FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  482849
Date:      2018-10-23
Time:      17:32:42Z
Committer: jbeich

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6f4d96c0-4062-11e7-b291-b499baebfeafsamba -- remote code execution vulnerability

The samba project reports:

Remote code execution from a writable share.

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.


Discovery 2017-05-24
Entry 2017-05-24
samba42
lt 4.2.15

samba43
lt 4.3.14

samba44
lt 4.4.14

samba45
lt 4.5.10

samba46
lt 4.6.4

https://www.samba.org/samba/security/CVE-2017-7494.html
CVE-2017-7494
85851e4f-67d9-11e7-bc37-00505689d4aesamba -- Orpheus Lyre mutual authentication validation bypass

The samba project reports:

A MITM attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data.


Discovery 2017-07-12
Entry 2017-07-12
samba42
lt 4.2.15

samba43
lt 4.3.14

samba44
lt 4.4.15

samba45
lt 4.5.12

samba46
lt 4.6.6

https://www.samba.org/samba/security/CVE-2017-11103.html
CVE-2017-11103
fb26f78a-26a9-11e8-a1c2-00505689d4aesamba -- multiple vulnerabilities

The samba project reports:

Missing null pointer checks may crash the external print server process.

On a Samba 4 AD DC any authenticated user can change other user's passwords over LDAP, including the passwords of administrative users and service accounts.


Discovery 2018-01-03
Entry 2018-03-13
samba44
lt 4.4.17

samba45
lt 4.5.16

samba46
lt 4.6.14

samba47
lt 4.7.6

https://www.samba.org/samba/security/CVE-2018-1050.html
CVE-2018-1050
https://www.samba.org/samba/security/CVE-2018-1057.html
CVE-2018-1057