FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
df587aa2-b5a5-11e5-9728-002590263bf5dhcpcd -- multiple vulnerabilities

Nico Golde reports:

heap overflow via malformed dhcp responses later in print_option (via dhcp_envoption1) due to incorrect option length values. Exploitation is non-trivial, but I'd love to be proven wrong.

invalid read/crash via malformed dhcp responses. not exploitable beyond DoS as far as I can judge.


Discovery 2016-01-04
Entry 2016-01-08
dhcpcd
< 6.10.0

CVE-2016-1503
CVE-2016-1504
ports/206015
http://roy.marples.name/projects/dhcpcd/info/76a1609352263bd9def1300d7ba990679571fa30
http://roy.marples.name/projects/dhcpcd/info/595883e2a431f65d8fabf33059aa4689cca17403
http://www.openwall.com/lists/oss-security/2016/01/07/3