path: root/security/portaudit-db/database/portaudit.txt

# portaudit text based database
# $FreeBSD$
apache>=2.*<2.0.49_1|http://www.osvdb.org/6472 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0488|mod_ssl stack-based buffer overflow|662cd99e-bc9d-11d8-916c-000347dd607f
apache+mod_ssl*<1.3.31+2.8.18|http://www.osvdb.org/6472 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0488|mod_ssl stack-based buffer overflow|662cd99e-bc9d-11d8-916c-000347dd607f
ru-apache+mod_ssl<1.3.31+30.20+2.8.18|http://www.osvdb.org/6472 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0488|mod_ssl stack-based buffer overflow|662cd99e-bc9d-11d8-916c-000347dd607f
apache<1.3.31_1|http://www.osvdb.org/6839 http://www.apacheweek.com/features/security-13|mod_proxy buffer overflow (CAN-2004-0492)|5bcd500c-bc9d-11d8-916c-000347dd607f
apache+mod_ssl*<1.3.31+2.8.18_4|http://www.osvdb.org/6839 http://www.apacheweek.com/features/security-13|mod_proxy buffer overflow (CAN-2004-0492)|5bcd500c-bc9d-11d8-916c-000347dd607f
ru-apache+mod_ssl<=1.3.31+30.20+2.8.18|http://www.osvdb.org/6839 http://www.apacheweek.com/features/security-13|mod_proxy buffer overflow (CAN-2004-0492)|5bcd500c-bc9d-11d8-916c-000347dd607f
dbmail{-mysql,-postgresql}<1.2.8a|http://mailman.fastxs.net/pipermail/dbmail/2004-June/004960.html|DBMail: remote exploitable buffer overflow|3b9b196e-bd12-11d8-b071-00e08110b673
smtpproxy<=1.1.3|http://0xbadc0ded.org/advisories/0402.txt|smtpproxy: remotely exploitable format string vulnerability|1abf65f9-bc9d-11d8-916c-000347dd607f
subversion{,-perl,-python}<1.0.5|http://www.osvdb.org/6935 http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt|subversion: remote exploitable buffer overflow in 'svn://' parser|4616bc3b-bd0f-11d8-a252-02e0185c0b53
imp<3.2.4|http://article.gmane.org/gmane.comp.horde.imp/14421/|imp: XSS hole exploited via the Content-type header of malicious emails|911f1b19-bd20-11d8-84f9-000bdb1444a4
chora<1.2.2|http://article.gmane.org/gmane.comp.horde.chora/610/|chora: hole in the diff code that allowed malicious input|9e09399d-bd21-11d8-84f9-000bdb1444a4
squirrelmail<1.4.3a|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519 http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
ja-squirrelmail<1.4.3a,1|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519 http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
webmin<1.150|http://www.webmin.com/changes-1.150.html http://www.osvdb.org/6729 http://www.osvdb.org/6730|Multiple vulnerabilities in Webmin|ab61715f-c027-11d8-b00e-000347a4fa7d
racoon<20040617a|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022617.html http://www.securityfocus.com/archive/1/366023 http://securitytracker.com/alerts/2004/Jun/1010495.html http://orange.kame.net/dev/cvsweb.cgi/kame/kame/kame/racoon/crypto_openssl.c#rev1.86|Racoon may validate invalid certificates|a96c1d37-c033-11d8-b00e-000347a4fa7d
ircd-hybrid<=7.0_1|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022820.html http://www.securityfocus.com/archive/1/366486 http://www.osvdb.org/7242|ircd-hybrid-7 low-bandwidth DoS|23aafa20-c28a-11d8-864c-02e0185c0b53
ircd-hybrid-ru<=7.1_2|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022820.html http://www.securityfocus.com/archive/1/366486 http://www.osvdb.org/7242|ircd-hybrid-7 low-bandwidth DoS|23aafa20-c28a-11d8-864c-02e0185c0b53
{,??-}aspell<=0.50.5_2|http://nettwerked.mg2.org/advisories/wlc http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2|Buffer overflow in word-list-compress|b7b03bab-c296-11d8-bfb2-000bdb1444a4
linux-aspell<=0.50.4.1|http://nettwerked.mg2.org/advisories/wlc http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2|Buffer overflow in word-list-compress|b7b03bab-c296-11d8-bfb2-000bdb1444a4
bnbt<7.5b3|http://www.osvdb.org/6336|BNBT Authorization Header DoS|0f9b3542-c35f-11d8-8898-000d6111a684
