FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374826
Date:      2014-12-16
Time:      22:06:31Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6ad309d9-fb03-11e3-bebd-000c2980a9f3samba -- multiple vulnerabilities

The samba project reports:

A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service.

Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request.


Discovery 2014-06-23
Entry 2014-06-23
samba36
lt 3.6.24

samba4
lt 4.0.19

samba41
lt 4.1.9

CVE-2014-0244
CVE-2014-3493
https://www.samba.org/samba/security/CVE-2014-0244
https://www.samba.org/samba/security/CVE-2014-3493
03e48bf5-a96d-11e3-a556-3c970e169bc2samba -- multiple vulnerabilities

Samba project reports:

In Samba's SAMR server we neglect to ensure that attempted password changes will update the bad password count, nor set the lockout flags. This would allow a user unlimited attempts against the password by simply calling ChangePasswordUser2 repeatedly.

This is available without any other authentication.

smbcacls can remove a file or directory ACL by mistake.


Discovery 2014-03-11
Entry 2014-03-11
samba34
gt 0

samba35
gt 0

samba36
gt 3.6.* lt 3.6.23

samba4
gt 4.0.* lt 4.0.16

samba41
gt 4.1.* lt 4.1.6

CVE-2013-4496
CVE-2013-6442
http://www.samba.org/samba/security/CVE-2013-4496
http://www.samba.org/samba/security/CVE-2013-6442