diff options
author | eik <eik@FreeBSD.org> | 2004-09-07 18:44:11 +0800 |
---|---|---|
committer | eik <eik@FreeBSD.org> | 2004-09-07 18:44:11 +0800 |
commit | 2daf504fa265b69647367218beed3e2a9cb9b464 (patch) | |
tree | a49ee1baf522f0536ee7f52c5ea0c459e056a2d9 /security | |
parent | adeb0671f782c69a119139e76f0955a227e71c3e (diff) | |
download | freebsd-ports-gnome-2daf504fa265b69647367218beed3e2a9cb9b464.tar.gz freebsd-ports-gnome-2daf504fa265b69647367218beed3e2a9cb9b464.tar.zst freebsd-ports-gnome-2daf504fa265b69647367218beed3e2a9cb9b464.zip |
- XSS vulnerability in phpGroupWare wiki module
- add some references
Approved by: portmgr (implicit)
Diffstat (limited to 'security')
-rw-r--r-- | security/portaudit-db/database/portaudit.txt | 14 | ||||
-rw-r--r-- | security/portaudit-db/database/portaudit.xml | 36 |
2 files changed, 42 insertions, 8 deletions
diff --git a/security/portaudit-db/database/portaudit.txt b/security/portaudit-db/database/portaudit.txt index d34dbf954214..79095d81d9fa 100644 --- a/security/portaudit-db/database/portaudit.txt +++ b/security/portaudit-db/database/portaudit.txt @@ -63,16 +63,14 @@ sympa<4.1.2|http://secunia.com/advisories/12286 http://www.sympa.org/release.htm phpgedview<2.65.5|http://sourceforge.net/forum/forum.php?forum_id=344342 http://secunia.com/advisories/10602 http://www.osvdb.org/3473 http://www.osvdb.org/3474 http://www.osvdb.org/3475 http://www.osvdb.org/3476 http://www.osvdb.org/3477 http://www.osvdb.org/3478 http://www.osvdb.org/3479 http://www.osvdb.org/3480 http://www.osvdb.org/3481 http://www.osvdb.org/3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0067 http://www.securityfocus.com/archive/1/349698|phpGedView: muliple vulnerabilities|c35d4cae-eed0-11d8-81b0-000347a4fa7d {ja-,}phpgroupware<0.9.14.007|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0016 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0017 http://www.securityfocus.com/bid/9386 http://www.securityfocus.com/bid/9387 http://xforce.iss.net/xforce/xfdb/13489 http://xforce.iss.net/xforce/xfdb/14846 http://www.osvdb.org/2691 http://www.osvdb.org/6857 http://secunia.com/advisories/10046|phpGroupWare calendar and infolog SQL injection, calendar server side script execution|96fc0f03-ef13-11d8-81b0-000347a4fa7d {ja-,}phpgroupware<0.9.16.002|http://freshmeat.net/releases/168144 http://www.osvdb.org/8354 http://xforce.iss.net/xforce/xfdb/16970|phpGroupWare stores passwords in plain text|82f16a40-ef12-11d8-81b0-000347a4fa7d -gallery<1.4.4.1|http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0757.html http://xforce.iss.net/xforce/xfdb/17021 http://www.osvdb.org/9019 http://secunia.com/advisories/12316|Gallery arbitrary PHP file upload|031663de-f0a6-11d8-81b0-000347a4fa7d +gallery<1.4.4.1|http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0757.html http://xforce.iss.net/xforce/xfdb/17021 http://www.osvdb.org/9019 http://secunia.com/advisories/12316 http://www.securityfocus.com/bid/10968|Gallery arbitrary PHP file upload|031663de-f0a6-11d8-81b0-000347a4fa7d apache>=2.*<2.0.50_2|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0751 http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 http://issues.apache.org/bugzilla/show_bug.cgi?id=27945 http://issues.apache.org/bugzilla/show_bug.cgi?id=29690|potential security flaws in mod_ssl|0e08f539-f151-11d8-81b0-000347a4fa7d a2ps-{a4,letter,letterdj}<4.13b_2|http://www.freebsd.org/cgi/query-pr.cgi?pr=70618 http://secunia.com/advisories/12375 http://www.osvdb.org/9176 http://www.securityfocus.com/bid/11025|a2ps: Possible execution of shell commands as local user|8091fcea-f35e-11d8-81b0-000347a4fa7d -{ja-,}xv<=3.10a_3|http://secunia.com/advisories/12352 http://www.securityfocus.com/archive/1/372345 http://www.osvdb.org/9115 http://www.osvdb.org/9118 http://www.osvdb.org/9119 http://www.osvdb.org/9120|multiple buffer overflows in xv|34c453ba-f686-11d8-81b0-000347a4fa7d +{ja-,}xv<=3.10a_3|http://secunia.com/advisories/12352 http://www.securityfocus.com/archive/1/372345 http://www.osvdb.org/9115 http://www.osvdb.org/9118 http://www.osvdb.org/9119 http://www.osvdb.org/9120 http://www.securityfocus.com/bid/10985|multiple buffer overflows in xv|34c453ba-f686-11d8-81b0-000347a4fa7d nss<3.9|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0564 http://secunia.com/advisories/11096 