scorched3d<0.37.2|http://marc.theaimsgroup.com/?l=bugtraq&m=108152473130133&w=2 http://www.osvdb.org/5086 http://www.freebsd.org/cgi/query-pr.cgi?pr=67541|Scorched 3D server chat box format string vulnerability|36808860-c363-11d8-8898-000d6111a684
super<3.23.0|http://www.secunia.com/advisories/11899 http://www.debian.org/security/2004/dsa-522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0579|super format string vulnerability|fae06c04-c38c-11d8-8898-000d6111a684
mailman<2.1.5|http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0412 http://www.osvdb.org/6422|mailman allows 3rd parties to retrieve member passwords|2a405a43-c396-11d8-8898-000d6111a684
roundup<0.7.3|http://www.osvdb.org/6691 http://xforce.iss.net/xforce/xfdb/16350 http://securityfocus.com/bid/10495 http://mail.python.org/pipermail/python-announce-list/2004-May/003126.html|Roundup remote file disclosure vulnerability|40800696-c3b0-11d8-864c-02e0185c0b53
sqwebmail<4.0.5|http://www.securityfocus.com/archive/1/366595|Sqwebmail XSS vulnerability|c3e56efa-c42f-11d8-864c-02e0185c0b53
isc-dhcp3<3.0.1.r11|http://www.cert.org/advisories/CA-2003-01.html http://www.kb.cert.org/vuls/id/284857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0026|ISC DHCPD minires library contains multiple buffer overflows|f71745cd-c509-11d8-8898-000d6111a684
isc-dhcp3<3.0.1.r11_1|http://www.kb.cert.org/vuls/id/149953 http://www.securityfocus.com/bid/6628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0039|ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received|02957734-c50b-11d8-8898-000d6111a684
icecast2<2.0.1,1|http://secunia.com/advisories/11578 http://www.osvdb.org/6075|Icecast remote DoS vulnerability|8de7cf18-c5ca-11d8-8898-000d6111a684
rssh<2.2.1|http://secunia.com/advisories/11926 http://www.securityfocus.com/archive/1/366691|rssh file existence information disclosure weakness|a4815970-c5cc-11d8-8898-000d6111a684
sup<=2.0|http://secunia.com/advisories/11898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0451|CMU SUP logging format string vulnerabilities|238ea8eb-c5cf-11d8-8898-000d6111a684
rlpr<2.04_1|http://secunia.com/advisories/11906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0454 http://www.osvdb.org/7194 http://www.osvdb.org/7195 http://securitytracker.com/id?1010545 http://www.securityfocus.com/archive/1/367045|rlpr "msg()" buffer overflow and format string vulnerabilities|29a72da5-c5ea-11d8-8898-000d6111a684
pure-ftpd<1.0.19|http://www.pureftpd.org/|Pure-FTPd DoS when maximum number of connections is reached|ec5cf461-c691-11d8-8898-000d6111a684
libxine<1.0.r4|http://www.xinehq.de/index.php/security/XSA-2004-3 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0433 http://secunia.com/advisories/11500|xine-lib RTSP handling vulnerabilities|83cbd52c-c8e8-11d8-8898-000d6111a684
apache>=2.*<2.0.49_3|http://www.guninski.com/httpd1.html http://www.apacheweek.com/features/security-20 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493 http://secunia.com/advisories/11956 http://www.osvdb.org/7269|Apache input header folding DoS vulnerability|81a8c9c2-c94f-11d8-8898-000d6111a684
isakmpd<20040611|http://lists.netsys.com/pipermail/full-disclosure/2004-June/022399.html http://www.osvdb.org/6951 http://www.secunia.com/advisories/11827 http://www.securityfocus.com/bid/10496|isakmpd security association deletion vulnerability|9a73a5b4-c9b5-11d8-95ca-02e081301d81
krb5<1.3.4|http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-001-an_to_ln.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0523 http://www.osvdb.org/6846 http://secunia.com/advisories/11753 http://www.kb.cert.org/vuls/id/686862 http://www.securityfocus.com/bid/10448|MIT Kerberos 5 krb5_aname_to_localname() buffer overflow|5177b6e5-c9b7-11d8-95ca-02e081301d81
SSLtelnet<=0.13_1|http://lists.freebsd.org/pipermail/freebsd-ports/2004-June/013878.html|SSLtelnet remote format string vulnerability|c63936c1-caed-11d8-8898-000d6111a684