FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
29083f8e-2ca8-11e5-86ff-14dae9d210b8apache22 -- chunk header parsing defect

Apache Foundation reports:

CVE-2015-3183 core: Fix chunk header parsing defect. Remove apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized characters.


Discovery 2015-06-24
Entry 2015-07-17
apache22
apache22-event-mpm
apache22-itk-mpm
apache22-peruser-mpm
apache22-worker-mpm
le 2.2.29_5

http://www.apache.org/dist/httpd/Announcement2.2.html
https://github.com/apache/httpd/commit/29779fd08c18b18efc5e640d74cbe297c7ec007e
CVE-2015-3183
0c2db2aa-5584-11e7-9a7d-b499baebfeafApache httpd -- several vulnerabilities

The Apache httpd project reports:

  • ap_get_basic_auth_pw() Authentication Bypass (CVE-2017-3167):

    Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
  • mod_ssl Null Pointer Dereference (CVE-2017-3169):

    mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
  • mod_http2 Null Pointer Dereference (CVE-2017-7659):

    A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process.
  • ap_find_token() Buffer Overread (CVE-2017-7668):

    The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
  • mod_mime Buffer Overread (CVE-2017-7679):

    mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

Discovery 2017-06-20
Entry 2017-06-20
apache22
< 2.2.33

apache24
< 2.4.26

https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_22.html
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
CVE-2017-7679
f927e06c-1109-11e4-b090-20cf30e32f6dapache22 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports:

mod_deflate: The DEFLATE input filter (inflates request bodies) now limits the length and compression ratio of inflated request bodies to avoid denial of service via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst.

mod_cgid: Fix a denial of service against CGI scripts that do not consume stdin that could lead to lingering HTTPD child processes filling up the scoreboard and eventually hanging the server. By default, the client I/O timeout (Timeout directive) now applies to communication with scripts. The CGIDScriptTimeout directive can be used to set a different timeout for communication with scripts.

Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow.

core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior.


Discovery 2014-07-19
Entry 2014-07-24
Modified 2014-09-03
apache22
gt 2.2.0 lt 2.2.29

apache22-event-mpm
gt 2.2.0 lt 2.2.29

apache22-itk-mpm
gt 2.2.0 lt 2.2.29

apache22-peruser-mpm
gt 2.2.0 lt 2.2.29

apache22-worker-mpm
gt 2.2.0 lt 2.2.29

CVE-2014-0118
CVE-2014-0231
CVE-2014-0226
CVE-2013-5704
f38187e7-2f6e-11e8-8f07-b499baebfeafapache -- multiple vulnerabilities

The Apache httpd reports:

Out of bound write in mod_authnz_ldap with AuthLDAPCharsetConfig enabled (CVE-2017-15710)

mod_session: CGI-like applications that intend to read from mod_session's 'SessionEnv ON' could be fooled into reading user-supplied data instead. (CVE-2018-1283)

mod_cache_socache: Fix request headers parsing to avoid a possible crash with specially crafted input data. (CVE-2018-1303)

core: Possible crash with excessively long HTTP request headers. Impractical to exploit with a production build and production LogLevel. (CVE-2018-1301)

core: Configure the regular expression engine to match '$' to the end of the input string only, excluding matching the end of any embedded newline characters. Behavior can be changed with new directive 'RegexDefaultOptions'. (CVE-2017-15715)

mod_auth_digest: Fix generation of nonce values to prevent replay attacks across servers using a common Digest domain. This change may cause problems if used with round robin load balancers. (CVE-2018-1312)

mod_http2: Potential crash w/ mod_http2. (CVE-2018-1302)


Discovery 2018-03-23
Entry 2018-03-24
Modified 2018-03-27
apache24
< 2.4.30

apache22
< 2.2.34_5

https://www.apache.org/dist/httpd/CHANGES_2.4.33
CVE-2017-15710
CVE-2018-1283
CVE-2018-1303
CVE-2018-1301
CVE-2017-15715
CVE-2018-1312
CVE-2018-1302
76b085e2-9d33-11e7-9260-000c292ee6b8Apache -- HTTP OPTIONS method can leak server memory

The Fuzzing Project reports:

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.


Discovery 2017-09-18
Entry 2017-09-19
apache24
< 2.4.27_1

apache22
< 2.2.34_1

https://nvd.nist.gov/vuln/detail/CVE-2017-9798
CVE-2017-9798