FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
36858e78-3963-11e4-ad84-000c29f6ae42	security/ossec-hids-* -- root escalation via temp files OSSEC reports: This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just process id. Discovery 2014-09-09 Entry 2014-09-11 ossec-hids-server ossec-hids-client ossec-hids-local < 2.8.1 CVE-2014-5284 http://www.ossec.net/?p=1135

VuXML ID

Description

36858e78-3963-11e4-ad84-000c29f6ae42

security/ossec-hids-* -- root escalation via temp files

OSSEC reports:

This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just process id.

Discovery 2014-09-09
Entry 2014-09-11
ossec-hids-server
ossec-hids-client
ossec-hids-local

< 2.8.1

CVE-2014-5284
http://www.ossec.net/?p=1135