summaryrefslogtreecommitdiff
path: root/ports-mgmt
diff options
context:
space:
mode:
authorOliver Eikemeier <eik@FreeBSD.org>2004-08-15 17:22:09 +0000
committerOliver Eikemeier <eik@FreeBSD.org>2004-08-15 17:22:09 +0000
commit137b94aa13c42d998595c466f5ec49daf16573bb (patch)
treee4e817dc084b76c9e2a45b3b63860956aff9398e /ports-mgmt
parent- Update to 4.56 (diff)
phpGedView, jftpgw
Notes
Notes: svn path=/head/; revision=116284
Diffstat (limited to 'ports-mgmt')
-rw-r--r--ports-mgmt/portaudit-db/database/portaudit.txt1
-rw-r--r--ports-mgmt/portaudit-db/database/portaudit.xlist1
-rw-r--r--ports-mgmt/portaudit-db/database/portaudit.xml27
3 files changed, 29 insertions, 0 deletions
diff --git a/ports-mgmt/portaudit-db/database/portaudit.txt b/ports-mgmt/portaudit-db/database/portaudit.txt
index 2f9b71c87d55..983be2663146 100644
--- a/ports-mgmt/portaudit-db/database/portaudit.txt
+++ b/ports-mgmt/portaudit-db/database/portaudit.txt
@@ -65,3 +65,4 @@ cfengine2<2.1.8|http://www.coresecurity.com/common/showdoc.php?idx=387&idxseccio
libxine<=1.0.r5_1|http://www.open-security.org/advisories/6 http://secunia.com/advisories/12194 http://sourceforge.net/mailarchive/forum.php?thread_id=5143955&forum_id=11923|libxine vcd MRL input identifier management overflow|bef4515b-eaa9-11d8-9440-000347a4fa7d
rsync<2.6.2_2|http://lists.samba.org/archive/rsync-announce/2004/000017.html|security hole in non-chroot rsync daemon|2689f4cb-ec4c-11d8-9440-000347a4fa7d
sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.html|Sympa unauthorized list creation security issue|4a160c54-ed46-11d8-81b0-000347a4fa7d
+phpgedview<2.65.5|http://sourceforge.net/forum/forum.php?forum_id=344342 http://secunia.com/advisories/10602 http://www.osvdb.org/3473 http://www.osvdb.org/3474 http://www.osvdb.org/3475 http://www.osvdb.org/3476 http://www.osvdb.org/3477 http://www.osvdb.org/3478 http://www.osvdb.org/3479 http://www.osvdb.org/3480 http://www.osvdb.org/3481 http://www.osvdb.org/3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 http://www.securityfocus.com/archive/1/349698|phpGedView: muliple vulnerabilities|c35d4cae-eed0-11d8-81b0-000347a4fa7d
diff --git a/ports-mgmt/portaudit-db/database/portaudit.xlist b/ports-mgmt/portaudit-db/database/portaudit.xlist
index 122e7ffb681c..63ace396044c 100644
--- a/ports-mgmt/portaudit-db/database/portaudit.xlist
+++ b/ports-mgmt/portaudit-db/database/portaudit.xlist
@@ -18,3 +18,4 @@ f9e3e60b-e650-11d8-9b0a-000347a4fa7d
abe47a5a-e23c-11d8-9b0a-000347a4fa7d
a713c0f9-ec54-11d8-9440-000347a4fa7d
5b8f9a02-ec93-11d8-b913-000c41e2cdad
+65a17a3f-ed6e-11d8-aff1-00061bc2ad93
diff --git a/ports-mgmt/portaudit-db/database/portaudit.xml b/ports-mgmt/portaudit-db/database/portaudit.xml
index 9a35be7de91a..d180a376dde3 100644
--- a/ports-mgmt/portaudit-db/database/portaudit.xml
+++ b/ports-mgmt/portaudit-db/database/portaudit.xml
@@ -776,4 +776,31 @@ This file is in the public domain.
<modified>2004-08-12</modified>
</dates>
</vuln>
+
+ <vuln vid="65a17a3f-ed6e-11d8-aff1-00061bc2ad93">
+ <topic>jftpgw remote syslog format string vulnerability</topic>
+ <affects>
+ <package>
+ <name>jftpgw</name>
+ <range><lt>0.13.5</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Remote authenticated users can execute arbitrary code by
+ passing a malicious string containing format specifiers.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2004-0448</cvename>
+ <bid>10438</bid>
+ <url>http://secunia.com/advisories/11732</url>
+ <url>http://www.debian.org/security/2004/dsa-510</url>
+ </references>
+ <dates>
+ <discovery>2004-05-29</discovery>
+ <entry>2004-08-13</entry>
+ </dates>
+ </vuln>
+
</vuxml>