FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  368143
Date:      2014-09-13
Time:      21:18:56Z
Committer: matthew

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
f3d24aee-e5ad-11e2-b183-20cf30e32f6dapache22 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports:

The mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.

mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.


Discovery 2013-06-21
Entry 2013-07-05
Modified 2013-07-10
apache22
gt 2.2.0 lt 2.2.25

apache22-event-mpm
gt 2.2.0 lt 2.2.25

apache22-itk-mpm
gt 2.2.0 lt 2.2.25

apache22-peruser-mpm
gt 2.2.0 lt 2.2.25

apache22-worker-mpm
gt 2.2.0 lt 2.2.25

CVE-2013-1862
CVE-2013-1896
91ecb546-b1e6-11e3-980f-20cf30e32f6dapache -- several vulnerabilities

Apache HTTP SERVER PROJECT reports:

Clean up cookie logging with fewer redundant string parsing passes. Log only cookies with a value assignment. Prevents segfaults when logging truncated cookies.

mod_dav: Keep track of length of cdata properly when removing leading spaces. Eliminates a potential denial of service from specifically crafted DAV WRITE requests.


Discovery 2014-02-25
Entry 2014-03-22
apache24
gt 2.4.0 lt 2.4.9

apache22
gt 2.2.0 lt 2.2.27

apache22-event-mpm
gt 2.2.0 lt 2.2.27

apache22-itk-mpm
gt 2.2.0 lt 2.2.27

apache22-peruser-mpm
gt 2.2.0 lt 2.2.27

apache22-worker-mpm
gt 2.2.0 lt 2.2.27

CVE-2014-0098
CVE-2013-6438