FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  363620
Date:      2014-07-31
Time:      15:23:47Z
Committer: rakuco

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
d371b627-6ed5-11d9-bd18-000a95bc6faezhcon -- unauthorized file access

Martin Joey Schulze reports:

Erik Sjöund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files.

When installed from the FreeBSD Ports Collection, zhcon is installed set-user-ID root.


Discovery 2005-01-25
Entry 2005-01-25
zhcon
zh-zhcon
lt 0.2.3_3

CVE-2005-0072
d371b627-6ed5-11d9-bd18-000a95bc6faezhcon -- unauthorized file access

Martin Joey Schulze reports:

Erik Sjöund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files.

When installed from the FreeBSD Ports Collection, zhcon is installed set-user-ID root.


Discovery 2005-01-25
Entry 2005-01-25
zhcon
zh-zhcon
lt 0.2.3_3

CVE-2005-0072