diff options
author | Oliver Eikemeier <eik@FreeBSD.org> | 2004-08-17 07:56:37 +0000 |
---|---|---|
committer | Oliver Eikemeier <eik@FreeBSD.org> | 2004-08-17 07:56:37 +0000 |
commit | 21e5e83c579d4cc981e572900bdf1c20befc42a8 (patch) | |
tree | cdbd81c57edd17aa76bc37528768fb0cd5f5df22 /ports-mgmt/portaudit-db | |
parent | 96e9531ed0bf64d91a0bb939e30ff3181ba83d30 (diff) | |
download | ports-21e5e83c579d4cc981e572900bdf1c20befc42a8.tar.gz ports-21e5e83c579d4cc981e572900bdf1c20befc42a8.zip |
move a800386e-ef7e-11d8-81b0-000347a4fa7d to xml
Notes
Notes:
svn path=/head/; revision=116483
Diffstat (limited to 'ports-mgmt/portaudit-db')
-rw-r--r-- | ports-mgmt/portaudit-db/database/portaudit.txt | 1 | ||||
-rw-r--r-- | ports-mgmt/portaudit-db/database/portaudit.xlist | 1 | ||||
-rw-r--r-- | ports-mgmt/portaudit-db/database/portaudit.xml | 43 |
3 files changed, 36 insertions, 9 deletions
diff --git a/ports-mgmt/portaudit-db/database/portaudit.txt b/ports-mgmt/portaudit-db/database/portaudit.txt index b772c0d91b61..f57c0afe4550 100644 --- a/ports-mgmt/portaudit-db/database/portaudit.txt +++ b/ports-mgmt/portaudit-db/database/portaudit.txt @@ -68,4 +68,3 @@ sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.htm phpgedview<2.65.5|http://sourceforge.net/forum/forum.php?forum_id=344342 http://secunia.com/advisories/10602 http://www.osvdb.org/3473 http://www.osvdb.org/3474 http://www.osvdb.org/3475 http://www.osvdb.org/3476 http://www.osvdb.org/3477 http://www.osvdb.org/3478 http://www.osvdb.org/3479 http://www.osvdb.org/3480 http://www.osvdb.org/3481 http://www.osvdb.org/3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 http://www.securityfocus.com/archive/1/349698|phpGedView: muliple vulnerabilities|c35d4cae-eed0-11d8-81b0-000347a4fa7d {ja-,}phpgroupware<0.9.14.007|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0016 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0017 http://www.securityfocus.com/bid/9386 http://www.securityfocus.com/bid/9387 http://xforce.iss.net/xforce/xfdb/13489 http://xforce.iss.net/xforce/xfdb/14846 http://www.osvdb.org/2691 http://www.osvdb.org/6857 http://secunia.com/advisories/10046|phpGroupWare calendar and infolog SQL injection, calendar server side script execution|96fc0f03-ef13-11d8-81b0-000347a4fa7d {ja-,}phpgroupware<0.9.16.002|http://freshmeat.net/releases/168144 http://www.osvdb.org/8354 http://xforce.iss.net/xforce/xfdb/16970|phpGroupWare stores passwords in plain text|82f16a40-ef12-11d8-81b0-000347a4fa7d -ruby{,_r,_static}>=1.8.*<1.8.2.p2|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0755 http://secunia.com/advisories/12290 http://www.debian.org/security/2004/dsa-537 http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410 http://www.osvdb.org/8845|ruby CGI::Session insecure file creation|a800386e-ef7e-11d8-81b0-000347a4fa7d diff --git a/ports-mgmt/portaudit-db/database/portaudit.xlist b/ports-mgmt/portaudit-db/database/portaudit.xlist index 63ace396044c..bae5e818a065 100644 --- a/ports-mgmt/portaudit-db/database/portaudit.xlist +++ b/ports-mgmt/portaudit-db/database/portaudit.xlist @@ -19,3 +19,4 @@ abe47a5a-e23c-11d8-9b0a-000347a4fa7d a713c0f9-ec54-11d8-9440-000347a4fa7d 5b8f9a02-ec93-11d8-b913-000c41e2cdad 65a17a3f-ed6e-11d8-aff1-00061bc2ad93 +e811aaf1-f015-11d8-876f-00902714cc7c diff --git a/ports-mgmt/portaudit-db/database/portaudit.xml b/ports-mgmt/portaudit-db/database/portaudit.xml index d180a376dde3..a25db2eaa413 100644 --- a/ports-mgmt/portaudit-db/database/portaudit.xml +++ b/ports-mgmt/portaudit-db/database/portaudit.xml @@ -10,10 +10,7 @@ This file is in the public domain. <topic>MPlayer remotely exploitable buffer overflow in the ASX parser</topic> <affects> <package> - <name>mplayer</name> - <name>mplayer-esound</name> - <name>mplayer-gtk</name> - <name>mplayer-gtk-esound</name> + <name>mplayer{,-gtk}{,-esound}</name> <range><lt>0.92</lt></range> </package> </affects> @@ -41,10 +38,7 @@ This file is in the public domain. <topic>MPlayer remotely exploitable buffer overflow in the HTTP parser</topic> <affects> <package> - <name>mplayer</name> - <name>mplayer-esound</name> - <name>mplayer-gtk</name> - <name>mplayer-gtk-esound</name> + <name>mplayer{,-gtk}{,-esound}</name> <range><lt>0.92.1</lt></range> </package> </affects> @@ -139,6 +133,7 @@ This file is in the public domain. <cvename>CAN-2004-0630</cvename> <cvename>CAN-2004-0631</cvename> <url>http://secunia.com/advisories/12285</url> + <url>http://xforce.iss.net/xforce/xfdb/16972</url> <url>http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities&flashstatus=false</url> <url>http://www.idefense.com/application/poi/display?id=125&type=vulnerabilities&flashstatus=false</url> </references> @@ -803,4 +798,36 @@ This file is in the public domain. </dates> </vuln> + <vuln vid="e811aaf1-f015-11d8-876f-00902714cc7c"> + <cancelled superseded="a800386e-ef7e-11d8-81b0-000347a4fa7d"/> + </vuln> + + <vuln vid="a800386e-ef7e-11d8-81b0-000347a4fa7d"> + <topic>ruby CGI::Session insecure file creation</topic> + <affects> + <package> + <name>ruby{,_r,_static}</name> + <range><lt>1.6.8.2004.07.28</lt></range> + <range><ge>1.8.*</ge><lt>1.8.2.p2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Rubys CGI session management store session information insecurely, + which can be exploited by a local attacker to take over a session.</p> + </body> + </description> + <references> + <cvename>CAN-2004-0755</cvename> + <url>http://secunia.com/advisories/12290</url> + <url>http://www.debian.org/security/2004/dsa-537</url> + <url>http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410</url> + <url>http://www.osvdb.org/8845</url> + </references> + <dates> + <discovery>2004-07-22</discovery> + <entry>2004-08-16</entry> + <modified>2004-08-16</modified> + </dates> + </vuln> </vuxml> |