FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
05eeb7e9-b987-11e5-83ef-14dae9d210b8isc-dhcpd -- Denial of Service

ISC reports:

A badly formed packet with an invalid IPv4 UDP length field can cause a DHCP server, client, or relay program to terminate abnormally.


Discovery 2016-01-05
Entry 2016-01-12
isc-dhcp41-server
lt 4.1.e_10,2

isc-dhcp41-client
lt 4.1.e_3,2

isc-dhcp41-relay
lt 4.1.e_6,2

isc-dhcp42-client
isc-dhcp42-server
isc-dhcp42-relay
ge 0

isc-dhcp43-client
isc-dhcp43-server
isc-dhcp43-relay
lt 4.3.3.p1

https://kb.isc.org/article/AA-01334
CVE-2015-8605
2040c7f5-1e3a-11e8-8ae9-0050569f0b83isc-dhcp -- Multiple vulnerabilities

ISC reports:

Failure to properly bounds check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section.

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash.


Discovery 2018-02-21
Entry 2018-03-02
isc-dhcp44-server
lt 4.4.1

isc-dhcp44-client
lt 4.4.1

isc-dhcp43-server
le 4.3.6

isc-dhcp43-client
le 4.3.6

CVE-2018-5732
CVE-2018-5733
https://kb.isc.org/article/AA-01565
https://kb.isc.org/article/AA-01567