blob: 3495703868b5326ca72628792d69f89df9c798a8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
#
# auditfile.txt - FreeBSD ports vulnerabilities database
#
# $FreeBSD$
#
# MAINTAINER=ports@FreeBSD.org
#
# Each entry consists of a single line containing the following three
# fields in the order named, separated with the pipe (`|') character:
#
# Package: A pattern that matches the name of the vulnurable
# package, see `man -M /usr/local/man pkg_info'.
# Reference: An URL where an advisory can be found
# Reason: The type of vulnurability found
#
# Keep this list sorted in the chronological order. New entries must
# be added at the end, old entries shouldn't be removed; this should
# document *all* known package vulnerabilities.
#
# This file does not have any designated maintainer, so feel free to
# commit to it yourself. However, it is generally a good idea to
# notify the maintainer of the affected package(s)
#
gnupg>1.0.2<1.2.3_4|http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html|ElGamal signing keys compromised
rsync<2.5.7|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962|Buffer overflow in server
gaim<0.75_2|http://security.e-matters.de/advisories/012004.txt|12 vulnerabilities that allow remote compromise
proftpd<1.2.8_1|http://xforce.iss.net/xforce/alerts/id/154|ProFTPD ASCII File Remote Compromise Vulnerability
inn>=2.4<2.4.1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling
inn-stable>=2.4<20031022_1|http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html|Buffer overflow in control message handling
apache>=2.0.35<2.0.48|http://www.apacheweek.com/features/security-20|Multiple security vulnerabilities
apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
apache+ipv6>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
ru-apache>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
ru-apache+mod_ssl>=1.3<1.3.29|http://www.apacheweek.com/features/security-13|Multiple security vulnerabilities
clamav<0.65_7|http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/62586|remote exploitable DOS vulnerability
apache+ssl>=1.3<1.3.29.1.53|http://www.apache-ssl.org/advisory-20040206.txt|optional client certificate vulnerability
monkey<0.8.2|http://monkeyd.sourceforge.net/|DoS bug caused by get_real_string()
mutt<1.4.2|http://www.securityfocus.com/archive/1/353428/2004-02-08/2004-02-14/0|buffer overflow that can be triggered by incoming messages
|
