FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374826
Date:      2014-12-16
Time:      22:06:31Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
f8b0f83c-8bb3-11dc-bffa-0016179b2dd5gftp -- multiple vulnerabilities

Gentoo reports:

Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names.

A remote attacker could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name, possibly resulting in the execution of arbitrary code or a Denial of Service.


Discovery 2007-11-01
Entry 2007-11-05
Modified 2007-11-11
gftp
lt 2.0.18_6

CVE-2007-3961
CVE-2007-3962
http://www.gentoo.org/security/en/glsa/glsa-200711-01.xml
f8b0f83c-8bb3-11dc-bffa-0016179b2dd5gftp -- multiple vulnerabilities

Gentoo reports:

Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names.

A remote attacker could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name, possibly resulting in the execution of arbitrary code or a Denial of Service.


Discovery 2007-11-01
Entry 2007-11-05
Modified 2007-11-11
gftp
lt 2.0.18_6

CVE-2007-3961
CVE-2007-3962
http://www.gentoo.org/security/en/glsa/glsa-200711-01.xml
2d8cf857-81ea-11d9-a9e7-0001020eed82gftp -- directory traversal vulnerability

A Debian Security Advisory reports:

Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client (CAN-2004-1376) which is also present in gftp, a GTK+ FTP client. A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client.


Discovery 2005-02-04
Entry 2005-02-18
gftp
lt 2.0.18

12539
CVE-2005-0372
http://www.debian.org/security/2005/dsa-686
http://www.gftp.org/changelog.html
2d8cf857-81ea-11d9-a9e7-0001020eed82gftp -- directory traversal vulnerability

A Debian Security Advisory reports:

Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client (CAN-2004-1376) which is also present in gftp, a GTK+ FTP client. A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client.


Discovery 2005-02-04
Entry 2005-02-18
gftp
lt 2.0.18

12539
CVE-2005-0372
http://www.debian.org/security/2005/dsa-686
http://www.gftp.org/changelog.html