FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
61bc44ce-9f5a-11ea-aff3-f8b156c2bfe9sympa - Security flaws in setuid wrappers

A vulnerability has been discovered in Sympa web interface by which attacker can execute arbitrary code with root privileges. Sympa uses two sorts of setuid wrappers:

  • FastCGI wrappers
  • newaliases wrapper

The FastCGI wrappers wwsympa-wrapper.fcgi and sympa_soap_server-wrapper.fcgi were used to make the web interface running under privileges of a dedicated user.

The newaliases wrapper (sympa_newaliases-wrapper) allows Sympa to update the alias database with root privileges.

Since these setuid wrappers did not clear environment variables, if environment variables like PERL5LIB were injected, forged code might be loaded and executed under privileges of setuid-ed users.


Discovery 2020-05-24
Entry 2020-05-26
sympa
< 6.2.56

https://sympa-community.github.io/security/2020-002.html
de6d8290-aef7-11e1-898f-14dae938ec40mail/sympa* -- Multiple vulnerabilities in Sympa archive management

David Verdin reports:

Multiple vulnerabilities have been discovered in Sympa archive management that allow to skip the scenario-based authorization mechanisms.

This vulnerability allows the attacker to:

  • display the archives management page ('arc_manage')
  • download the list's archives
  • delete the list's archives

Discovery 2012-05-15
Entry 2012-06-05
sympa
< 6.0.7

gt 6.1.* lt 6.1.11

http://www.sympa.org/security_advisories#security_breaches_in_archives_management
78c39232-a345-11e1-9d81-d0df9acfd7e5sympa -- Multiple Security Bypass Vulnerabilities

Secunia team reports:

Multiple vulnerabilities have been reported in Sympa, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerabilities are caused due to the application allowing access to archive functions without checking credentials. This can be exploited to create, download, and delete an archive.


Discovery 2012-05-14
Entry 2012-05-21
sympa
< 6.1.11

CVE-2012-2352
http://secunia.com/advisories/49045/
9908a1cc-35ad-424d-be0b-7e56abd5931asympa -- Denial of service caused by malformed CSRF token

Javier Moreno discovered a vulnerability in Sympa web interface that can cause denial of service (DoS) attack.

By submitting requests with malformed parameters, this flaw allows to create junk files in Sympa's directory for temporary files. And particularly by tampering token to prevent CSRF, it allows to originate exessive notification messages to listmasters.


Discovery 2020-02-24
Entry 2020-05-22
sympa
< 6.2.54

CVE-2020-9369
https://sympa-community.github.io/security/2020-001.html
31a7ffb1-a80a-11eb-b159-f8b156c2bfe9sympa -- Inappropriate use of the cookie parameter can be a security threat. This parameter may also not provide sufficient security.

Earlier versions of Sympa require a parameter named cookie in sympa.conf configuration file.

This parameter was used to make some identifiers generated by the system unpredictable. For example, it was used as following:

  • To be used as a salt to encrypt passwords stored in the database by the RC4 symmetric key algorithm.

    Note that RC4 is no longer considered secure enough and is not supported in the current version of Sympa.

  • To prevent attackers from sending crafted messages to achieve XSS and so on in message archives.

There were the following problems with the use of this parameter.

  1. This parameter, for its purpose, should be different for each installation, and once set, it cannot be changed. As a result, some sites have been operating without setting this parameter. This completely invalidates the security measures described above.
  2. Even if this parameter is properly set, it may be considered not being strong enough against brute force attacks.

Discovery 2021-04-27
Entry 2021-04-27
sympa
< 6.2.62

https://sympa-community.github.io/security/2021-001.html
451a6c79-c92b-11e4-a835-000c292ee6b8sympa -- Remote attackers can read arbitrary files

The Sympa Project reports:

The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.


Discovery 2015-01-13
Entry 2015-03-13
sympa
< 6.1.24

https://www.sympa.org/security_advisories
CVE-2015-1306
0add6e6b-6883-11eb-b0cb-f8b156c2bfe9sympa -- Unauthorised full access via SOAP API due to illegal cookie

Sympa community reports:

Unauthorised full access via SOAP API due to illegal cookie


Discovery 2020-11-24
Entry 2021-02-06
sympa
< 6.2.60

CVE-2020-29668
https://sympa-community.github.io/security/2020-003.html