FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  452696
Date:      2017-10-23
Time:      08:57:11Z
Committer: brnrd

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
457ce015-67fa-11e7-867f-b499baebfeafApache httpd -- multiple vulnerabilities

The Apache httpd project reports:

important: Read after free in mod_http2 (CVE-2017-9789)

When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

important: Uninitialized memory reflection in mod_auth_digest (CVE-2017-9788)

The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest.

Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.


Discovery 2017-07-11
Entry 2017-07-13
apache24
lt 2.4.27

https://httpd.apache.org/security/vulnerabilities_24.html
CVE-2017-9789
CVE-2017-9788
a12494c1-2af4-11e5-86ff-14dae9d210b8apache24 -- multiple vulnerabilities

Jim Jagielski reports:

CVE-2015-3183 (cve.mitre.org) core: Fix chunk header parsing defect. Remove apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized characters.

CVE-2015-3185 (cve.mitre.org) Replacement of ap_some_auth_required (unusable in Apache httpd 2.4) with new ap_some_authn_required and ap_force_authn hook.

CVE-2015-0253 (cve.mitre.org) core: Fix a crash with ErrorDocument 400 pointing to a local URL-path with the INCLUDES filter active, introduced in 2.4.11. PR 57531.

CVE-2015-0228 (cve.mitre.org) mod_lua: A maliciously crafted websockets PING after a script calls r:wsupgrade() can cause a child process crash.


Discovery 2015-02-04
Entry 2015-07-15
apache24
lt 2.4.16

https://mail-archives.apache.org/mod_mbox/www-announce/201507.mbox/%3CAA5C882C-A9C3-46B9-9320-5040A2152E83@apache.org%3E
CVE-2015-3183
CVE-2015-3185
CVE-2015-0253
CVE-2015-0228
0c2db2aa-5584-11e7-9a7d-b499baebfeafApache httpd -- several vulnerabilities

The Apache httpd project reports:

  • ap_get_basic_auth_pw() Authentication Bypass (CVE-2017-3167):

    Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
  • mod_ssl Null Pointer Dereference (CVE-2017-3169):

    mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
  • mod_http2 Null Pointer Dereference (CVE-2017-7659):

    A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process.
  • ap_find_token() Buffer Overread (CVE-2017-7668):

    The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
  • mod_mime Buffer Overread (CVE-2017-7679):

    mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

Discovery 2017-06-20
Entry 2017-06-20
apache22
lt 2.2.33

apache24
lt 2.4.26

https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_22.html
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
CVE-2017-7679
76b085e2-9d33-11e7-9260-000c292ee6b8Apache -- HTTP OPTIONS method can leak server memory

The Fuzzing Project reports:

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.


Discovery 2017-09-18
Entry 2017-09-19
apache24
lt 2.4.27_1

apache22
lt 2.2.34_1

https://nvd.nist.gov/vuln/detail/CVE-2017-9798
CVE-2017-9798
862d6ab3-c75e-11e6-9f98-20cf30e32f6dApache httpd -- several vulnerabilities

Apache Software Foundation reports:

Please reference CVE/URL list for details


Discovery 2016-12-20
Entry 2016-12-21
Modified 2016-12-22
apache24
lt 2.4.25

http://httpd.apache.org/security/vulnerabilities_24.html
CVE-2016-8743
CVE-2016-2161
CVE-2016-0736
CVE-2016-8740
CVE-2016-5387