diff options
| author | nectar <nectar@FreeBSD.org> | 2004-08-13 02:56:10 +0800 |
|---|---|---|
| committer | nectar <nectar@FreeBSD.org> | 2004-08-13 02:56:10 +0800 |
| commit | f7ae660ebe22724b64f9d0543c42973a5ec4aff2 (patch) | |
| tree | e01cb18272b61a8ed202c7c9351065e69e12f6b4 /security | |
| parent | 61933adeda5a24990fca25e72a27262d1671e245 (diff) | |
| download | freebsd-ports-graphics-f7ae660ebe22724b64f9d0543c42973a5ec4aff2.tar.gz freebsd-ports-graphics-f7ae660ebe22724b64f9d0543c42973a5ec4aff2.tar.zst freebsd-ports-graphics-f7ae660ebe22724b64f9d0543c42973a5ec4aff2.zip | |
Under certain configurations of POPfile may allow an attacker to
retrieve files from the victim's machine.
Reported by: Daniel Grund <mail@dgrund.de>
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index bc897837bb5..3e92cad95cb 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,31 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="12c7b7ae-ec90-11d8-b913-000c41e2cdad"> + <topic>popfile file disclosure</topic> + <affects> + <package> + <name>popfile</name> + <range><le>0.21.1_2</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>John Graham-Cumming reports that certain configurations of + POPFile may allow the retrieval of any files with the + extensions .gif, .png, .ico, .css, as well as some files with + the extension .html.</p> + </body> + </description> + <references> + <mlist>http://sourceforge.net/mailarchive/forum.php?thread_id=5248725&forum_id=12356</mlist> + </references> + <dates> + <discovery>2004-08-02</discovery> + <entry>2004-08-12</entry> + </dates> + </vuln> + <vuln vid="2de14f7a-dad9-11d8-b59a-00061bc2ad93"> <topic>Multiple Potential Buffer Overruns in Samba</topic> <affects> |