FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  456043
Date:      2017-12-11
Time:      14:53:31Z
Committer: tijl

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cb0bf1ec-bb92-11e6-a9a5-b499baebfeafApache httpd -- denial of service in HTTP/2

mod_http2 reports:

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations on request headers correctly when experimental module for the HTTP/2 protocol is used to access a resource.

The net result is that a the server allocates too much memory instead of denying the request. This can lead to memory exhaustion of the server by a properly crafted request.


Discovery 2016-12-06
Entry 2016-12-06
apache24
ge 2.4.17 le 2.4.23_1

mod_http2-devel
lt 1.8.3

http://mail-archives.apache.org/mod_mbox/httpd-announce/201612.mbox/%3C1A097A43-7CCB-4BA1-861F-E0C7EEE83A4B%40apache.org%3E
https://github.com/icing/mod_h2/releases/tag/v1.8.3
CVE-2016-8740
0c2db2aa-5584-11e7-9a7d-b499baebfeafApache httpd -- several vulnerabilities

The Apache httpd project reports:

  • ap_get_basic_auth_pw() Authentication Bypass (CVE-2017-3167):

    Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
  • mod_ssl Null Pointer Dereference (CVE-2017-3169):

    mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
  • mod_http2 Null Pointer Dereference (CVE-2017-7659):

    A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process.
  • ap_find_token() Buffer Overread (CVE-2017-7668):

    The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
  • mod_mime Buffer Overread (CVE-2017-7679):

    mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

Discovery 2017-06-20
Entry 2017-06-20
apache22
lt 2.2.33

apache24
lt 2.4.26

https://httpd.apache.org/security/vulnerabilities_24.html
https://httpd.apache.org/security/vulnerabilities_22.html
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
CVE-2017-7679
457ce015-67fa-11e7-867f-b499baebfeafApache httpd -- multiple vulnerabilities

The Apache httpd project reports:

important: Read after free in mod_http2 (CVE-2017-9789)

When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

important: Uninitialized memory reflection in mod_auth_digest (CVE-2017-9788)

The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest.

Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.


Discovery 2017-07-11
Entry 2017-07-13
apache24
lt 2.4.27

https://httpd.apache.org/security/vulnerabilities_24.html
CVE-2017-9789
CVE-2017-9788
862d6ab3-c75e-11e6-9f98-20cf30e32f6dApache httpd -- several vulnerabilities

Apache Software Foundation reports:

Please reference CVE/URL list for details


Discovery 2016-12-20
Entry 2016-12-21
Modified 2016-12-22
apache24
lt 2.4.25

http://httpd.apache.org/security/vulnerabilities_24.html
CVE-2016-8743
CVE-2016-2161
CVE-2016-0736
CVE-2016-8740
CVE-2016-5387
76b085e2-9d33-11e7-9260-000c292ee6b8Apache -- HTTP OPTIONS method can leak server memory

The Fuzzing Project reports:

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.


Discovery 2017-09-18
Entry 2017-09-19
apache24
lt 2.4.27_1

apache22
lt 2.2.34_1

https://nvd.nist.gov/vuln/detail/CVE-2017-9798
CVE-2017-9798