FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
c0c31b27-bff3-11e3-9d09-000c2980a9f3openafs -- Denial of Service

The OpenAFS development team reports:

An attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the server.

The buffer overflow can be triggered by sending an unauthenticated request for file server statistical information.

Clients are not affected.


Discovery 2014-04-09
Entry 2014-04-09
openafs
ge 1.4.8 lt 1.6.7

CVE-2014-0159
http://openafs.org/security/OPENAFS-SA-2014-001.txt
c4d412c8-f4d1-11e2-b86c-000c295229d5openafs -- single-DES cell-wide key brute force vulnerability

OpenAFS Project reports:

The small size of the DES key space permits an attacker to brute force a cell's service key and then forge traffic from any user within the cell. The key space search can be performed in under 1 day at a cost of around $100 using publicly available services.


Discovery 2013-07-24
Entry 2013-07-25
openafs
lt 1.6.5

CVE-2013-4134
http://openafs.org/pages/security/OPENAFS-SA-2013-003.txt
http://openafs.org/pages/security/how-to-rekey.txt
http://openafs.org/pages/security/install-rxkad-k5-1.6.txt