FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  380553
Date:      2015-03-05
Time:      22:10:26Z
Committer: mandree

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1959e847-d4f0-11e3-84b0-0018fe623f2bOpenSSL -- NULL pointer dereference / DoS

OpenBSD and David Ramos reports:

Applications that use SSL_MODE_RELEASE_BUFFERS, such as nginx/apache, are prone to a race condition which may allow a remote attacker to crash the current service.

Discovery 2014-05-02
Entry 2014-05-03
ge 1.0.1 lt 1.0.1_12
5ac53801-ec2e-11e3-9cf3-3c970e169bc2OpenSSL -- multiple vulnerabilities

The OpenSSL Project reports:

An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. [CVE-2014-0224]

By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. [CVE-2014-0221]

A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. [CVE-2014-0195]

OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack. [CVE-2014-3470]

Discovery 2014-06-05
Entry 2014-06-05
ge 1.0.1 lt 1.0.1_13

ge 1.0.1 lt 1.0.1h

8aff07eb-1dbd-11e4-b6ba-3c970e169bc2OpenSSL -- multiple vulnerabilities

The OpenSSL Project reports:

A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. [CVE-2014-3508]

The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer dereference (read) by specifying an SRP ciphersuite even though it was not properly negotiated with the client. [CVE-2014-5139]

If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory. [CVE-2014-3509]

An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack. [CVE-2014-3505]

An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack. [CVE-2014-3506]

By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack. [CVE-2014-3507]

OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages. [CVE-2014-3510]

A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client's TLS records. [CVE-2014-3511]

A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected. [CVE-2014-3512]

Discovery 2014-08-06
Entry 2014-08-06
ge 1.0.1 lt 1.0.1_14

ge 1.0.1 lt 1.0.1i