FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  368362
Date:      2014-09-17
Time:      11:04:33Z
Committer: kwm

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e31d44a2-21e3-11d9-9289-000c41e2cdadimwheel -- insecure handling of PID file

A Computer Academic Underground advisory describes the consequences of imwheel's handling of the process ID file (PID file):

imwheel exclusively uses a predictably named PID file for management of multiple imwheel processes. A race condition exists when the -k command-line option is used to kill existing imwheel processes. This race condition may be used by a local user to Denial of Service another user using imwheel, lead to resource exhaustion of the host system, or append data to arbitrary files.


Discovery 2004-08-20
Entry 2004-10-19
imwheel
lt 1.0.0.p12

http://www.caughq.org/advisories/CAU-2004-0002.txt
http://imwheel.sourceforge.net/files/DEVELOPMENT.txt
e31d44a2-21e3-11d9-9289-000c41e2cdadimwheel -- insecure handling of PID file

A Computer Academic Underground advisory describes the consequences of imwheel's handling of the process ID file (PID file):

imwheel exclusively uses a predictably named PID file for management of multiple imwheel processes. A race condition exists when the -k command-line option is used to kill existing imwheel processes. This race condition may be used by a local user to Denial of Service another user using imwheel, lead to resource exhaustion of the host system, or append data to arbitrary files.


Discovery 2004-08-20
Entry 2004-10-19
imwheel
lt 1.0.0.p12

http://www.caughq.org/advisories/CAU-2004-0002.txt
http://imwheel.sourceforge.net/files/DEVELOPMENT.txt