FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  321338
Date:      2013-06-19
Time:      21:56:56Z
Committer: jgh

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e5d29309-e0db-11dc-97b2-001c2514716copenldap -- modrdn Denial of Service vulnerability

Secunia Advisory reports:

A vulnerability has been reported in OpenLDAP, which can be exploited by malicious users to cause a DoS (Denial of Service).


Discovery 2008-02-13
Entry 2008-02-22
openldap-server
lt 2.3.41

gt 2.4.0 lt 2.4.8

27778
CVE-2008-0658
ae7124ff-547c-11db-8f1a-000a48049292openldap -- slapd acl selfwrite Security Issue

Howard Chu reports:

An ACL of the form 'access to dn.subtree="ou=groups, dc=example,dc=com" attr=member by * selfwrite' is intended to only allow users to add/delete their own DN to the target attribute. Currently it allows any DNs to be modified.


Discovery 2006-06-14
Entry 2006-10-05
openldap-server
openldap-sasl-server
lt 2.3.25

19832
CVE-2006-4600
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4587
http://www.openldap.org/lists/openldap-announce/200608/msg00000.html
http://secunia.com/advisories/21721
http://securitytracker.com/alerts/2006/Sep/1016783.html
e5d29309-e0db-11dc-97b2-001c2514716copenldap -- modrdn Denial of Service vulnerability

Secunia Advisory reports:

A vulnerability has been reported in OpenLDAP, which can be exploited by malicious users to cause a DoS (Denial of Service).


Discovery 2008-02-13
Entry 2008-02-22
openldap-server
lt 2.3.41

gt 2.4.0 lt 2.4.8

27778
CVE-2008-0658
db449245-870d-11dc-a3ec-001921ab2fa4openldap -- multiple remote denial of service vulnerabilities

BugTraq reports:

OpenLDAP is prone to multiple remote denial-of-service vulnerabilities because of an incorrect NULL-termination issue and a double-free issue.


Discovery 2007-10-29
Entry 2007-10-30
Modified 2007-10-31
openldap-server
lt 2.3.39

gt 2.4.0 lt 2.4.6

26245
CVE-2007-5707
CVE-2007-5708
db449245-870d-11dc-a3ec-001921ab2fa4openldap -- multiple remote denial of service vulnerabilities

BugTraq reports:

OpenLDAP is prone to multiple remote denial-of-service vulnerabilities because of an incorrect NULL-termination issue and a double-free issue.


Discovery 2007-10-29
Entry 2007-10-30
Modified 2007-10-31
openldap-server
lt 2.3.39

gt 2.4.0 lt 2.4.6

26245
CVE-2007-5707
CVE-2007-5708
ae7124ff-547c-11db-8f1a-000a48049292openldap -- slapd acl selfwrite Security Issue

Howard Chu reports:

An ACL of the form 'access to dn.subtree="ou=groups, dc=example,dc=com" attr=member by * selfwrite' is intended to only allow users to add/delete their own DN to the target attribute. Currently it allows any DNs to be modified.


Discovery 2006-06-14
Entry 2006-10-05
openldap-server
openldap-sasl-server
lt 2.3.25

19832
CVE-2006-4600
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4587
http://www.openldap.org/lists/openldap-announce/200608/msg00000.html
http://secunia.com/advisories/21721
http://securitytracker.com/alerts/2006/Sep/1016783.html