This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
1f826757-26be-11d9-ad2d-0050fc56d258 | rssh -- format string vulnerability There is a format string bug in rssh that enables an attacker to execute arbitrary code from an account configured to use rssh. On FreeBSD it is only possible to compromise the rssh running account, not root. Discovery 2004-10-23 Entry 2004-10-25 rssh le 2.2.1 http://www.pizzashack.org/rssh/security.shtml http://marc.theaimsgroup.com/?l=bugtraq&m=109855982425122 |
65b25acc-e63b-11e1-b81c-001b77d09812 | rssh -- arbitrary command execution Derek Martin (rssh maintainer) reports:
Discovery 2012-05-08 Entry 2012-08-22 rssh < 2.3.4 53430 CVE-2012-3478 http://sourceforge.net/mailarchive/message.php?msg_id=29235647 |
a4598875-ec91-11e1-8bd8-0022156e8794 | rssh -- configuration restrictions bypass Derek Martin (rssh maintainer) reports:
Discovery 2010-08-01 Entry 2012-08-22 rssh < 2.3.3 http://www.pizzashack.org/rssh/security.shtml |
a4815970-c5cc-11d8-8898-000d6111a684 | rssh -- file name disclosure bug rssh expands command line paramters before invoking chroot. This could result in the disclosure to the client of file names outside of the chroot directory. A posting by the rssh author explains:
Discovery 2004-06-19 Entry 2004-09-21 rssh < 2.2.1 CVE-2004-0609 http://marc.theaimsgroup.com/?l=bugtraq&m=108787373022844 10574 http://www.osvdb.org/7239 |
d193aa9f-3f8c-11e9-9a24-6805ca0b38e8 | rssh - multiple vulnerabilities NVD reports:
Discovery 2019-02-04 Entry 2019-03-06 rssh < 2.3.4_2 https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=cpe%3a%2fa%3apizzashack%3arssh%3a2.3.4 CVE-2019-1000018 CVE-2019-3463 CVE-2019-3464 |
e34d0c2e-9efb-11da-b410-000e0c2e438a | rssh -- privilege escalation vulnerability Pizzashack reports:
Discovery 2005-12-18 Entry 2006-02-16 rssh < 2.3.0 16050 CVE-2005-3345 http://www.pizzashack.org/rssh/security.shtml |
f11b219a-44b6-11d9-ae2f-021106004fd6 | rssh & scponly -- arbitrary command execution Jason Wies identified both rssh & scponly have a vulnerability that allows arbitrary command execution. He reports:
Discovery 2004-11-28 Entry 2004-12-02 Modified 2004-12-12 rssh le 2.2.2 scponly < 4.0 11791 11792 ports/74633 http://marc.theaimsgroup.com/?l=bugtraq&m=110202047507273 |