FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
dd7aa4f1-102f-11d9-8a8a-000c41e2cdadphp -- memory_limit related vulnerability

Stefan Esser of e-matters discovered a condition within PHP that may lead to remote execution of arbitrary code. The memory_limit facility is used to notify functions when memory contraints have been met. Under certain conditions, the entry into this facility is able to interrupt functions such as zend_hash_init() at locations not suitable for interruption. The result would leave these functions in a vulnerable state.

An attacker that is able to trigger the memory_limit abort within zend_hash_init() and is additionally able to control the heap before the HashTable itself is allocated, is able to supply his own HashTable destructor pointer. [...]

All mentioned places outside of the extensions are quite easy to exploit, because the memory allocation up to those places is deterministic and quite static throughout different PHP versions. [...]

Because the exploit itself consist of supplying an arbitrary destructor pointer this bug is exploitable on any platform.


Discovery 2004-07-07
Entry 2004-09-27
Modified 2004-10-02
mod_php4-twig
php4
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
le 4.3.7_3

mod_php4
le 4.3.7_3,1

php5
php5-cgi
php5-cli
le 5.0.0.r3_2

mod_php5
le 5.0.0.r3_2,1

CVE-2004-0594
http://marc.theaimsgroup.com/?l=bugtraq&m=108981780109154
http://security.e-matters.de/advisories/112004.html
10725
562a3fdf-16d6-11d9-bc4a-000c41e2cdadphp -- vulnerability in RFC 1867 file upload processing

Stefano Di Paola discovered an issue with PHP that could allow someone to upload a file to any directory writeable by the httpd process. Any sanitizing performed on the prepended directory path is ignored. This bug can only be triggered if the $_FILES element name contains an underscore.


Discovery 2004-09-15
Entry 2004-09-15
Modified 2004-10-12
php4
php4-cgi
le 4.3.8_2

mod_php4
le 4.3.8_2,1

php5
php5-cgi
le 5.0.1

mod_php5
le 5.0.1,1

http://marc.theaimsgroup.com/?l=bugtraq&m=109534848430404
http://marc.theaimsgroup.com/?l=bugtraq&m=109648426331965
d47e9d19-5016-11d9-9b5f-0050569f0001php -- multiple vulnerabilities

Secunia reports:

Multiple vulnerabilities have been reported in PHP, which can be exploited to gain escalated privileges, bypass certain security restrictions, gain knowledge of sensitive information, or compromise a vulnerable system.


Discovery 2004-12-16
Entry 2004-12-17
Modified 2004-12-18
mod_php4-twig
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php4
lt 4.3.10

mod_php
mod_php4
ge 4 lt 4.3.10,1

php5
php5-cgi
php5-cli
lt 5.0.3

mod_php5
lt 5.0.3,1

http://secunia.com/advisories/13481/
CVE-2004-1019
CVE-2004-1065
http://www.php.net/release_4_3_10.php
http://www.hardened-php.net/advisories/012004.txt
ad74a1bd-16d2-11d9-bc4a-000c41e2cdadphp -- php_variables memory disclosure

Stefano Di Paola reports:

Bad array parsing in php_variables.c could lead to show arbitrary memory content such as pieces of php code and other data. This affects all GET, POST or COOKIES variables.


Discovery 2004-09-15
Entry 2004-10-05
mod_php4-twig
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php4
le 4.3.8_2

mod_php
mod_php4
ge 4 le 4.3.8_2,1

php5
php5-cgi
php5-cli
le 5.0.1

mod_php5
le 5.0.1,1

http://marc.theaimsgroup.com/?l=bugtraq&m=109527531130492
edf61c61-0f07-11d9-8393-000103ccf9d6php -- strip_tags cross-site scripting vulnerability

Stefan Esser of e-matters discovered that PHP's strip_tags() function would ignore certain characters during parsing of tags, allowing these tags to pass through. Select browsers could then parse these tags, possibly allowing cross-site scripting attacks.


Discovery 2004-07-07
Entry 2004-09-27
Modified 2013-06-19
mod_php4-twig
php4
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
le 4.3.7_3

mod_php4
le 4.3.7_3,1

php5
php5-cgi
php5-cli
le 5.0.0.r3_2

mod_php5
le 5.0.0.r3_2,1

CVE-2004-0595
http://marc.theaimsgroup.com/?l=bugtraq&m=108981589117423
http://security.e-matters.de/advisories/122004.html
10724