FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  452465
Date:      2017-10-19
Time:      19:59:15Z
Committer: swills

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
68847b20-8ddc-11e5-b69c-c86000169601gdm -- lock screen bypass when holding escape key

Ray Strode reports:

CVE-2015-7496 - lock screen bypass when holding escape key.


Discovery 2015-11-12
Entry 2015-11-18
gdm
lt 3.16.2_1

CVE-2015-7496
https://mail.gnome.org/archives/ftp-release-list/2015-November/msg00074.html
https://bugzilla.gnome.org/show_bug.cgi?id=758032
c6fbd447-59ed-11e0-8d04-0015f2db7bdegdm -- privilege escalation vulnerability

Sebastian Krahmer reports:

It was discovered that the GNOME Display Manager (gdm) cleared the cache directory, which is owned by an unprivileged user, with the privileges of the root user. A race condition exists in gdm where a local user could take advantage of this by writing to the cache directory between ending the session and the signal to clean up the session, which could lead to the execution of arbitrary code as the root user.


Discovery 2011-03-28
Entry 2011-03-29
gdm
lt 2.30.5_2

CVE-2011-0727
http://mail.gnome.org/archives/distributor-list/2011-March/msg00008.html
https://bugzilla.redhat.com/show_bug.cgi?id=688323
c6fbd447-59ed-11e0-8d04-0015f2db7bdegdm -- privilege escalation vulnerability

Sebastian Krahmer reports:

It was discovered that the GNOME Display Manager (gdm) cleared the cache directory, which is owned by an unprivileged user, with the privileges of the root user. A race condition exists in gdm where a local user could take advantage of this by writing to the cache directory between ending the session and the signal to clean up the session, which could lead to the execution of arbitrary code as the root user.


Discovery 2011-03-28
Entry 2011-03-29
gdm
lt 2.30.5_2

CVE-2011-0727
http://mail.gnome.org/archives/distributor-list/2011-March/msg00008.html
https://bugzilla.redhat.com/show_bug.cgi?id=688323