FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318524
Date:      2013-05-19
Time:      14:06:36Z
Committer: rakuco

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cae01d7b-110d-11df-955a-00219b0fc4d8apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long)

Apache ChangeLog reports:

Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.


Discovery 2009-06-30
Entry 2010-02-03
Modified 2010-02-03
apache
lt 1.3.42

apache+mod_perl
lt 1.3.42

apache+ipv6
lt 1.3.42

apache_fp
ge 0

ru-apache
lt 1.3.42+30.23

ru-apache+mod_ssl
lt 1.3.42

apache+ssl
lt 1.3.42.1.57_2

apache+mod_ssl
apache+mod_ssl+ipv6
apache+mod_ssl+mod_accel
apache+mod_ssl+mod_accel+ipv6
apache+mod_ssl+mod_accel+mod_deflate
apache+mod_ssl+mod_accel+mod_deflate+ipv6
apache+mod_ssl+mod_deflate
apache+mod_ssl+mod_deflate+ipv6
apache+mod_ssl+mod_snmp
apache+mod_ssl+mod_snmp+mod_accel
apache+mod_ssl+mod_snmp+mod_accel+ipv6
apache+mod_ssl+mod_snmp+mod_deflate
apache+mod_ssl+mod_snmp+mod_deflate+ipv6
apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6
lt 1.3.41+2.8.27_2

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0010
http://www.security-database.com/detail.php?alert=CVE-2010-0010
http://security-tracker.debian.org/tracker/CVE-2010-0010
http://www.vupen.com/english/Reference-CVE-2010-0010.php
cae01d7b-110d-11df-955a-00219b0fc4d8apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long)

Apache ChangeLog reports:

Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow.


Discovery 2009-06-30
Entry 2010-02-03
Modified 2010-02-03
apache
lt 1.3.42

apache+mod_perl
lt 1.3.42

apache+ipv6
lt 1.3.42

apache_fp
ge 0

ru-apache
lt 1.3.42+30.23

ru-apache+mod_ssl
lt 1.3.42

apache+ssl
lt 1.3.42.1.57_2

apache+mod_ssl
apache+mod_ssl+ipv6
apache+mod_ssl+mod_accel
apache+mod_ssl+mod_accel+ipv6
apache+mod_ssl+mod_accel+mod_deflate
apache+mod_ssl+mod_accel+mod_deflate+ipv6
apache+mod_ssl+mod_deflate
apache+mod_ssl+mod_deflate+ipv6
apache+mod_ssl+mod_snmp
apache+mod_ssl+mod_snmp+mod_accel
apache+mod_ssl+mod_snmp+mod_accel+ipv6
apache+mod_ssl+mod_snmp+mod_deflate
apache+mod_ssl+mod_snmp+mod_deflate+ipv6
apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6
lt 1.3.41+2.8.27_2

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0010
http://www.security-database.com/detail.php?alert=CVE-2010-0010
http://security-tracker.debian.org/tracker/CVE-2010-0010
http://www.vupen.com/english/Reference-CVE-2010-0010.php