FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371321
Date:      2014-10-21
Time:      13:58:33Z
Committer: madpilot

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
af8e3a0c-5009-11dc-8a43-003048705d5arsync -- off by one stack overflow

BugTraq reports:

The rsync utility is prone to an off-by-one buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input.

Successfully exploiting this issue may allow arbitrary code-execution in the context of the affected utility.


Discovery 2007-08-15
Entry 2007-08-21
Modified 2007-08-23
rsync
lt 2.6.9_1

25336
CVE-2007-4091
af8e3a0c-5009-11dc-8a43-003048705d5arsync -- off by one stack overflow

BugTraq reports:

The rsync utility is prone to an off-by-one buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input.

Successfully exploiting this issue may allow arbitrary code-execution in the context of the affected utility.


Discovery 2007-08-15
Entry 2007-08-21
Modified 2007-08-23
rsync
lt 2.6.9_1

25336
CVE-2007-4091
2689f4cb-ec4c-11d8-9440-000347a4fa7drsync -- path sanitizing vulnerability

An rsync security advisory reports:

There is a path-sanitizing bug that affects daemon mode in all recent rsync versions (including 2.6.2) but only if chroot is disabled.

The bug may allow a remote user to access files outside of an rsync module's configured path with the privileges configured for that module.


Discovery 2004-08-12
Entry 2004-08-26
rsync
lt 2.6.2_2

CVE-2004-0792
http://samba.org/rsync/#security_aug04
http://lists.samba.org/archive/rsync-announce/2004/000017.html
http://secunia.com/advisories/12294
http://www.osvdb.org/8829
2689f4cb-ec4c-11d8-9440-000347a4fa7drsync -- path sanitizing vulnerability

An rsync security advisory reports:

There is a path-sanitizing bug that affects daemon mode in all recent rsync versions (including 2.6.2) but only if chroot is disabled.

The bug may allow a remote user to access files outside of an rsync module's configured path with the privileges configured for that module.


Discovery 2004-08-12
Entry 2004-08-26
rsync
lt 2.6.2_2

CVE-2004-0792
http://samba.org/rsync/#security_aug04
http://lists.samba.org/archive/rsync-announce/2004/000017.html
http://secunia.com/advisories/12294
http://www.osvdb.org/8829