non port: security/vuxml/vuln.xml |
Number of commits found: 6271 (showing only 100 on this page) |
Thursday, 12 Aug 2004
|
20:54 marcus
The last commit should have changed the comparison tag from <le> to <lt>.
|
20:44 marcus
Update Gaim vulnerability (5b8f9a02-ec93-11d8-b913-000c41e2cdad) to indicate
that gaim-0.81_1 has a fix for this.
|
19:23 nectar
The MSN component of Gaim contains remotely exploitable buffer
overflows.
|
19:05 nectar
The Adobe Acrobat Reader can be coerced into executing arbitrary
commands on UNIX systems.
|
18:56 nectar
Under certain configurations of POPfile may allow an attacker to
retrieve files from the victim's machine.
Reported by: Daniel Grund <mail@dgrund.de>
|
18:43 nectar
Correct version information syntax in a number of entries. VuXML-using
tools are expected only to understand actual package names and version
numbers, not globs such as `foo-{bar,baz}' or `1.*'.
|
11:58 eik
give the ImageMagick png vulnerability an own entry
|
Wednesday, 11 Aug 2004
|
22:57 eik
f72ccf7c-e607-11d8-9b0a-000347a4fa7d is a duplicate of
6f955451-ba54-11d8-b88c-000d610a3b12, move references
|
Tuesday, 10 Aug 2004
|
11:00 eik
add a reference for linux-png-1.0.x to 3a408f6f-9c52-11d8-9366-0020ed76ef5a
|
Monday, 9 Aug 2004
|
15:10 eik
add ImageMagick to the list of png-vulnerable ports
|
Saturday, 7 Aug 2004
|
08:33 eik
correct typo
|
Friday, 6 Aug 2004
|
21:51 marcus
Add an entry for Thunderbird to the libpng vulnerability.
|
Thursday, 5 Aug 2004
|
23:35 eik
move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list of
vulnerable ports
|
14:27 eik
move f9e3e60b-e650-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list of
vulnerable ports
|
Friday, 30 Jul 2004
|
11:19 eik
Mozilla / Firefox user interface spoofing vulnerability
|
Tuesday, 27 Jul 2004
|
11:46 des
Use & instead of naked &.
|
11:45 des
Add CVE name and correct URL to iDEFENSE advisory for the SSLtelnet issue.
|
Thursday, 22 Jul 2004
|
23:30 eik
- add some references
- correctly match samba 3.0
- add ja-samba
|
15:45 trhodes
Fix an XML tag.
|
15:22 trhodes
Mark the 2.2.x series of Samba as vulnerable.
|
14:43 trhodes
Recently announced Samba issue.
|
Friday, 16 Jul 2004
|
07:31 eik
fix courier-imap version number
|
Thursday, 15 Jul 2004
|
08:01 eik
PHP memory_limit and strip_tags() vulnerabilities.
|
Sunday, 11 Jul 2004
|
00:59 eik
ethereal
|
Thursday, 8 Jul 2004
|
14:24 eik
move e5e2883d-ceb9-11d8-8898-000d6111a684 to vuln.xml
|
Monday, 5 Jul 2004
|
21:27 eik
XSS vulnerability affecting other webmail systems
|
17:24 nectar
Add missing mandatory <body> element for SSLtelnet issue.
|
12:03 des
Add an entry for the SSLtelnet format string vulnerability.
|
Saturday, 3 Jul 2004
|
15:27 naddy
Pavuk HTTP Location header overflow
|
06:48 trhodes
Move phpnuke vulnerabilities to VuXML.
|
Friday, 2 Jul 2004
|
14:24 eik
GNATS local privilege elevation (corrected PORTREVISION)
|
13:31 eik
GNATS local privilege elevation
|
09:13 des
Whitespace cleanup.
|
09:12 des
Add SA-04:13.linux
|
00:48 eik
move "phpMyAdmin code injection" to vuxml
|
Thursday, 1 Jul 2004
|
23:55 pav
- Add phpMyAdmin 2.5.7 vulnerability.
