FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
97c22a94-5b8b-11e2-b131-000c299b62e1nagios -- buffer overflow in history.cgi

full disclosure reports:

history.cgi is vulnerable to a buffer overflow due to the use of sprintf with user supplied data that has not been restricted in size.


Discovery 2012-12-21
Entry 2013-01-10
nagios
< 3.4.3_1

CVE-2012-6096
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html
http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547
ba04a373-7d20-11e3-8992-00132034b086nagios -- denial of service vulnerability

Eric Stanley reports:

Most CGIs previously incremented the input variable counter twice when it encountered a long key value. This could cause the CGI to read past the end of the list of CGI variables.


Discovery 2013-12-20
Entry 2014-01-14
nagios
< 3.5.1_3

CVE-2013-7108
CVE-2013-7205
http://sourceforge.net/p/nagios/nagioscore/ci/d97e03f32741a7d851826b03ed73ff4c9612a866/
https://bugzilla.redhat.com/show_bug.cgi?id=1046113