FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  366223
Date:      2014-08-26
Time:      16:36:41Z
Committer: rene

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
72cba7b0-13cd-11de-a964-0030843d3802netatalk -- arbitrary command execution in papd daemon

Secunia reports:

A vulnerability has been reported in Netatalk, which potentially can be exploited by malicious users to compromise a vulnerable system.

The vulnerability is caused due to the papd daemon improperly sanitising several received parameters before passing them in a call to popen(). This can be exploited to execute arbitrary commands via a specially crafted printing request.

Successful exploitation requires that a printer is configured to pass arbitrary values as parameters to a piped command.


Discovery 2008-12-19
Entry 2009-03-18
Modified 2009-03-18
netatalk
lt 2.0.3_5,1

32925
CVE-2008-5718
http://secunia.com/advisories/33227/
http://www.openwall.com/lists/oss-security/2009/01/13/3