FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  459437
Date:      2018-01-19
Time:      16:43:35Z
Committer: girgen

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0c2db2aa-5584-11e7-9a7d-b499baebfeafApache httpd -- several vulnerabilities

The Apache httpd project reports:

  • ap_get_basic_auth_pw() Authentication Bypass (CVE-2017-3167):

    Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
  • mod_ssl Null Pointer Dereference (CVE-2017-3169):

    mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
  • mod_http2 Null Pointer Dereference (CVE-2017-7659):

    A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process.
  • ap_find_token() Buffer Overread (CVE-2017-7668):

    The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
  • mod_mime Buffer Overread (CVE-2017-7679):

    mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

Discovery 2017-06-20
Entry 2017-06-20
lt 2.2.33

lt 2.4.26
76b085e2-9d33-11e7-9260-000c292ee6b8Apache -- HTTP OPTIONS method can leak server memory

The Fuzzing Project reports:

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

Discovery 2017-09-18
Entry 2017-09-19
lt 2.4.27_1

lt 2.2.34_1
457ce015-67fa-11e7-867f-b499baebfeafApache httpd -- multiple vulnerabilities

The Apache httpd project reports:

important: Read after free in mod_http2 (CVE-2017-9789)

When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

important: Uninitialized memory reflection in mod_auth_digest (CVE-2017-9788)

The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest.

Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.

Discovery 2017-07-11
Entry 2017-07-13
lt 2.4.27