FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  507143
Date:      2019-07-22
Time:      14:33:45Z
Committer: brnrd

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
fd376b8b-41e1-11d8-b096-0020ed76ef5aBuffer overflow in INN control message handling

A small, fixed-size stack buffer is used to construct a filename based on a received control message. This could result in a stack buffer overflow.

Discovery 2004-01-07
Entry 2004-01-08
Modified 2004-10-21
ge 2.4.* lt 2.4.1

lt 20031022_1
a7975581-ee26-11e1-8bd8-0022156e8794inn -- plaintext command injection into encrypted channel

INN developers report:

Fixed a possible plaintext command injection during the negotiation of a TLS layer. The vulnerability detailed in CVE-2011-0411 affects the STARTTLS and AUTHINFO SASL commands. nnrpd now resets its read buffer upon a successful negotiation of a TLS layer. It prevents malicious commands, sent unencrypted, from being executed in the new encrypted state of the session.

Discovery 2012-08-14
Entry 2012-08-25
lt 2.5.2_2