I hope I got XML right.
|
Monday, 28 Jun 2004
|
22:49 trhodes
Use the equal '=' sign as only the current version was affected.
|
21:27 eik
add a reference to ISC DHCP overflows
|
21:20 trhodes
Add xorg-clients due to xdm socket vuln.
|
03:58 trhodes
Move MoinMoin entry to VuXML.
|
Sunday, 27 Jun 2004
|
19:26 eik
reference cleanup
|
Saturday, 26 Jun 2004
|
00:45 trhodes
Fix the previous entry; it had an incorrect port range.
|
Friday, 25 Jun 2004
|
20:01 trhodes
Add an entry for recent isc-dhcp3-server buffer overflows.
Remove the one in portaudit.txt.
|
17:18 trhodes
Move giFT-FastTrack to VuXML.
|
02:04 trhodes
Fix an older entry which ends with "buffer overflows vuxml".
Fill in a date on my previous entry.
|
01:35 trhodes
Move the Gallery entry to VuXML.
|
00:36 eik
www/sitecopy uses the included libneon version 0.24.0
|
Monday, 21 Jun 2004
|
22:03 eik
I believe that linux-png-1.2.2 still contains the vulnerability.
Add some references that support this opinion.
|
20:04 pav
- Extend png entry to cover it's linux-png variant
Requested by: eik
|
Monday, 14 Jun 2004
|
21:05 fjoe
Midnight Commander security vulnerabilities
CAN-2004-0226, CAN-2004-0231, CAN-2004-0232
fixed in mc-4.6.0_10.
|
Saturday, 12 Jun 2004
|
12:22 eik
add a $FreeBSD$ tag
|
Wednesday, 9 Jun 2004
|
20:38 des
Add CAN-2004-0541 (buffer overflow in Squid NTLM authentication helper)
|
Tuesday, 8 Jun 2004
|
12:42 eik
Fix for CAN-2004-0097
Forgotten by: sobomax
|
Monday, 7 Jun 2004
|
21:21 des
Correction: FreeBSD-SA-04:12.jailroute does not apply to 4.7 and older.
|
21:17 des
Whitespace cleanup
|
21:17 des
Add FreeBSD-SA-04:12.jailroute.
|
Wednesday, 26 May 2004
|
11:32 des
FreeBSD-SA-04:11
|
Monday, 24 May 2004
|
11:49 ale
Update modified date for mysql bug after fixing typo.
Requested by: nectar
|
Friday, 21 May 2004
|
12:42 nectar
Add CVE name for one of the leafnode issues.
|
12:39 nectar
Edit the topics to distinguish a bit better between the different
leafnode DoS issues.
|
12:13 nectar
Document several issues in leafnode.
Submitted by: Matthias Andree <matthias.andree@gmx.de>
|
07:57 ale
Fix typo.
Spotted by: eik
|
Wednesday, 19 May 2004
|
21:06 nectar
Correct a typo (s/Jon/Joe/)
|
20:21 nectar
Add subversion and neon date parsing vulnerabilities.
|
12:57 des
make tidy
|
12:55 des
Add an entry for the cvs pserver heap overflow.
|
Tuesday, 18 May 2004
|
14:53 nectar
Add CVE name and CERT Vulnerability Note references for old Cyrus bug.
|
14:43 nectar
make tidy
|
14:40 nectar
Forced commit to note that the content of the previous revision was
Reported by: Ion-Mihai Tetcu <itetcu@apropo.ro>
|
14:39 nectar
Add URI handling issue that affects Opera and KDE, at least.
|
11:50 ale
Note that the mysqlbug has been fixed.
|
Monday, 17 May 2004
|
13:20 nectar
Update version number for fspd, now that it has been corrected.
