FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  360546
Date:      2014-07-04
Time:      06:38:23Z
Committer: swills

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ba51c2f7-5b43-11e1-8288-00262d5ed8eeplib -- remote code execution via buffer overflow

Secunia reports:

A vulnerability has been discovered in PLIB, which can be exploited by malicious people to compromise an application using the library.

The vulnerability is caused due to a boundary error within the "ulSetError()" function (src/util/ulError.cxx) when creating the error message, which can be exploited to overflow a static buffer.

Successful exploitation allows the execution of arbitrary code but requires that the attacker can e.g. control the content of an overly long error message passed to the "ulSetError()" function.

The vulnerability is confirmed in version 1.8.5. Other versions may also be affected.


Discovery 2011-12-21
Entry 2012-02-19
torcs
lt 1.3.3

plib
le 1.8.5_3

CVE-2011-4620
http://secunia.com/advisories/47297/
http://torcs.sourceforge.net/index.php?name=News&file=article&sid=79
ba51c2f7-5b43-11e1-8288-00262d5ed8eeplib -- remote code execution via buffer overflow

Secunia reports:

A vulnerability has been discovered in PLIB, which can be exploited by malicious people to compromise an application using the library.

The vulnerability is caused due to a boundary error within the "ulSetError()" function (src/util/ulError.cxx) when creating the error message, which can be exploited to overflow a static buffer.

Successful exploitation allows the execution of arbitrary code but requires that the attacker can e.g. control the content of an overly long error message passed to the "ulSetError()" function.

The vulnerability is confirmed in version 1.8.5. Other versions may also be affected.


Discovery 2011-12-21
Entry 2012-02-19
torcs
lt 1.3.3

plib
le 1.8.5_3

CVE-2011-4620
http://secunia.com/advisories/47297/
http://torcs.sourceforge.net/index.php?name=News&file=article&sid=79
e7fd27b2-3ae9-11e1-8b5c-00262d5ed8eetorcs -- untrusted local library loading

TORCS News reports:

An insecure change to LD_LIBRARY_PATH allows loading of libraries in directories other than the standard paths. This can be a problem when downloading and installing untrusted content from the Internet.


Discovery 2010-10-20
Entry 2012-01-09
torcs
lt 1.3.2

CVE-2010-3384
http://torcs.sourceforge.net/index.php?name=News&file=article&sid=77
http://sourceforge.net/tracker/index.php?func=detail&aid=3089384&group_id=3777&atid=103777
e7fd27b2-3ae9-11e1-8b5c-00262d5ed8eetorcs -- untrusted local library loading

TORCS News reports:

An insecure change to LD_LIBRARY_PATH allows loading of libraries in directories other than the standard paths. This can be a problem when downloading and installing untrusted content from the Internet.


Discovery 2010-10-20
Entry 2012-01-09
torcs
lt 1.3.2

CVE-2010-3384
http://torcs.sourceforge.net/index.php?name=News&file=article&sid=77
http://sourceforge.net/tracker/index.php?func=detail&aid=3089384&group_id=3777&atid=103777