This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|---|
| eb29a575-3381-11da-8340-000e0c2e438a | qpopper -- multiple privilege escalation vulnerabilities Jens Steube reports that qpopper is vulnerable to a privilege escalation vulnerability. qpopper does not properly drop root privileges so that user supplied configuration and trace files can be processed with root privileges. This could allow a local attacker to create or modify arbitrary files. qpopper is also affected by improper umask settings which could allow users to create group or world-writeable files, possibly allowing an attacker to overwrite arbitrary files. Discovery 2005-05-26 Entry 2005-11-07 Modified 2005-11-26 qpopper ge 4.0 le 4.0.5 CVE-2005-1151 CVE-2005-1152 http://secunia.com/advisories/15475/ |
| ebdf65c7-2ca6-11d8-9355-0020ed76ef5a | qpopper format string vulnerability An authenticated user may trigger a format string vulnerability present in qpopper's UIDL code, resulting in arbitrary code execution with group ID `mail' privileges. Discovery 2000-05-23 Entry 2003-12-12 qpopper < 2.53_1 1241 CVE-2000-0442 http://www.netsys.com/suse-linux-security/2000-May/att-0137/01-b0f5-Qpopper.txt |