FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-16 19:33:48 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|
| 58997463-e012-11dd-a765-0030843d3802 | verlihub -- insecure temporary file usage and arbitrary command execution
securityfocus reports:
An attacker with local access could potentially exploit this issue
to perform symbolic-link attacks, overwriting arbitrary files in the
context of the affected application.
Successfully mounting a symlink attack may allow the attacker to
delete or corrupt sensitive files, which may result in a denial of
service. Other attacks may also be possible.
Verlihub is prone to a remote command-execution vulnerability
because it fails to sufficiently validate user input.
Successfully exploiting this issue would allow an attacker to
execute arbitrary commands on an affected computer in the context of
the affected application.
Discovery 2008-11-22
Entry 2009-01-11
verlihub
< 0.9.8.d.r2_2,1
CVE-2008-5705
CVE-2008-5706
32889
32420
http://milw0rm.com/exploits/7183
|