FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318524
Date:      2013-05-19
Time:      14:06:36Z
Committer: rakuco

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
296ecb59-0f6b-11df-8bab-0019996bc1f7squid -- Denial of Service vulnerability in DNS handling

Squid security advisory 2010:1 reports:

Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted DNS packets.

This problem allows any trusted client or external server who can determine the squid receiving port to perform a short-term denial of service attack on the Squid service.


Discovery 2010-01-14
Entry 2010-02-01
Modified 2010-05-02
squid
ge 2.7.1 lt 2.7.7_3

ge 3.0.1 lt 3.0.23

ge 3.1.0.1 lt 3.1.0.15_2

CVE-2010-0308
http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
81d9dc0c-1988-11df-8e66-0019996bc1f7squid -- Denial of Service vulnerability in HTCP

Squid security advisory 2010:2 reports:

Due to incorrect processing Squid is vulnerable to a denial of service attack when receiving specially crafted HTCP packets.

This problem allows any machine to perform a denial of service attack on the Squid service when its HTCP port is open.


Discovery 2010-02-12
Entry 2010-02-14
Modified 2010-05-02
squid
ge 2.7.1 lt 2.7.7_4

ge 3.0.1 lt 3.0.24

CVE-2010-0639
http://www.squid-cache.org/Advisories/SQUID-2010_2.txt
81d9dc0c-1988-11df-8e66-0019996bc1f7squid -- Denial of Service vulnerability in HTCP

Squid security advisory 2010:2 reports:

Due to incorrect processing Squid is vulnerable to a denial of service attack when receiving specially crafted HTCP packets.

This problem allows any machine to perform a denial of service attack on the Squid service when its HTCP port is open.


Discovery 2010-02-12
Entry 2010-02-14
Modified 2010-05-02
squid
ge 2.7.1 lt 2.7.7_4

ge 3.0.1 lt 3.0.24

CVE-2010-0639
http://www.squid-cache.org/Advisories/SQUID-2010_2.txt
c37de843-488e-11e2-a5c9-0019996bc1f7squid -- denial of service

Squid developers report:

Due to missing input validation Squid cachemgr.cgi tool is vulnerable to a denial of service attack when processing specially crafted requests.

This problem allows any client able to reach the cachemgr.cgi to perform a denial of service attack on the service host.

The nature of the attack may cause secondary effects through resource consumption on the host server.


Discovery 2012-12-17
Entry 2012-12-28
Modified 2013-05-02
squid
lt 2.7.9_4

ge 3.1 lt 3.1.23

ge 3.2 lt 3.2.6

ge 3.3 lt 3.3.0.3

CVE-2012-5643
CVE-2013-0189
http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
296ecb59-0f6b-11df-8bab-0019996bc1f7squid -- Denial of Service vulnerability in DNS handling

Squid security advisory 2010:1 reports:

Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted DNS packets.

This problem allows any trusted client or external server who can determine the squid receiving port to perform a short-term denial of service attack on the Squid service.


Discovery 2010-01-14
Entry 2010-02-01
Modified 2010-05-02
squid
ge 2.7.1 lt 2.7.7_3

ge 3.0.1 lt 3.0.23

ge 3.1.0.1 lt 3.1.0.15_2

CVE-2010-0308
http://www.squid-cache.org/Advisories/SQUID-2010_1.txt