FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318524
Date:      2013-05-19
Time:      14:06:36Z
Committer: rakuco

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
9b4facec-6761-11da-99f6-00123ffe8333	curl -- URL buffer overflow vulnerability A Project cURL Security Advisory reports: libcurl's URL parser function can overflow a malloced buffer in two ways, if given a too long URL. 1 - pass in a URL with no protocol (like "http://") prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the malloced buffer. 2 - pass in a URL with only a question mark as separator (no slash) between the host and the query part of the URL. This leads to a single zero byte overflow of the malloced buffer. Both overflows can be made with the same input string, leading to two single zero byte overwrites. The affected flaw cannot be triggered by a redirect, but the long URL must be passed in "directly" to libcurl. It makes this a "local" problem. Of course, lots of programs may still pass in user-provided URLs to libcurl without doing much syntax checking of their own, allowing a user to exploit this vulnerability. Discovery 2005-12-07 Entry 2005-12-09 Modified 2006-01-01 curl ge 7.11.2 lt 7.15.1 15756 CVE-2005-4077 http://curl.haxx.se/docs/adv_20051207.html http://www.hardened-php.net/advisory_242005.109.html http://secunia.com/advisories/17907/
5d433534-f41c-402e-ade5-e0a2259a7cb6	curl -- cURL/libcURL Location: Redirect URLs Security Bypass Secunia reports: The security issue is caused due to cURL following HTTP Location: redirects to e.g. scp:// or file:// URLs which can be exploited by a malicious HTTP server to overwrite or disclose the content of arbitrary local files and potentially execute arbitrary commands via specially crafted redirect URLs. Discovery 2009-03-03 Entry 2009-03-04 curl ge 5.11 lt 7.19.4 CVE-2009-0037 http://secunia.com/advisories/34138/
5d433534-f41c-402e-ade5-e0a2259a7cb6	curl -- cURL/libcURL Location: Redirect URLs Security Bypass Secunia reports: The security issue is caused due to cURL following HTTP Location: redirects to e.g. scp:// or file:// URLs which can be exploited by a malicious HTTP server to overwrite or disclose the content of arbitrary local files and potentially execute arbitrary commands via specially crafted redirect URLs. Discovery 2009-03-03 Entry 2009-03-04 curl ge 5.11 lt 7.19.4 CVE-2009-0037 http://secunia.com/advisories/34138/
c8c31c41-49ed-11df-83fb-0015587e2cc1	curl -- libcurl buffer overflow vulnerability The cURL project reports in a security advisory: Using the affected libcurl version to download compressed content over HTTP, an application can ask libcurl to automatically uncompress data. When doing so, libcurl can wrongly send data up to 64K in size to the callback which thus is much larger than the documented maximum size. An application that blindly trusts libcurl's max limit for a fixed buffer size or similar is then a possible target for a buffer overflow vulnerability. Discovery 2010-02-09 Entry 2010-04-19 curl ge 7.10.5 lt 7.20.0 CVE-2010-0734 http://curl.haxx.se/docs/adv_20100209.html http://www.debian.org/security/2010/dsa-2023 http://www.openwall.com/lists/oss-security/2010/02/09/5
c8c31c41-49ed-11df-83fb-0015587e2cc1	curl -- libcurl buffer overflow vulnerability The cURL project reports in a security advisory: Using the affected libcurl version to download compressed content over HTTP, an application can ask libcurl to automatically uncompress data. When doing so, libcurl can wrongly send data up to 64K in size to the callback which thus is much larger than the documented maximum size. An application that blindly trusts libcurl's max limit for a fixed buffer size or similar is then a possible target for a buffer overflow vulnerability. Discovery 2010-02-09 Entry 2010-04-19 curl ge 7.10.5 lt 7.20.0 CVE-2010-0734 http://curl.haxx.se/docs/adv_20100209.html http://www.debian.org/security/2010/dsa-2023 http://www.openwall.com/lists/oss-security/2010/02/09/5
9b4facec-6761-11da-99f6-00123ffe8333	curl -- URL buffer overflow vulnerability A Project cURL Security Advisory reports: libcurl's URL parser function can overflow a malloced buffer in two ways, if given a too long URL. 1 - pass in a URL with no protocol (like "http://") prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the malloced buffer. 2 - pass in a URL with only a question mark as separator (no slash) between the host and the query part of the URL. This leads to a single zero byte overflow of the malloced buffer. Both overflows can be made with the same input string, leading to two single zero byte overwrites. The affected flaw cannot be triggered by a redirect, but the long URL must be passed in "directly" to libcurl. It makes this a "local" problem. Of course, lots of programs may still pass in user-provided URLs to libcurl without doing much syntax checking of their own, allowing a user to exploit this vulnerability. Discovery 2005-12-07 Entry 2005-12-09 Modified 2006-01-01 curl ge 7.11.2 lt 7.15.1 15756 CVE-2005-4077 http://curl.haxx.se/docs/adv_20051207.html http://www.hardened-php.net/advisory_242005.109.html http://secunia.com/advisories/17907/