Document awstat -- arbitrary command execution vulnerability.

Fix a incorrect use of cvename in the latest firefox entry, which I
missed when reviewing the entry (and which make validate did not / can
not catch).

phpwebftp -- "language" Local File Inclusion

Document firefox -- denial of service vulnerability

Reviewed by:    simon

trac -- Wiki Macro Script Insertion Vulnerability

rsync -- "xattrs.diff" Patch Integer Overflow Vulnerability

clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

- Add last jabberd entry:

jabberd -- SASL Negotiation Denial of Service Vulnerability

Also mark linux-seamonkey vulnerable to recent mozilla
vulnerabilities.

Reported by:    Andrew Pantyukhin infofarmer at gmail dotty com

cacti -- ADOdb "server.php" Insecure Test Script Security Issue

amaya -- Attribute Value Buffer Overflow Vulnerabilities

lifetype -- ADOdb "server.php" Insecure Test Script Security Issue

ethereal -- Multiple Protocol Dissector Vulnerabilities

My 100th commit to the vuln.xml file:

- Document Asterisk -- denial of service vulnerability, local system access.

Change paraview checks to be < 2.4.3 now that paraview uses system libtiff.

Document zgv, xzgv -- heap overflow vulnerability.

Document crossfire-server -- denial of service and remote code execution
vulnerability.

Document p5-DBI -- insecure temporary file creation vulnerability.

Document wordpress -- full path disclosure.

Document xine -- multiple remote string vulnerabilities.

Add an entry for cyrus-sasl -- DIGEST-MD5 Pre-Authentication
Denial of Service.

Also mark all other versions of FreeBSD (That were released) as
vulnerable.

Noticed by:     brueffer
Discussed with: brueffer, simon

Add FreeBSD -- FPU information disclosure (SA-06:14) to the
vuxml list.

Add some CERT references to latest Mozilla entry.

plone -- "member_id" Parameter Portrait Manipulation Vulnerability

Fix copy/paste error in last commit and mark linux-mozilla < 1.7.13 as
vulnerable.

Document mozilla/firefox/thunderbirds's latest attempt at Internet
Explorer compatibility.

Note that I omitted marking some really old mozilla versions as
vulnerable this time, since there is already a bunch of entries
covering these versions (which haven't been in ports for a while).

Update entry for sysutils/heartbeat. The insecure temporary file creation
vulnerability is fixed in 1.2.4.

Approved by:    secteam (simon)

mailman -- Private Archive Script Cross-Site Scripting

Document f2c -- insecure temporary files.

It is not very clear to me to see what version is fixed.  The one fixing
this port should import the latest available one which is fixed.

mplayer -- Multiple integer overflows

- Add Secunia references for last phpMyAdmin issue.

Document kaffeine -- buffer overflow vulnerability.

Document thunderbird -- javascript execution.

Update the latest zoo entry to match the latest update to the port.
This will mark zoo-2.10.1_2 and later as not vulnerable for this
issue.

phpmyadmin -- XSS vulnerabilities
phpmyadmin -- 'set_theme' Cross-Site Scripting

clamav -- Multiple Vulnerabilities

Add cvename to the recent OpenVPN entry.

Submitted by:   Matthias Andree <matthias dot andree at gmx dot de>

Document mediawiki -- hardcoded placeholder string security bypass
vulnerability.

Document netpbm -- buffer overflow in pnmtopng.

Document zoo -- stack based buffer overflow.

Document mediawiki -- cross site scripting vulnerability.

dia -- XFig Import Plugin Buffer Overflow

openvpn -- LD_PRELOAD code execution on client through malicious or compromised
server

PR:             95343
Submitted by:   Matthias Andree <matthias.andree__gmx.de>

samba -- Exposure of machine account credentials in winbind log files

Upgrade pubcookie from 3.3.0-beta2 to 3.3.0a fixing serious XSS
vulnerabilities.

Fill in the version numbers for the vids
6e3b12e2-6ce3-11da-b90c-000e0c2e438a and
82a41084-6ce7-11da-b90c-000e0c2e438a to show which Mantis versions
are vulnerable.

Submitted by:   In cooperation with dvl

For horde -- remote code execution vulnerability in the help viewer
entry:
- Add more references.
- Reformat description to follow normal formatting style better.
- Remove a redundant line in the description to make the meaning more
  clear.

freeradius -- EAP-MSCHAPv2 Authentication Bypass

Add an entry about Horde's remote code execution vulnerability in the
help viewer.

linux-realplayer -- buffer overrun
linux-realplayer -- heap overflow

Reviewed by:    simon

s/8 spaces/tab/ in the sendmail entry.

Noticed by:     simon

Record that our sendmail port was also vulnerable.
Bump modification date.

Update the 'Evolution - remote format string vulnerabilities' entry.

