FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  351541
Date:      2014-04-18
Time:      14:56:43Z
Committer: ohauer

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2fbfd455-f2d0-11e2-8a46-000d601460a4suPHP -- Privilege escalation

suPHP developer Sebastian Marsching reports:

When the suPHP_PHPPath was set, mod_suphp would use the specified PHP executable to pretty-print PHP source files (MIME type x-httpd-php-source or application/x-httpd-php-source).

However, it would not sanitize the environment. Thus a user that was allowed to use the SetEnv directive in a .htaccess file (AllowOverride FileInfo) could make PHP load a malicious configuration file (e.g. loading malicious extensions).

As the PHP process for highlighting the source file was run with the privileges of the user Apache HTTPd was running as, a local attacker could probably execute arbitrary code with the privileges of this user.


Discovery 2013-05-20
Entry 2013-07-22
suphp
lt 0.7.2

https://lists.marsching.com/pipermail/suphp/2013-May/002552.html
fb672330-02db-11dd-bd06-0017319806e7suphp -- multiple local privilege escalation vulnerabilities

Multiple local privilege escalation are found in the symlink verification code. An attacker may use it to run a PHP script with the victim's privilege. This attack is a little harder when suphp operates in paranoid mode. For suphp that runs in owner mode which is the default in ports, immediate upgrade to latest version is advised.


Discovery 2008-03-30
Entry 2008-04-05
Modified 2010-05-12
suphp
lt 0.6.3

CVE-2008-1614
28568
http://lists.marsching.biz/pipermail/suphp/2008-March/001750.html
fb672330-02db-11dd-bd06-0017319806e7suphp -- multiple local privilege escalation vulnerabilities

Multiple local privilege escalation are found in the symlink verification code. An attacker may use it to run a PHP script with the victim's privilege. This attack is a little harder when suphp operates in paranoid mode. For suphp that runs in owner mode which is the default in ports, immediate upgrade to latest version is advised.


Discovery 2008-03-30
Entry 2008-04-05
Modified 2010-05-12
suphp
lt 0.6.3

CVE-2008-1614
28568
http://lists.marsching.biz/pipermail/suphp/2008-March/001750.html