Reported by: Radim Kolar <hsn@netmag.cz>
|
Saturday, 15 May 2004
|
13:20 eik
&, not |
|
13:13 eik
ProFTPD vulnerability is fixed in
<http://www.proftpd.org/docs/NEWS-1.2.10rc1>
Submitted by: Koop Mast <kwm@rainbow-runner.nl>
|
Wednesday, 12 May 2004
|
16:01 nectar
Add Cyrus IMSPd security release.
Reported by: eik
|
15:28 nectar
Add old Cyrus IMAP server heap buffer overflow.
Reported by: eik
|
Sunday, 9 May 2004
|
22:26 nobutaka
The security issue of multimedia/xine (insecure temporary file creation in
xine-check, xine-bugreport) has been fixed in 0.9.23_3.
|
Thursday, 6 May 2004
|
21:11 nectar
Only one <modified> is allowed per entry.
|
20:40 des
Correct the discovery date for the proftpd issue.
|
16:26 nectar
Oops. s/2005-05-05/2004-05-05/ :-)
|
16:12 nectar
Second-guess Oliver and correct the affected entry for exim
in order to unbreak this file.
|
15:43 eik
exim buffer overflow when verify = header_syntax is used
|
15:33 nectar
Add phpBB session table exhaustion issue.
Submitted by: Xin LI <delphij@frontfree.net>
|
Wednesday, 5 May 2004
|
21:49 nectar
Add the issues covered in FreeBSD-SA-04:08.heimdal and
FreeBSD-SA-04:09.kadmind.
|
14:57 nectar
make tidy
|
14:57 nectar
Use PORTVERSION conventions for FreeBSD version numbers, so that
5.2.1-RELEASE-p5 becomes 5.2.1_5 (not 5.2.1p5, as it would have been
previously).
This is necessary because e.g. 5.2p1 > 5.2.1p5 using existing version
comparison tools.
|
Monday, 3 May 2004
|
20:15 nectar
Correct package name for xchat Socks5 vulnerability (xchat -> xchat2).
Note that the issue is fixed in version 2.0.8_2 (thanks marcus!).
|
18:23 nectar
Correct the fixed version for lha.
|
14:42 nectar
png issue was fixed in png-1.2.5_4
|
Sunday, 2 May 2004
|
16:55 nectar
Add a vulnerability in www/pound.
Submitted by: clement
Add a security-related regression in ftp/proftpd.
Add several security issues in misc/mc.
Add a DoS issue in graphics/png.
Add a security issues in archivers/lha.
Add recent advisories for xine.
Add rsync path traversal issue.
|
Friday, 30 Apr 2004
|
16:04 nectar
tla is also affected by libneon issue.
PR: ports/65754
Submitted by: Frank Ruell <stoerte@dreamwarrior.net>
Additional reference for mysql issue.
Submitted by: Daniel Harris <dannyboy@FreeBSD.org>
|
Friday, 23 Apr 2004
|
23:07 nectar
Added CVE name for ident2 issue.
Added the ``new'' TCP DoS issue.
Added phpBB issue. (1)
Added XChat Socks5 issue.
Submitted by: (1) Frankye - ML <listsucker@ipv5.net>
|
Friday, 16 Apr 2004
|
16:29 nectar
Add mysqlbug temporary file handling vulnerability.
Add ident2 vulnerability.
make tidy (sorry, I meant to do this in a separate commit)
|
14:44 nectar
Additional CVE name for recent CVS vulnerability.
|
00:49 nectar
Add kdepim vulnerability
|
00:26 nectar
Add neon vulnerability
Correct the version range for openh323
|
Wednesday, 14 Apr 2004
|
17:18 nectar
Add CVS vulnerabilities.
|
15:10 nectar
Document another racoon DoS vulnerability.
Note that racoon was also affected by the tcpdump ISAKMP vulnerability.
|
Tuesday, 13 Apr 2004
|
20:39 nectar
make tidy
|
20:38 nectar
Add CVE name for racoon DoS vulnerability.
|
Number of commits found: 6271 (showing only 100 on this page) |