diff options
| author | trhodes <trhodes@FreeBSD.org> | 2004-06-26 04:01:28 +0800 |
|---|---|---|
| committer | trhodes <trhodes@FreeBSD.org> | 2004-06-26 04:01:28 +0800 |
| commit | d0cdf35343b7456235184f5256879b19737f7c1a (patch) | |
| tree | 804478414442d91b88e6f4f4f7b88cc29f71b59e | |
| parent | 5938666a456a9cbe1981157e54e30389c4504131 (diff) | |
| download | freebsd-ports-gnome-d0cdf35343b7456235184f5256879b19737f7c1a.tar.gz freebsd-ports-gnome-d0cdf35343b7456235184f5256879b19737f7c1a.tar.zst freebsd-ports-gnome-d0cdf35343b7456235184f5256879b19737f7c1a.zip | |
Add an entry for recent isc-dhcp3-server buffer overflows.
Remove the one in portaudit.txt.
| -rw-r--r-- | ports-mgmt/portaudit-db/database/portaudit.txt | 1 | ||||
| -rw-r--r-- | security/portaudit-db/database/portaudit.txt | 1 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 29 |
3 files changed, 29 insertions, 2 deletions
diff --git a/ports-mgmt/portaudit-db/database/portaudit.txt b/ports-mgmt/portaudit-db/database/portaudit.txt index 22b1f9342a54..11d3718d087f 100644 --- a/ports-mgmt/portaudit-db/database/portaudit.txt +++ b/ports-mgmt/portaudit-db/database/portaudit.txt @@ -29,7 +29,6 @@ roundup<0.7.3|http://www.osvdb.org/6691 http://xforce.iss.net/xforce/xfdb/16350 sqwebmail<4.0.5|http://www.securityfocus.com/archive/1/366595|Sqwebmail XSS vulnerability|c3e56efa-c42f-11d8-864c-02e0185c0b53 isc-dhcp3<3.0.1.r11|http://www.cert.org/advisories/CA-2003-01.html http://www.kb.cert.org/vuls/id/284857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0026|ISC DHCPD minires library contains multiple buffer overflows|f71745cd-c509-11d8-8898-000d6111a684 isc-dhcp3<3.0.1.r11_1|http://www.kb.cert.org/vuls/id/149953 http://www.securityfocus.com/bid/6628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0039|ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received|02957734-c50b-11d8-8898-000d6111a684 -isc-dhcp3-{relay,server}>=3.0.1.r12<3.0.1.r14|http://www.us-cert.gov/cas/techalerts/TA04-174A.html http://www.kb.cert.org/vuls/id/317350 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0460|ISC DHCP remote exploitable stack buffer overflow vulnerability|7a9d5dfe-c507-11d8-8898-000d6111a684 icecast2<2.0.1,1|http://secunia.com/advisories/11578 http://www.osvdb.org/6075|Icecast remote DoS vulnerability|8de7cf18-c5ca-11d8-8898-000d6111a684 rssh<2.2.1|http://secunia.com/advisories/11926 http://www.securityfocus.com/archive/1/366691|rssh file existence information disclosure weakness|a4815970-c5cc-11d8-8898-000d6111a684 sup<=2.0|http://secunia.com/advisories/11898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0451|CMU SUP logging format string vulnerabilities|238ea8eb-c5cf-11d8-8898-000d6111a684 diff --git a/security/portaudit-db/database/portaudit.txt b/security/portaudit-db/database/portaudit.txt index 22b1f9342a54..11d3718d087f 100644 --- a/security/portaudit-db/database/portaudit.txt +++ b/security/portaudit-db/database/portaudit.txt @@ -29,7 +29,6 @@ roundup<0.7.3|http://www.osvdb.org/6691 http://xforce.iss.net/xforce/xfdb/16350 sqwebmail<4.0.5|http://www.securityfocus.com/archive/1/366595|Sqwebmail XSS vulnerability|c3e56efa-c42f-11d8-864c-02e0185c0b53 isc-dhcp3<3.0.1.r11|http://www.cert.org/advisories/CA-2003-01.html http://www.kb.cert.org/vuls/id/284857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0026|ISC DHCPD minires library contains multiple buffer overflows|f71745cd-c509-11d8-8898-000d6111a684 isc-dhcp3<3.0.1.r11_1|http://www.kb.cert.org/vuls/id/149953 http://www.securityfocus.com/bid/6628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0039|ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received|02957734-c50b-11d8-8898-000d6111a684 -isc-dhcp3-{relay,server}>=3.0.1.r12<3.0.1.r14|http://www.us-cert.gov/cas/techalerts/TA04-174A.html http://www.kb.cert.org/vuls/id/317350 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0460|ISC DHCP remote exploitable stack buffer overflow vulnerability|7a9d5dfe-c507-11d8-8898-000d6111a684 icecast2<2.0.1,1|http://secunia.com/advisories/11578 http://www.osvdb.org/6075|Icecast remote DoS vulnerability|8de7cf18-c5ca-11d8-8898-000d6111a684 rssh<2.2.1|http://secunia.com/advisories/11926 http://www.securityfocus.com/archive/1/366691|rssh file existence information disclosure weakness|a4815970-c5cc-11d8-8898-000d6111a684 sup<=2.0|http://secunia.com/advisories/11898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0451|CMU SUP logging format string vulnerabilities|238ea8eb-c5cf-11d8-8898-000d6111a684 diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 5a08d9c2e57b..289726be1436 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,35 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="7a9d5dfe-c507-11d8-8898-000d6111a684"> + <topic>isc-dhcp3-server buffer overflow in logging mechanism</topic> + <affects> + <package> + <name>isc-dhcp3-server</name> + <range><lt>3.0.1.r12</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>A buffer overflow exists in the logging functionality + of the DHCP daemon which could lead to Denial of Service + attacks and has the potential to allow attackers to + execute arbitrary code.</p> + </body> + </description> + <references> + <cvename>CAN-2004-0460</cvename> + <url>http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:061</url> + <url>http://www.us-cert.gov/cas/techalerts/TA04-174A.html</url> + <url>http://www.kb.cert.org/vuls/id/317350</url> + <url>http://marc.theaimsgroup.com/?l=bugtraq&m=108795911203342&w=2</url> + </references> + <dates> + <discovery>2004-06-22</discovery> + <entry>2004-06-25</entry> + </dates> + </vuln> + <vuln vid="1f738bda-c6ac-11d8-8898-000d6111a684"> <topic>Remote Denial of Service of HTTP server and client</topic> <affects> |