Document the latest three FreeBSD Security Advisories:

SA-06:13
SA-06:12
SA-06:11

xorg-server -- privilege escalation

Reviewed by:    simon

- heimdal -- Multiple vulnerabilities

Reviewed by:    simon

Document ftp/curl's TFTP packet buffer overflow vulnerability

Reworked by:    simon
Approved by:    security-officer (simon)

Add drupal <= 4.6.5 vulns.

Add an entry for Horde < 3.1 (SA19246).

Noticed by:     mnag

Document linux-flashplugin -- arbitrary code execution vulnerability.

Document nfs -- remote denial of service (FreeBSD: SA-06:10)

Approved by:    portmgr (blanket VuXML)

Add OpenSSH Remote Denial of Service (FreeBSD SA-06:09.openssh) to the
vuxml list.

Approved by:    portmgr (Blanket VuXML)

Correct the gpg entry wrt. style.

Approved by:            portmgr (Blanket VuXML)

Update to 1.4.2.2.

Security:       GnuPG does not detect injection of unsigned data
References:    
http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html
Probbed by:     simon
Approved by:    portmgr (erwin)

Document multimedia/mplayer's heap overflow in the ASF demuxer

Reviewed by:    simon
Approved by:    portmgr (implicit), security-officer (simon)

Add the ssh2-nox11 slave port to the list of ports affected by
VID 594ad3c5-a39b-11da-926c-0800209adf0e.

Prodded by:     Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
Approved by:    portmgr (erwin)

Document a SSH.COM SFTP server format string vulnerability affecting
the security/ssh2 port.

Approved by:    portmgr (erwin)

Document GNU tar invalid headers buffer overflow.

Approved by:    portmgr (erwin)

Remove the pinentry entry.  It was gentoo specific and I overlooked
that.

Noticed by:     Dejan Lesjak <dejan dot lesjak at ijs dot si>
Pointyhat:      remko
Approved by:    portmgr (implicit VuXML)

Document Bugzilla [2.*, 2.20.1) vulnerabilities.

Approved by:    security-officer (simon)
Approved by:    portmgr (implicit)

Document squirrelmail (< 1.4.6) vulnerabilities:
        CVE-2006-0377 (IMAP injection)
        CVE-2006-0195 (XSS)
        CVE-2006-0188 (XSS)

Approved by:    security-officer (simon)
Approved by:    portmgr (implicit)

Remove the latest squid entry, it already existed.

Noticed by:     Thomas-Martin Seck <tmseck at netcologne dot de>

Document gedit -- format string vulnerability.

Add koffice to the RTF import issue.

Documenet WebCalendar -- unauthorized access vulnerability.

Document abiword -- stack based buffer overflow vulnerabilities.

Document pinentry -- local privilege escalation.
Correct previous entry (the entry time was invalid).

Document squid -- dns lookup spoofing.

Document postgresql81-server -- SET ROLE privilege escalation.

Document gnupg -- false positive signature verification.

Document rssh -- privilege escalation vulnerability.
The port will be marked forbidden due to possible
root access.

Document tor -- malicious tor server can locate a hidden service.

Document sudo -- arbitrary command execution.

Document libtomcrypt -- weak signature scheme with ECC keys.

Document mantis -- "view_filters_page.php" cross site scripting vulnerability.

Document phpbb -- multiple vulnerabilities.

Reviewed by:    simon

Document postgresql -- character conversion and tsearch2 vulnerabilities.

Document heartbeat -- insecure temporary file creation vulnerability.

Document kpdf -- heap based buffer overflow

Document perl, webmin, usermin -- perl format string integer wrap vulnerability

PR:             ports/91202
Submitted by:   KOMATSU Shinichiro <koma2 at lovepeers dot org>
                (slightly modified).

Document phpicalendar -- cross site scripting vulnerability and
document phpicalendar -- file disclosure vulnerability [1].

Reviewed by:            simon [1]
Spotted on:             cvs-ports@ [1]

Document FreeBSD -- Infinite loop in SACK handling (FreeBSD SA 06.08)

Document pf -- IP fragment handling panic, FreeBSD SA 06.07

Document FreeBSD -- Local kernel memory disclosure
(FreeBSD SA 06.07).

Document IEEE 802.11 -- buffer overflow (FreeBSD SA 06.05).

Add FreeBSD SA 06.04.ipfw to the vuln.xml list.

Mark ivtools 1.2.3 as fixed for jpeg vulnerabilities.  Note that this
version is not yet in ports, but marking the new version fixed now
make porting a bit simpler.

Document kpopup -- local root exploit and local denial of service.

PR:             ports/92359
Submitted by:   Ion-Mihai "IOnut" Tetcu <itetcu@people.tecnik93.com>

Oops.  Forgot to modify the discovery date.

Spotted by:     simon (again)

Add 4 FreeBSD advisories to the VuXML database.
The other recently released advisories will be
added later today.

o SA-06:03.cpio
o SA-06:02.ee
o SA-06:01.texindex
o SA-05:20.cvsbug