FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371418
Date:      2014-10-24
Time:      01:58:13Z
Committer: zi

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
7c920bb7-4b5f-11e1-9f47-00e0815b8da8sudo -- format string vulnerability

Todd Miller reports:

Sudo 1.8.0 introduced simple debugging support that was primarily intended for use when developing policy or I/O logging plugins. The sudo_debug() function contains a flaw where the program name is used as part of the format string passed to the fprintf() function. The program name can be controlled by the caller, either via a symbolic link or, on some systems, by setting argv[0] when executing sudo.

Using standard format string vulnerability exploitation techniques it is possible to leverage this bug to achieve root privileges.

Exploitation of the bug does not require that the attacker be listed in the sudoers file. As such, we strongly suggest that affected sites upgrade from affected sudo versions as soon as possible.


Discovery 2012-01-30
Entry 2012-01-30
Modified 2012-01-31
sudo
ge 1.8.0 lt 1.8.3_2

CVE-2012-0809
http://www.gratisoft.us/sudo/alerts/sudo_debug.html
82cfd919-8213-11e2-9273-902b343deec9sudo -- Potential bypass of tty_tickets constraints

Todd Miller reports:

A (potentially malicious) program run by a user with sudo access may be able to bypass the "tty_ticket" constraints. In order for this to succeed there must exist on the machine a terminal device that the user has previously authenticated themselves on via sudo within the last time stamp timeout (5 minutes by default).


Discovery 2013-02-27
Entry 2013-03-01
sudo
lt 1.8.6.p7

CVE-2013-1776
http://www.sudo.ws/sudo/alerts/tty_tickets.html
764344fb-8214-11e2-9273-902b343deec9sudo -- Authentication bypass when clock is reset

Todd Miller reports:

The flaw may allow someone with physical access to a machine that is not password-protected to run sudo commands without knowing the logged in user's password. On systems where sudo is the principal way of running commands as root, such as on Ubuntu and Mac OS X, there is a greater chance that the logged in user has run sudo before and thus that an attack would succeed.


Discovery 2013-02-27
Entry 2013-03-01
sudo
lt 1.8.6.p7

CVE-2013-1775
http://www.sudo.ws/sudo/alerts/epoch_ticket.html
7c920bb7-4b5f-11e1-9f47-00e0815b8da8sudo -- format string vulnerability

Todd Miller reports:

Sudo 1.8.0 introduced simple debugging support that was primarily intended for use when developing policy or I/O logging plugins. The sudo_debug() function contains a flaw where the program name is used as part of the format string passed to the fprintf() function. The program name can be controlled by the caller, either via a symbolic link or, on some systems, by setting argv[0] when executing sudo.

Using standard format string vulnerability exploitation techniques it is possible to leverage this bug to achieve root privileges.

Exploitation of the bug does not require that the attacker be listed in the sudoers file. As such, we strongly suggest that affected sites upgrade from affected sudo versions as soon as possible.


Discovery 2012-01-30
Entry 2012-01-30
Modified 2012-01-31
sudo
ge 1.8.0 lt 1.8.3_2

CVE-2012-0809
http://www.gratisoft.us/sudo/alerts/sudo_debug.html
b3435b68-9ee8-11e1-997c-002354ed89bcsudo -- netmask vulnerability

Todd Miller reports:

Sudo supports granting access to commands on a per-host basis. The host specification may be in the form of a host name, a netgroup, an IP address, or an IP network (an IP address with an associated netmask).

When IPv6 support was added to sudo, a bug was introduced that caused the IPv6 network matching code to be called when an IPv4 network address does not match. Depending on the value of the uninitialized portion of the IPv6 address, it is possible for the IPv4 network number to match when it should not. This bug only affects IP network matching and does not affect simple IP address matching.

The reported configuration that exhibited the bug was an LDAP-based sudo installation where the sudoRole object contained multiple sudoHost entries, each containing a different IPv4 network. File-based sudoers should be affected as well as the same matching code is used.


Discovery 2012-05-16
Entry 2012-05-16
sudo
le 1.8.4_1

CVE-2012-2337
http://www.sudo.ws/sudo/alerts/netmask.html
b3435b68-9ee8-11e1-997c-002354ed89bcsudo -- netmask vulnerability

Todd Miller reports:

Sudo supports granting access to commands on a per-host basis. The host specification may be in the form of a host name, a netgroup, an IP address, or an IP network (an IP address with an associated netmask).

When IPv6 support was added to sudo, a bug was introduced that caused the IPv6 network matching code to be called when an IPv4 network address does not match. Depending on the value of the uninitialized portion of the IPv6 address, it is possible for the IPv4 network number to match when it should not. This bug only affects IP network matching and does not affect simple IP address matching.

The reported configuration that exhibited the bug was an LDAP-based sudo installation where the sudoRole object contained multiple sudoHost entries, each containing a different IPv4 network. File-based sudoers should be affected as well as the same matching code is used.


Discovery 2012-05-16
Entry 2012-05-16
sudo
le 1.8.4_1

CVE-2012-2337
http://www.sudo.ws/sudo/alerts/netmask.html