http://www.osvdb.org/4197|Mozilla / NSS S/MIME DoS vulnerability|65532ad9-f69b-11d8-81b0-000347a4fa7d -cdrtools<2.0.3_4|ftp://ftp.berlios.de/pub/cdrecord/alpha/AN-2.01a38|security bug in rscsi client code|fdbbed57-f933-11d8-a776-00e081220a76 -cdrtools-cjk<2.0.3.20030714_4|ftp://ftp.berlios.de/pub/cdrecord/alpha/AN-2.01a38|security bug in rscsi client code|fdbbed57-f933-11d8-a776-00e081220a76 -cdrtools-devel<2.01a38|ftp://ftp.berlios.de/pub/cdrecord/alpha/AN-2.01a38|security bug in rscsi client code|fdbbed57-f933-11d8-a776-00e081220a76 {ja-,ru-,}gaim<0.82|http://www.osvdb.org/9261 http://www.osvdb.org/9262 http://www.osvdb.org/9263 http://www.osvdb.org/9264 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0754 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0785 http://www.securityfocus.com/bid/11056 http://gaim.sourceforge.net/security/index.php|multiple vulnerabilities in gaim|8b29b312-fa6e-11d8-81b0-000347a4fa7d {ja-,}samba<2.2.11.*|http://www.samba.org/samba/history/samba-2.2.11.html http://secunia.com/advisories/12397 http://www.osvdb.org/9362|samba printer change notification request DoS|d8ce23a5-fadc-11d8-81b0-000347a4fa7d -squid>=2.5.*<2.5.6_7|http://secunia.com/advisories/12444 http://www.squid-cache.org/bugs/show_bug.cgi?id=1045|squid ntlm authentication helper DoS|7c351421-fdbd-11d8-81b0-000347a4fa7d -FreeBSD>=502120<503000|http://secunia.com/advisories/11129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 http://www.osvdb.org/9360 http://www.osvdb.org/9361|zlib DoS vulnerability|1b98165f-fdd9-11d8-81b0-000347a4fa7d -FreeBSD>=600000<600001|http://secunia.com/advisories/11129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 http://www.osvdb.org/9360 http://www.osvdb.org/9361|zlib DoS vulnerability|1b98165f-fdd9-11d8-81b0-000347a4fa7d +squid>=2.5.*<2.5.6_7|http://secunia.com/advisories/12444 http://www.squid-cache.org/bugs/show_bug.cgi?id=1045 http://www.securityfocus.com/bid/11098|Squid NTLM authentication helper DoS|7c351421-fdbd-11d8-81b0-000347a4fa7d +FreeBSD>=502120<503000|http://secunia.com/advisories/11129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 http://www.osvdb.org/9360 http://www.osvdb.org/9361 http://www.securityfocus.com/bid/11051|zlib DoS vulnerability|1b98165f-fdd9-11d8-81b0-000347a4fa7d +FreeBSD>=600000<600001|http://secunia.com/advisories/11129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 http://www.osvdb.org/9360 http://www.osvdb.org/9361 http://www.securityfocus.com/bid/11051|zlib DoS vulnerability|1b98165f-fdd9-11d8-81b0-000347a4fa7d +{ja-,}phpgroupware<0.9.16.003|http://secunia.com/advisories/12466 http://phpgroupware.org/ http://www.osvdb.org/9729 http://freshmeat.net/releases/171909|XSS vulnerability in phpGroupWare wiki module|64726098-00aa-11d9-81b0-000347a4fa7d diff --git a/security/portaudit-db/database/portaudit.xml b/security/portaudit-db/database/portaudit.xml index 5d49a25af892..2bb28014dd18 100644 --- a/security/portaudit-db/database/portaudit.xml +++ b/security/portaudit-db/database/portaudit.xml @@ -1060,10 +1060,46 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. <url>http://www.osvdb.org/9521</url> <url>http://www.osvdb.org/9522</url> <bid>10354</bid> + <bid>11093</bid> + <url>http://rhn.redhat.com/errata/RHSA-2004-323.html</url> </references> <dates> <discovery>2004-05-19</discovery> <entry>2004-09-03</entry> </dates> </vuln> + + <vuln vid="fdbbed57-f933-11d8-a776-00e081220a76"> + <topic>cdrtools local privilege escalation</topic> + <affects> + <package> + <name>cdrtools</name> + <range><lt>2.0.3_4</lt></range> + </package> + <package> + <name>cdrtools-cjk</name> + <range><lt>2.0.3.20030714_4</lt></range> + </package> + <package> + <name>cdrtools-devel</name> + <range><lt>2.01a38</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Max Vozeler found a flaw in in cdrecord allowing a local root exploit</p> + </body> + </description> + <references> + <url>ftp://ftp.berlios.de/pub/cdrecord/alpha/AN-2.01a38</url> + <url>http://www.osvdb.org/9395</url> + <cvename>CAN-2004-0806</cvename> + <mlist msgid="E1C0yA3-0002cc-00@newraff.debian.org">http://lists.debian.org/debian-devel-changes/2004/08/msg03421.html</mlist> + <bid>11075</bid> + </references> + <dates> + <discovery>2004-08-28</discovery> + <entry>2004-08-30</entry> + </dates> + </vuln> </vuxml> |