin LI
72af14bbb5 Document squid remote denial of service vulnerabilities.
Submitted by:	Thomas-Martin Seck <tmseck@web.de>
PR:		ports/137184
2009-07-27 19:39:34 +00:00
Josh Paetzel
63813e06f2 Fix security advsory with patches from Ubuntu project.
http://vuxml.FreeBSD.org/c444c8b7-7169-11de-9ab7-000c29a67389.html

PR:	ports/136891
Submitted by:	wxs@
Reviewed by:	simon@
Approved by:	itetcu@ (mentor)
2009-07-22 00:11:48 +00:00
Martin Wilke
f734ecf8f7 - Fix a typo 2009-07-17 10:18:29 +00:00
Martin Wilke
33a8225a03 - Document firefox35 -- corrupt JIT state after deep return from native function 2009-07-17 07:58:05 +00:00
Wesley Shields
cbf1427e69 - Document isc-dhcp*-client stack overflow. 2009-07-15 18:34:19 +00:00
Wesley Shields
c06a91a738 - Tweak nagios version information a bit for the command injection
vulnerability. Patches for net-mgmt/nagios and net-mgmt/nagios2 coming
  shortly.
2009-07-14 03:17:16 +00:00
Martin Wilke
9df985b5c9 - Document drupal -- multiple vulnerabilities
Submitted by:	Nick Hilliard (based on)
2009-07-13 19:01:16 +00:00
Beat Gaetzi
533fe41217 - Mark linux-firefox 3.0.11 and higher as safe
Approved by:	secteam (miwi)
2009-07-12 13:51:05 +00:00
Wesley Shields
8356984ff1 - Document remote command execution in net-mgmt/nfsen
PR:		ports/136070
Submitted by:	Bjoern Engels <engels@openit.de>
2009-07-03 01:35:18 +00:00
Wesley Shields
fac77905ea - Add syslog-ng package to the list of vulnerable versions for the chroot
vulnerability.
2009-07-02 20:38:11 +00:00
Wesley Shields
a8865f66e7 - Add newly created CVE for nagios command injection vulnerability.
- Add the other two nagios packages to the list.
- Add modified entry accordingly.
2009-07-01 13:01:54 +00:00
Xin LI
e9af760f31 Document phpMyAdmin XSS vulnerability 2009-06-30 19:10:50 +00:00
Wesley Shields
3067ed90db - Document nagios command injection vulnerability. 2009-06-30 14:13:03 +00:00
Wesley Shields
b6b9a5d686 - s/secunia reports/Secnuia reports/
- Fix whitespace

Approved by:	secteam (miwi)
2009-06-24 16:54:17 +00:00
Wesley Shields
e7283ad40f - Document tor-devel DNS resolution issue.
PR:		ports/135925
Submitted by:	bf <bf1783@gmail.com>
2009-06-23 13:03:52 +00:00
Martin Wilke
92126df09b - Document cscope -- multiple buffer overflows
PR:		135097
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-06-16 20:59:01 +00:00
Martin Wilke
f68da5472d - Document cscope -- buffer overflow
PR:		based on 135097
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-06-16 20:52:44 +00:00
Martin Wilke
68392d80b3 - Fix a typo from previous commit 2009-06-16 20:45:46 +00:00
Steven Kreuzer
39085497d6 Document joomla -- multiple vulnerabilities
Approved by:	wxs (mentor)
2009-06-16 20:10:43 +00:00
Martin Wilke
4be3fc9402 - Document pidgin -- multiple vulnerabilities
PR:		135239 (based on)
Submitted by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-06-16 20:04:12 +00:00
Wesley Shields
c3bcf48e3c - Document git-daemon DoS. 2009-06-15 13:57:18 +00:00
Stanislav Sedov
8b9c58bfeb - Fix the latest ruby entry: 1.9 branch is not vulnerable. 2009-06-12 22:46:49 +00:00
Stanislav Sedov
e1015ae668 - Document ruby denial of sevice vulnerability in BigDecimal. 2009-06-12 22:07:41 +00:00
Beat Gaetzi
eddbffdde0 - Fix firefox3 version in da185955-5738-11de-b857-000f20797ede
Approved by:	miwi (secteam)
2009-06-12 15:40:32 +00:00
Beat Gaetzi
2f56593a56 - Document mozilla -- multiple vulnerabilities
Approved by:	miwi (secteam)
2009-06-12 14:55:51 +00:00