FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
44ccfab0-3564-11e0-8e81-0022190034c0exim -- local privilege escalation

exim.org reports:

CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files.


Discovery 2011-01-31
Entry 2011-02-10
exim
exim-ldap
exim-ldap2
exim-mysql
exim-postgresql
exim-sa-exim
lt 4.74

CVE-2011-0017
ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74
ca9ce879-5ebb-11d9-a01c-0050569f0001exim -- two buffer overflow vulnerabilities

1. The function host_aton() can overflow a buffer if it is presented with an illegal IPv6 address that has more than 8 components.

2. The second report described a buffer overflow in the function spa_base64_to_bits(), which is part of the code for SPA authentication.


Discovery 2005-01-05
Entry 2005-01-05
Modified 2005-01-18
exim
exim-ldap
exim-ldap2
exim-mysql
exim-postgresql
exim-sa-exim
lt 4.43+28_1

http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html
http://marc.theaimsgroup.com/?l=bugtraq&m=110573573800377
CVE-2005-0021
CVE-2005-0022
12185
12188
12268
5f29c2e4-9f6a-11d8-abbc-00e08110b673exim buffer overflow when verify = header_syntax is used

A remote exploitable buffer overflow has been discovered in exim when verify = header_syntax is used in the configuration file. This does not affect the default configuration.


Discovery 2004-05-06
Entry 2004-05-06
exim
exim-ldap2
exim-mysql
exim-postgresql
lt 4.33+20_1

http://www.guninski.com/exim1.html
CVE-2004-0400