FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
44ccfab0-3564-11e0-8e81-0022190034c0	exim -- local privilege escalation exim.org reports: CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files. Discovery 2011-01-31 Entry 2011-02-10 exim exim-ldap exim-ldap2 exim-mysql exim-postgresql exim-sa-exim < 4.74 CVE-2011-0017 ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74
ca9ce879-5ebb-11d9-a01c-0050569f0001	exim -- two buffer overflow vulnerabilities 1. The function host_aton() can overflow a buffer if it is presented with an illegal IPv6 address that has more than 8 components. 2. The second report described a buffer overflow in the function spa_base64_to_bits(), which is part of the code for SPA authentication. Discovery 2005-01-05 Entry 2005-01-05 Modified 2005-01-18 exim exim-ldap exim-ldap2 exim-mysql exim-postgresql exim-sa-exim < 4.43+28_1 http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html http://marc.theaimsgroup.com/?l=bugtraq&m=110573573800377 CVE-2005-0021 CVE-2005-0022 12185 12188 12268

VuXML ID

Description

44ccfab0-3564-11e0-8e81-0022190034c0

exim -- local privilege escalation

exim.org reports:

CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files.

Discovery 2011-01-31
Entry 2011-02-10
exim
exim-ldap
exim-ldap2
exim-mysql
exim-postgresql
exim-sa-exim

< 4.74

CVE-2011-0017
ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74

ca9ce879-5ebb-11d9-a01c-0050569f0001

exim -- two buffer overflow vulnerabilities

1. The function host_aton() can overflow a buffer if it is presented with an illegal IPv6 address that has more than 8 components.

2. The second report described a buffer overflow in the function spa_base64_to_bits(), which is part of the code for SPA authentication.

Discovery 2005-01-05
Entry 2005-01-05
Modified 2005-01-18
exim
exim-ldap
exim-ldap2
exim-mysql
exim-postgresql
exim-sa-exim

< 4.43+28_1

http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html
http://marc.theaimsgroup.com/?l=bugtraq&m=110573573800377
CVE-2005-0021
CVE-2005-0022
12185
12188
12268