kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
148962 commits 42 branches 80 tags 2.7 GiB
Commit graph

1032 commits

Author SHA1 Message Date
Simon L. B. Nielsen
d64fe02de2 Also mark linux-seamonkey vulnerable to recent mozilla 
vulnerabilities.

Reported by:	Andrew Pantyukhin infofarmer at gmail dotty com
 2006-04-27 11:12:18 +00:00
Marcus Alves Grando
6d0d71dfe5 cacti -- ADOdb "server.php" Insecure Test Script Security Issue 2006-04-27 04:30:53 +00:00
Marcus Alves Grando
e69d0df24f amaya -- Attribute Value Buffer Overflow Vulnerabilities 2006-04-27 03:48:32 +00:00
Marcus Alves Grando
ac69cc6c3c lifetype -- ADOdb "server.php" Insecure Test Script Security Issue 2006-04-27 03:22:25 +00:00
Marcus Alves Grando
c97506a8c5 ethereal -- Multiple Protocol Dissector Vulnerabilities 2006-04-27 02:46:40 +00:00
Remko Lodder
6d264d8dc2 My 100th commit to the vuln.xml file: 
- Document Asterisk -- denial of service vulnerability, local system access.
 2006-04-25 20:57:47 +00:00
Eric Anholt
d990ae19c3 Change paraview checks to be < 2.4.3 now that paraview uses system libtiff. 2006-04-25 17:40:49 +00:00
Remko Lodder
9fca86861c Document zgv, xzgv -- heap overflow vulnerability. 2006-04-23 21:46:34 +00:00
Remko Lodder
b2c8757b20 Document crossfire-server -- denial of service and remote code execution 
vulnerability.
 2006-04-23 14:14:52 +00:00
Remko Lodder
1d4bde5eb6 Document p5-DBI -- insecure temporary file creation vulnerability. 2006-04-23 10:25:26 +00:00
Remko Lodder
77dac30344 Document wordpress -- full path disclosure. 2006-04-23 09:58:02 +00:00
Remko Lodder
cdbf49e1ec Document xine -- multiple remote string vulnerabilities. 2006-04-23 09:35:37 +00:00
Hajimu UMEMOTO
2a6899cab1 Add an entry for cyrus-sasl -- DIGEST-MD5 Pre-Authentication 
Denial of Service.
 2006-04-21 16:51:12 +00:00
Remko Lodder
53991e4223 Also mark all other versions of FreeBSD (That were released) as 
vulnerable.

Noticed by:	brueffer
Discussed with:	brueffer, simon
 2006-04-19 17:53:26 +00:00
Remko Lodder
e74e70ddc0 Add FreeBSD -- FPU information disclosure (SA-06:14) to the 
vuxml list.
 2006-04-19 17:36:56 +00:00
Simon L. B. Nielsen
ce1b83e95a Add some CERT references to latest Mozilla entry. 2006-04-18 19:39:22 +00:00
Marcus Alves Grando
a4e46f07ab plone -- "member_id" Parameter Portrait Manipulation Vulnerability 2006-04-18 13:48:46 +00:00
Simon L. B. Nielsen
cd8ff57933 Fix copy/paste error in last commit and mark linux-mozilla < 1.7.13 as 
vulnerable.
 2006-04-16 22:02:11 +00:00
Simon L. B. Nielsen
e07ffdcc18 Document mozilla/firefox/thunderbirds's latest attempt at Internet 
Explorer compatibility.

Note that I omitted marking some really old mozilla versions as
vulnerable this time, since there is already a bunch of entries
covering these versions (which haven't been in ports for a while).
 2006-04-16 21:52:31 +00:00
Emanuel Haupt
244f2b5f51 Update entry for sysutils/heartbeat. The insecure temporary file creation 
vulnerability is fixed in 1.2.4.

