FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
746ca1ac-21ec-11d9-9289-000c41e2cdadifmail -- unsafe set-user-ID application

Niels Heinen reports that ifmail allows one to specify a configuration file. Since ifmail runs set-user-ID `news', this may allow a local attacker to write to arbitrary files or execute arbitrary commands as the `news' user.


Discovery 2004-08-23
Entry 2004-10-19
Modified 2015-05-01
ifmail
le 2.15_4

https://svnweb.freebsd.org/changeset/ports/120295