FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318877
Date:      2013-05-23
Time:      15:30:07Z
Committer: flo

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b43004b8-6a53-11df-bc7b-0245fb008c0bziproxy -- atypical huge picture files vulnerability

Ziproxy 3.0.1 release fixes a security vulnerability related to atypical huge picture files (>4GB of size once expanded).


Discovery 2010-05-20
Entry 2010-05-28
ziproxy
lt 3.0.1

40344
CVE-2010-1513
http://ziproxy.sourceforge.net/#news
http://secunia.com/advisories/39941
http://sourceforge.net/mailarchive/message.php?msg_name=201005210019.37119.dancab%40gmx.net
b43004b8-6a53-11df-bc7b-0245fb008c0bziproxy -- atypical huge picture files vulnerability

Ziproxy 3.0.1 release fixes a security vulnerability related to atypical huge picture files (>4GB of size once expanded).


Discovery 2010-05-20
Entry 2010-05-28
ziproxy
lt 3.0.1

40344
CVE-2010-1513
http://ziproxy.sourceforge.net/#news
http://secunia.com/advisories/39941
http://sourceforge.net/mailarchive/message.php?msg_name=201005210019.37119.dancab%40gmx.net
25673e6e-786b-11df-a921-0245fb008c0bziproxy -- security vulnerability in PNG decoder

Daniel Mealha Cabrita reports:

Fixed security vulnerability (heap-related) in PNG decoder. (new bug from 3.1.0)


Discovery 2010-06-15
Entry 2010-06-15
ziproxy
ge 3.1.0

lt 3.1.1

http://ziproxy.sourceforge.net/#news
http://sourceforge.net/mailarchive/message.php?msg_name=201006150731.30474.dancab%40gmx.net
872ae5be-29c0-11de-bdeb-0030843d3802ziproxy -- multiple vulnerability

Ziproxy Developers reports:

Multiple HTTP proxy implementations are prone to an information-disclosure vulnerability related to the interpretation of the 'Host' HTTP header. Specifically, this issue occurs when the proxy makes a forwarding decision based on the 'Host' HTTP header instead of the destination IP address.

Attackers may exploit this issue to obtain sensitive information such as internal intranet webpages. Additional attacks may also be possible.


Discovery 2009-02-23
Entry 2009-04-15
ziproxy
lt 2.7.0

33858
CVE-2009-0804
http://www.kb.cert.org/vuls/id/MAPG-7N9GN8
25673e6e-786b-11df-a921-0245fb008c0bziproxy -- security vulnerability in PNG decoder

Daniel Mealha Cabrita reports:

Fixed security vulnerability (heap-related) in PNG decoder. (new bug from 3.1.0)


Discovery 2010-06-15
Entry 2010-06-15
ziproxy
ge 3.1.0

lt 3.1.1

http://ziproxy.sourceforge.net/#news
http://sourceforge.net/mailarchive/message.php?msg_name=201006150731.30474.dancab%40gmx.net
872ae5be-29c0-11de-bdeb-0030843d3802ziproxy -- multiple vulnerability

Ziproxy Developers reports:

Multiple HTTP proxy implementations are prone to an information-disclosure vulnerability related to the interpretation of the 'Host' HTTP header. Specifically, this issue occurs when the proxy makes a forwarding decision based on the 'Host' HTTP header instead of the destination IP address.

Attackers may exploit this issue to obtain sensitive information such as internal intranet webpages. Additional attacks may also be possible.


Discovery 2009-02-23
Entry 2009-04-15
ziproxy
lt 2.7.0

33858
CVE-2009-0804
http://www.kb.cert.org/vuls/id/MAPG-7N9GN8