FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6f4d96c0-4062-11e7-b291-b499baebfeafsamba -- remote code execution vulnerability

The samba project reports:

Remote code execution from a writable share.

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.


Discovery 2017-05-24
Entry 2017-05-24
samba42
lt 4.2.15

samba43
lt 4.3.14

samba44
lt 4.4.14

samba45
lt 4.5.10

samba46
lt 4.6.4

https://www.samba.org/samba/security/CVE-2017-7494.html
CVE-2017-7494
85851e4f-67d9-11e7-bc37-00505689d4aesamba -- Orpheus Lyre mutual authentication validation bypass

The samba project reports:

A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data.


Discovery 2017-07-12
Entry 2017-07-12
samba42
lt 4.2.15

samba43
lt 4.3.14

samba44
lt 4.4.15

samba45
lt 4.5.12

samba46
lt 4.6.6

https://www.samba.org/samba/security/CVE-2017-11103.html
CVE-2017-11103