FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b02c1d80-e1bb-11d9-b875-0001020eed82trac -- file upload/download vulnerability

Stefan Esser reports:

Trac's wiki and ticket systems allows to add attachments to wiki entries and bug tracker tickets. These attachments are stored within directories that are determined by the id of the corresponding ticket or wiki entry.

Due to a missing validation of the id parameter it is possible for an attacker to supply arbitrary paths to the upload and attachment viewer scripts. This means that a potential attacker can retrieve any file accessible by the webserver user.

Additionally it is possible to upload arbitrary files (up to a configured file length) to any place the webserver has write access too.

For obvious reasons this can lead to the execution of arbitrary code if it possible to upload files to the document root or it's subdirectories. One example of a configuration would be f.e. running Trac and s9y/wordpress with writeable content directories on the same webserver.

Another potential usage of this exploit would be to abuse Trac powered webservers as storage for f.e. torrent files.

Discovery 2005-06-20
Entry 2005-06-20
lt 0.8.4

e546c7ce-ce46-11db-bc24-0016179b2dd5trac -- cross site scripting vulnerability

Secunia reports:

The vulnerability is caused due to an error within the "download wiki page as text" function, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation may require that the victim uses IE.

Discovery 2007-03-09
Entry 2007-03-09
lt 0.10.3

lt 0.10.3_1
7289187b-66a5-11da-99f6-00123ffe8333trac -- search module SQL injection vulnerability

Secunia reports:

A vulnerability has been reported in Trac, which can be exploited by malicious people to conduct SQL injection attacks.

Some unspecified input passed in the search module isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Discovery 2005-12-05
Entry 2005-12-07
lt 0.9.2
400d9d22-d6c5-11da-a14b-00123ffe8333trac -- Wiki Macro Script Insertion Vulnerability

Secunia reports:

A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks.

Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious user data is viewed.

Discovery 2006-04-28
Entry 2006-05-02
lt 0.9.5
c89a3ebb-ae07-11dd-b4b2-001f3c8eabebtrac -- potential DOS vulnerability

Trac development team reports:

0.11.2 is a new stable maintenance release. It contains several security fixes and everyone is recommended to upgrade their installations.

Bug fixes:

Fixes potential DOS vulnerability with certain wiki markup.

Discovery 2008-11-08
Entry 2008-11-09
lt 0.11.2

lt 0.11.2
b0d61f73-0e11-11db-a47b-000c2957fdf1trac -- reStructuredText breach of privacy and denial of service vulnerability

The Trac 0.9.6 Release Notes reports:

Fixed reStructuredText breach of privacy and denial of service vulnerability found by Felix Wiemann.

The discovered vulnerability requires docutils to be installed and enabled. Systems that do not have docutils installed or enabled are not vulnerable. As of this version version 0.3.9 or greater of docutils is required for using reStructuredText markup in Trac.

Discovery 2006-07-06
Entry 2006-07-07
Modified 2010-05-12
lt 0.9.6