FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1e7f0c11-673a-11e5-98c8-60a44c524f57otrs -- Scheduler Process ID File Access

The OTRS project reports:

An attacker with valid LOCAL credentials could access and manipulate the process ID file for bin/otrs.schduler.pl from the CLI.

The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a process ID, which allows local users to have an unspecified impact by modifying this file.


Discovery 2015-09-17
Entry 2015-09-30
otrs
gt 3.2.* lt 3.2.18

gt 3.3.* lt 3.3.15

gt 4.0.* lt 4.0.13

https://www.otrs.com/security-advisory-2015-02-scheduler-process-id-file-access/
CVE-2015-6842
CVE-2013-7135