Approved by:	secteam (simon)
 2006-04-16 13:00:04 +00:00
Marcus Alves Grando
587b3e48fb mailman -- Private Archive Script Cross-Site Scripting 2006-04-16 01:52:16 +00:00
Remko Lodder
7e9c6efc20 Document f2c -- insecure temporary files. 
It is not very clear to me to see what version is fixed.  The one fixing
this port should import the latest available one which is fixed.
 2006-04-10 19:11:14 +00:00
Marcus Alves Grando
2a4e03ec76 mplayer -- Multiple integer overflows 2006-04-08 14:53:00 +00:00
Marcus Alves Grando
84746ec7d3 - Add Secunia references for last phpMyAdmin issue. 2006-04-07 14:15:02 +00:00
Remko Lodder
519fd752c5 Document kaffeine -- buffer overflow vulnerability. 2006-04-07 11:23:05 +00:00
Remko Lodder
463ef4e6b1 Document thunderbird -- javascript execution. 2006-04-07 10:38:53 +00:00
Remko Lodder
9c636d302a Update the latest zoo entry to match the latest update to the port. 
This will mark zoo-2.10.1_2 and later as not vulnerable for this
issue.
 2006-04-06 17:30:16 +00:00
Marcus Alves Grando
7f57c9182c phpmyadmin -- XSS vulnerabilities 
phpmyadmin -- 'set_theme' Cross-Site Scripting
 2006-04-06 16:44:46 +00:00
Marcus Alves Grando
f926976ec0 clamav -- Multiple Vulnerabilities 2006-04-06 15:30:12 +00:00
Remko Lodder
ca0e535fe7 Add cvename to the recent OpenVPN entry. 
Submitted by:	Matthias Andree <matthias dot andree at gmx dot de>
 2006-04-06 04:47:47 +00:00
Remko Lodder
a0ddc702a3 Document mediawiki -- hardcoded placeholder string security bypass 
vulnerability.
 2006-04-05 20:00:17 +00:00
Remko Lodder
fc258f1004 Document netpbm -- buffer overflow in pnmtopng. 2006-04-05 19:50:24 +00:00
Remko Lodder
f15877a546 Document zoo -- stack based buffer overflow. 2006-04-05 19:23:10 +00:00
Remko Lodder
eeb9bc7a2f Document mediawiki -- cross site scripting vulnerability. 2006-04-05 19:02:44 +00:00
Marcus Alves Grando
e532bbaa7d dia -- XFig Import Plugin Buffer Overflow 2006-04-05 17:37:37 +00:00
Marcus Alves Grando
043a17fd5f openvpn -- LD_PRELOAD code execution on client through malicious or compromised server 
PR:		95343
Submitted by:	Matthias Andree <matthias.andree__gmx.de>
 2006-04-05 14:57:46 +00:00
Marcus Alves Grando
d9ff0f6565 samba -- Exposure of machine account credentials in winbind log files 2006-04-05 04:33:24 +00:00
Brooks Davis
77e1e58771 Upgrade pubcookie from 3.3.0-beta2 to 3.3.0a fixing serious XSS 
vulnerabilities.
 2006-04-05 03:46:56 +00:00
Edwin Groothuis
baee87aba2 Fill in the version numbers for the vids 
6e3b12e2-6ce3-11da-b90c-000e0c2e438a and
82a41084-6ce7-11da-b90c-000e0c2e438a to show which Mantis versions
are vulnerable.

Submitted by:	In cooperation with dvl
 2006-04-01 05:01:11 +00:00
Simon L. B. Nielsen
16fb63b929 For horde -- remote code execution vulnerability in the help viewer 
entry:
- Add more references.
- Reformat description to follow normal formatting style better.
- Remove a redundant line in the description to make the meaning more
  clear.
 2006-03-30 06:53:30 +00:00
Marcus Alves Grando
0354370716 freeradius -- EAP-MSCHAPv2 Authentication Bypass 2006-03-29 19:08:51 +00:00
Thierry Thomas
92a2d1b920 Add an entry about Horde's remote code execution vulnerability in the 
help viewer.
 2006-03-28 18:13:13 +00:00
Marcus Alves Grando
e841881f4b linux-realplayer -- buffer overrun 
linux-realplayer -- heap overflow

Reviewed by:	simon
 2006-03-27 19:06:53 +00:00
Remko Lodder
ac7f108ff9 s/8 spaces/tab/ in the sendmail entry. 
Noticed by:	simon
 2006-03-24 18:02:29 +00:00
Remko Lodder
6767097f01 Record that our sendmail port was also vulnerable. 
Bump modification date.
 2006-03-24 17:10:23 +00:00
Remko Lodder
d81923c6b4 Update the 'Evolution - remote format string vulnerabilities' entry. 2006-03-24 13:08:53 +00:00
Remko Lodder
f9cee5162f Document the latest three FreeBSD Security Advisories: 
SA-06:13
SA-06:12
SA-06:11
 2006-03-24 12:25:58 +00:00
Dejan Lesjak
461e2908dc xorg-server -- privilege escalation 
Reviewed by:	simon
 2006-03-21 17:05:15 +00:00
Marcus Alves Grando
48b19385b0 - heimdal -- Multiple vulnerabilities 
Reviewed by:	simon
 2006-03-20 15:21:49 +00:00
Vasil Dimov
4ff24336d9 Document ftp/curl's TFTP packet buffer overflow vulnerability 
Reworked by:	simon
Approved by:	security-officer (simon)
 2006-03-20 12:58:15 +00:00