This page displays vulnerability information about FreeBSD Ports.
The last vuln.xml file processed by FreshPorts is:
Revision: 562406 Date: 2021-01-23 Time: 17:46:01Z Committer: gjb
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
f11b219a-44b6-11d9-ae2f-021106004fd6 | rssh & scponly -- arbitrary command execution Jason Wies identified both rssh & scponly have a vulnerability that allows arbitrary command execution. He reports:
Discovery 2004-11-28 Entry 2004-12-02 Modified 2004-12-12 rssh le 2.2.2 scponly lt 4.0 11791 11792 ports/74633 http://marc.theaimsgroup.com/?l=bugtraq&m=110202047507273 |
d193aa9f-3f8c-11e9-9a24-6805ca0b38e8 | rssh - multiple vulnerabilities NVD reports:
Discovery 2019-02-04 Entry 2019-03-06 rssh lt 2.3.4_2 https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=cpe%3a%2fa%3apizzashack%3arssh%3a2.3.4 CVE-2019-1000018 CVE-2019-3463 CVE-2019-3464 |
1f826757-26be-11d9-ad2d-0050fc56d258 | rssh -- format string vulnerability There is a format string bug in rssh that enables an attacker to execute arbitrary code from an account configured to use rssh. On FreeBSD it is only possible to compromise the rssh running account, not root. Discovery 2004-10-23 Entry 2004-10-25 rssh le 2.2.1 http://www.pizzashack.org/rssh/security.shtml http://marc.theaimsgroup.com/?l=bugtraq&m=109855982425122 |
a4598875-ec91-11e1-8bd8-0022156e8794 | rssh -- configuration restrictions bypass Derek Martin (rssh maintainer) reports:
Discovery 2010-08-01 Entry 2012-08-22 rssh lt 2.3.3 http://www.pizzashack.org/rssh/security.shtml |
e34d0c2e-9efb-11da-b410-000e0c2e438a | rssh -- privilege escalation vulnerability Pizzashack reports:
Discovery 2005-12-18 Entry 2006-02-16 rssh lt 2.3.0 16050 CVE-2005-3345 http://www.pizzashack.org/rssh/security.shtml |
e34d0c2e-9efb-11da-b410-000e0c2e438a | rssh -- privilege escalation vulnerability Pizzashack reports:
Discovery 2005-12-18 Entry 2006-02-16 rssh lt 2.3.0 16050 CVE-2005-3345 http://www.pizzashack.org/rssh/security.shtml |
65b25acc-e63b-11e1-b81c-001b77d09812 | rssh -- arbitrary command execution Derek Martin (rssh maintainer) reports:
Discovery 2012-05-08 Entry 2012-08-22 rssh lt 2.3.4 53430 CVE-2012-3478 http://sourceforge.net/mailarchive/message.php?msg_id=29235647 |
f11b219a-44b6-11d9-ae2f-021106004fd6 | rssh & scponly -- arbitrary command execution Jason Wies identified both rssh & scponly have a vulnerability that allows arbitrary command execution. He reports:
Discovery 2004-11-28 Entry 2004-12-02 Modified 2004-12-12 rssh le 2.2.2 scponly lt 4.0 11791 11792 ports/74633 http://marc.theaimsgroup.com/?l=bugtraq&m=110202047507273 |
1f826757-26be-11d9-ad2d-0050fc56d258 | rssh -- format string vulnerability There is a format string bug in rssh that enables an attacker to execute arbitrary code from an account configured to use rssh. On FreeBSD it is only possible to compromise the rssh running account, not root. Discovery 2004-10-23 Entry 2004-10-25 rssh le 2.2.1 http://www.pizzashack.org/rssh/security.shtml http://marc.theaimsgroup.com/?l=bugtraq&m=109855982425122 |