This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
e4644df8-e7da-11e5-829d-c80aa9043978 | openssh -- command injection when X11Forwarding is enabled The OpenSSH project reports:
Discovery 2016-03-11 Entry 2016-03-11 Modified 2016-08-09 openssh-portable < 7.2.p2,1 FreeBSD ge 10.2 lt 10.2_14 ge 10.1 lt 10.1_31 ge 9.3 lt 9.3_39 http://www.openssh.com/txt/x11fwd.adv CVE-2016-3115 SA-16:14.openssh |
2c948527-d823-11e6-9171-14dae9d210b8 | FreeBSD -- OpenSSH multiple vulnerabilitiesProblem Description:The ssh-agent(1) agent supports loading a PKCS#11 module from outside a trusted whitelist. An attacker can request loading of a PKCS#11 module across forwarded agent-socket. [CVE-2016-10009] When privilege separation is disabled, forwarded Unix domain sockets would be created by sshd(8) with the privileges of 'root' instead of the authenticated user. [CVE-2016-10010] Impact:A remote attacker who have control of a forwarded agent-socket on a remote system and have the ability to write files on the system running ssh-agent(1) agent can run arbitrary code under the same user credential. Because the attacker must already have some control on both systems, it is relatively hard to exploit this vulnerability in a practical attack. [CVE-2016-10009] When privilege separation is disabled (on FreeBSD, privilege separation is enabled by default and has to be explicitly disabled), an authenticated attacker can potentially gain root privileges on systems running OpenSSH server. [CVE-2016-10010] Discovery 2017-01-11 Entry 2017-01-11 Modified 2017-01-13 openssh-portable < 7.3.p1_5,1 FreeBSD ge 11.0 lt 11.0_7 ge 10.3 lt 10.3_16 CVE-2016-10009 CVE-2016-10010 SA-17:01.openssh |
adccefd1-7080-11e6-a2cb-c80aa9043978 | openssh -- sshd -- remote valid user discovery and PAM /bin/login attack The OpenSSH project reports:
Discovery 2016-08-01 Entry 2016-09-01 openssh-portable < 7.3.p1,1 http://www.openssh.com/txt/release-7.3 CVE-2016-6210 CVE-2015-8325 |
2920c449-4850-11e5-825f-c80aa9043978 | OpenSSH -- PAM vulnerabilities
Discovery 2015-08-11 Entry 2015-08-21 Modified 2016-08-09 openssh-portable < 7.0.p1,1 FreeBSD ge 10.2 lt 10.2_2 ge 10.1 lt 10.1_19 ge 9.3 lt 9.3_24 http://www.openssh.com/txt/release-7.0 CVE-2015-6563 CVE-2015-6564 CVE-2015-6565 SA-15:22.openssh |
5b74a5bc-348f-11e5-ba05-c80aa9043978 | OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices
Discovery 2015-07-21 Entry 2015-07-27 Modified 2016-08-09 openssh-portable < 6.9.p1_2,1 FreeBSD ge 10.1 lt 10.1_16 ge 9.3 lt 9.3_21 ge 8.4 lt 8.4_36 https://access.redhat.com/security/cve/CVE-2015-5600 CVE-2015-5600 SA-15:16.openssh |
6a2cfcdc-9dea-11e6-a298-14dae9d210b8 | FreeBSD -- OpenSSH Remote Denial of Service vulnerabilityProblem Description:When processing the SSH_MSG_KEXINIT message, the server could allocate up to a few hundreds of megabytes of memory per each connection, before any authentication take place. Impact:A remote attacker may be able to cause a SSH server to allocate an excessive amount of memory. Note that the default MaxStartups setting on FreeBSD will limit the effectiveness of this attack. Discovery 2016-10-19 Entry 2016-10-29 Modified 2016-11-02 openssh-portable < 7.3p1_1 FreeBSD ge 11.0 lt 11.0_3 ge 10.3 lt 10.3_12 http://seclists.org/oss-sec/2016/q4/191 CVE-2016-8858 SA-16:33.openssh |
887eb570-27d3-11ee-adba-c80aa9043978 | OpenSSH -- remote code execution via a forwarded agent socket OpenSSH project reports:
Discovery 2023-07-19 Entry 2023-07-21 openssh-portable openssh-portable-hpn openssh-portable-gssapi < 9.3.p2,1 CVE-2023-38408 https://www.openssh.com/txt/release-9.3p2 |
32db37a5-50c3-11db-acf3-000c6ec775d9 | openssh -- multiple vulnerabilitiesProblem DescriptionThe CRC compensation attack detector in the sshd(8) daemon, upon receipt of duplicate blocks, uses CPU time cubic in the number of duplicate blocks received. [CVE-2006-4924] A race condition exists in a signal handler used by the sshd(8) daemon to handle the LoginGraceTime option, which can potentially cause some cleanup routines to be executed multiple times. [CVE-2006-5051] ImpactAn attacker sending specially crafted packets to sshd(8) can cause a Denial of Service by using 100% of CPU time until a connection timeout occurs. Since this attack can be performed over multiple connections simultaneously, it is possible to cause up to MaxStartups (10 by default) sshd processes to use all the CPU time they can obtain. [CVE-2006-4924] The OpenSSH project believe that the race condition can lead to a Denial of Service or potentially remote code execution, but the FreeBSD Security Team has been unable to verify the exact impact. [CVE-2006-5051] WorkaroundThe attack against the CRC compensation attack detector can be avoided by disabling SSH Protocol version 1 support in sshd_config(5). There is no workaround for the second issue. Discovery 2006-09-25 Entry 2006-09-30 FreeBSD ge 6.1 lt 6.1_10 ge 6.0 lt 6.0_15 ge 5.5 lt 5.5_8 ge 5.4 lt 5.4_22 ge 5.0 lt 5.3_37 < 4.11_25 openssh < 4.4,1 openssh-portable < 4.4.p1,1 20216 CVE-2006-4924 CVE-2006-5051 SA-06:22.openssh http://www.openssh.com/txt/release-4.4 |