aboutsummaryrefslogtreecommitdiff
path: root/ports-mgmt/portaudit-db
diff options
context:
space:
mode:
authorOliver Eikemeier <eik@FreeBSD.org>2004-08-17 07:56:37 +0000
committerOliver Eikemeier <eik@FreeBSD.org>2004-08-17 07:56:37 +0000
commit21e5e83c579d4cc981e572900bdf1c20befc42a8 (patch)
treecdbd81c57edd17aa76bc37528768fb0cd5f5df22 /ports-mgmt/portaudit-db
parent96e9531ed0bf64d91a0bb939e30ff3181ba83d30 (diff)
downloadports-21e5e83c579d4cc981e572900bdf1c20befc42a8.tar.gz
ports-21e5e83c579d4cc981e572900bdf1c20befc42a8.zip
move a800386e-ef7e-11d8-81b0-000347a4fa7d to xml
Notes
Notes: svn path=/head/; revision=116483
Diffstat (limited to 'ports-mgmt/portaudit-db')
-rw-r--r--ports-mgmt/portaudit-db/database/portaudit.txt1
-rw-r--r--ports-mgmt/portaudit-db/database/portaudit.xlist1
-rw-r--r--ports-mgmt/portaudit-db/database/portaudit.xml43
3 files changed, 36 insertions, 9 deletions
diff --git a/ports-mgmt/portaudit-db/database/portaudit.txt b/ports-mgmt/portaudit-db/database/portaudit.txt
index b772c0d91b61..f57c0afe4550 100644
--- a/ports-mgmt/portaudit-db/database/portaudit.txt
+++ b/ports-mgmt/portaudit-db/database/portaudit.txt
@@ -68,4 +68,3 @@ sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.htm
phpgedview<2.65.5|http://sourceforge.net/forum/forum.php?forum_id=344342 http://secunia.com/advisories/10602 http://www.osvdb.org/3473 http://www.osvdb.org/3474 http://www.osvdb.org/3475 http://www.osvdb.org/3476 http://www.osvdb.org/3477 http://www.osvdb.org/3478 http://www.osvdb.org/3479 http://www.osvdb.org/3480 http://www.osvdb.org/3481 http://www.osvdb.org/3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 http://www.securityfocus.com/archive/1/349698|phpGedView: muliple vulnerabilities|c35d4cae-eed0-11d8-81b0-000347a4fa7d
{ja-,}phpgroupware<0.9.14.007|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0016 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0017 http://www.securityfocus.com/bid/9386 http://www.securityfocus.com/bid/9387 http://xforce.iss.net/xforce/xfdb/13489 http://xforce.iss.net/xforce/xfdb/14846 http://www.osvdb.org/2691 http://www.osvdb.org/6857 http://secunia.com/advisories/10046|phpGroupWare calendar and infolog SQL injection, calendar server side script execution|96fc0f03-ef13-11d8-81b0-000347a4fa7d
{ja-,}phpgroupware<0.9.16.002|http://freshmeat.net/releases/168144 http://www.osvdb.org/8354 http://xforce.iss.net/xforce/xfdb/16970|phpGroupWare stores passwords in plain text|82f16a40-ef12-11d8-81b0-000347a4fa7d
-ruby{,_r,_static}>=1.8.*<1.8.2.p2|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0755 http://secunia.com/advisories/12290 http://www.debian.org/security/2004/dsa-537 http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410 http://www.osvdb.org/8845|ruby CGI::Session insecure file creation|a800386e-ef7e-11d8-81b0-000347a4fa7d
diff --git a/ports-mgmt/portaudit-db/database/portaudit.xlist b/ports-mgmt/portaudit-db/database/portaudit.xlist
index 63ace396044c..bae5e818a065 100644
--- a/ports-mgmt/portaudit-db/database/portaudit.xlist
+++ b/ports-mgmt/portaudit-db/database/portaudit.xlist
@@ -19,3 +19,4 @@ abe47a5a-e23c-11d8-9b0a-000347a4fa7d
a713c0f9-ec54-11d8-9440-000347a4fa7d
5b8f9a02-ec93-11d8-b913-000c41e2cdad
65a17a3f-ed6e-11d8-aff1-00061bc2ad93
+e811aaf1-f015-11d8-876f-00902714cc7c
diff --git a/ports-mgmt/portaudit-db/database/portaudit.xml b/ports-mgmt/portaudit-db/database/portaudit.xml
index d180a376dde3..a25db2eaa413 100644
--- a/ports-mgmt/portaudit-db/database/portaudit.xml
+++ b/ports-mgmt/portaudit-db/database/portaudit.xml
@@ -10,10 +10,7 @@ This file is in the public domain.
<topic>MPlayer remotely exploitable buffer overflow in the ASX parser</topic>
<affects>
<package>
- <name>mplayer</name>
- <name>mplayer-esound</name>
- <name>mplayer-gtk</name>
- <name>mplayer-gtk-esound</name>
+ <name>mplayer{,-gtk}{,-esound}</name>
<range><lt>0.92</lt></range>
</package>
</affects>
@@ -41,10 +38,7 @@ This file is in the public domain.
<topic>MPlayer remotely exploitable buffer overflow in the HTTP parser</topic>
<affects>
<package>
- <name>mplayer</name>
- <name>mplayer-esound</name>
- <name>mplayer-gtk</name>
- <name>mplayer-gtk-esound</name>
+ <name>mplayer{,-gtk}{,-esound}</name>
<range><lt>0.92.1</lt></range>
</package>
</affects>
@@ -139,6 +133,7 @@ This file is in the public domain.
<cvename>CAN-2004-0630</cvename>
<cvename>CAN-2004-0631</cvename>
<url>http://secunia.com/advisories/12285</url>
+ <url>http://xforce.iss.net/xforce/xfdb/16972</url>
<url>http://www.idefense.com/application/poi/display?id=124&amp;type=vulnerabilities&amp;flashstatus=false</url>
<url>http://www.idefense.com/application/poi/display?id=125&amp;type=vulnerabilities&amp;flashstatus=false</url>
</references>
@@ -803,4 +798,36 @@ This file is in the public domain.
</dates>
</vuln>
+ <vuln vid="e811aaf1-f015-11d8-876f-00902714cc7c">
+ <cancelled superseded="a800386e-ef7e-11d8-81b0-000347a4fa7d"/>
+ </vuln>
+
+ <vuln vid="a800386e-ef7e-11d8-81b0-000347a4fa7d">
+ <topic>ruby CGI::Session insecure file creation</topic>
+ <affects>
+ <package>
+ <name>ruby{,_r,_static}</name>
+ <range><lt>1.6.8.2004.07.28</lt></range>
+ <range><ge>1.8.*</ge><lt>1.8.2.p2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Rubys CGI session management store session information insecurely,
+ which can be exploited by a local attacker to take over a session.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2004-0755</cvename>
+ <url>http://secunia.com/advisories/12290</url>
+ <url>http://www.debian.org/security/2004/dsa-537</url>
+ <url>http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410</url>
+ <url>http://www.osvdb.org/8845</url>
+ </references>
+ <dates>
+ <discovery>2004-07-22</discovery>
+ <entry>2004-08-16</entry>
+ <modified>2004-08-16</modified>
+ </dates>
+ </vuln>
</vuxml>