FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a4c9e12d-88b7-11e3-8ada-10bf48e1088esocat -- buffer overflow with data from command line

Florian Weimer of the Red Hat Product Security Team reports:

Due to a missing check during assembly of the HTTP request line a long target server name in the PROXY-CONNECT address can cause a stack buffer overrun. Exploitation requires that the attacker is able to provide the target server name to the PROXY-CONNECT address in the command line. This can happen for example in scripts that receive data from untrusted sources.


Discovery 2014-01-24
Entry 2014-01-29
socat
< 1.7.2.3

CVE-2014-0019
http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt
6d87c2e9-c64d-11e2-9c22-50465d9ff992socat -- FD leak

Gerhard Rieger reports:

Under certain circumstances an FD leak occurs and can be misused for denial of service attacks against socat running in server mode.


Discovery 2013-05-26
Entry 2013-05-26
socat
< 1.7.2.2

CVE-2013-3571
http://seclists.org/oss-sec/2013/q2/411