FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
897e1962-5d5a-11ec-a3ed-040e3c3cf7e7Privoxy -- Multiple vulnerabilities (memory leak, XSS)

Privoxy reports:

cgi_error_no_template(): Encode the template name to prevent XSS (cross-site scripting) when Privoxy is configured to servce the user-manual itself.

Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543. Reported by: Artem Ivanov

get_url_spec_param(): Free memory of compiled pattern spec before bailing. Reported by Joshua Rogers (Opera) who also provided the fix. Commit 652b4b7cb0. OVE-20211201-0003. CVE-2021-44540.

process_encrypted_request_headers(): Free header memory when failing to get the request destination. Reported by Joshua Rogers (Opera) who also provided the fix. Commit 0509c58045. OVE-20211201-0002. CVE-2021-44541.

send_http_request(): Prevent memory leaks when handling errors Reported by Joshua Rogers (Opera) who also provided the fix. Commit c48d1d6d08. OVE-20211201-0001. CVE-2021-44542.


Discovery 2021-12-09
Entry 2021-12-15
dropbear
< 3.0.33

CVE-2021-44540
CVE-2021-44541
CVE-2021-44542
CVE-2021-44543
https://lists.privoxy.org/pipermail/privoxy-announce/2021-December/000009.html
60931f98-55a7-11e7-8514-589cfc0654e1Dropbear -- two vulnerabilities

Matt Johnston reports:

Fix double-free in server TCP listener cleanup A double-free in the server could be triggered by an authenticated user if dropbear is running with -a (Allow connections to forwarded ports from any host) This could potentially allow arbitrary code execution as root by an authenticated user.

Fix information disclosure with ~/.ssh/authorized_keys symlink. Dropbear parsed authorized_keys as root, even if it were a symlink. The fix is to switch to user permissions when opening authorized_keys.


Discovery 2017-05-18
Entry 2017-07-03
dropbear
< 2017.75

https://matt.ucc.asn.au/dropbear/CHANGES
CVE-2017-9078
CVE-2017-9079
bc19dcca-7b13-11e6-b99e-589cfc0654e1dropbear -- multiple vulnerabilities

Matt Johnston reports:

If specific usernames including "%" symbols can be created on a system (validated by getpwnam()) then an attacker could run arbitrary code as root when connecting to Dropbear server. A dbclient user who can control username or host arguments could potentially run arbitrary code as the dbclient user. This could be a problem if scripts or webpages pass untrusted input to the dbclient program.

dropbearconvert import of OpenSSH keys could run arbitrary code as the local dropbearconvert user when parsing malicious key files.

dbclient could run arbitrary code as the local dbclient user if particular -m or -c arguments are provided. This could be an issue where dbclient is used in scripts.

dbclient or dropbear server could expose process memory to the running user if compiled with DEBUG_TRACE and running with -v


Discovery 2016-07-12
Entry 2016-09-15
dropbear
< 2016.74

"http://www.openwall.com/lists/oss-security/2016/09/15/2"
CVE-2016-7406
CVE-2016-7407
CVE-2016-7408
CVE-2016-7409
8eb78cdc-e9ec-11e5-85be-14dae9d210b8dropbear -- authorized_keys command= bypass

Matt Johnson reports:

Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions


Discovery 2016-03-11
Entry 2016-03-14
dropbear
< 2016.72

https://matt.ucc.asn.au/dropbear/CHANGES
CVE-2016-3116