summaryrefslogtreecommitdiffstats
path: root/security/vuxml
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2004-02-12 14:23:48 +0000
committernectar <nectar@FreeBSD.org>2004-02-12 14:23:48 +0000
commit5b652b203a78065ebb45dee28ebfc9842c9a43df (patch)
treed72428ab69d62528d600f5668eb24061474bd50e /security/vuxml
parent4c2bf369e5b688b3c6d9ff38d63b6e0d2509c8a3 (diff)
downloadFreeBSD-ports-5b652b203a78065ebb45dee28ebfc9842c9a43df.zip
FreeBSD-ports-5b652b203a78065ebb45dee28ebfc9842c9a43df.tar.gz
Add VuXML DTDs and the VuXML document for FreeBSD.
Diffstat (limited to 'security/vuxml')
-rw-r--r--security/vuxml/Makefile98
-rw-r--r--security/vuxml/distinfo2
-rw-r--r--security/vuxml/files/catalog.xml22
-rw-r--r--security/vuxml/files/vuxml.cat4
-rw-r--r--security/vuxml/pkg-descr4
-rw-r--r--security/vuxml/pkg-plist4
-rw-r--r--security/vuxml/vuln.xml481
7 files changed, 615 insertions, 0 deletions
diff --git a/security/vuxml/Makefile b/security/vuxml/Makefile
new file mode 100644
index 0000000..79a2fd3
--- /dev/null
+++ b/security/vuxml/Makefile
@@ -0,0 +1,98 @@
+# New ports collection makefile for: vuxml
+# Date created: 2004/02/12
+# Whom: nectar@FreeBSD.org
+#
+# $FreeBSD$
+#
+
+PORTNAME= vuxml
+PORTVERSION= 1.0
+PORTREVISION= 0
+CATEGORIES= security textproc
+MASTER_SITES= http://www.vuxml.org/dtd/vuxml-1/
+DISTFILES= vuxml-10.dtd vuxml-model-10.mod
+
+MAINTAINER= nectar@FreeBSD.org
+COMMENT= Vulnerability and eXposure Markup Language DTD
+
+RUN_DEPENDS= ${XMLCATMGR}:${PORTSDIR}/textproc/xmlcatmgr \
+ ${LOCALBASE}/share/xml/dtd/xhtml-modularization/VERSION:${PORTSDIR}/textproc/xhtml-modularization \
+ ${LOCALBASE}/share/xml/dtd/xhtml-basic/xhtml-basic10.dtd:${PORTSDIR}/textproc/xhtml-basic
+
+NO_MTREE= YES
+NO_BUILD= YES
+WRKSRC= ${WRKDIR}
+
+dir_DTD= share/xml/dtd/vuxml
+
+XMLCATMGR= ${LOCALBASE}/bin/xmlcatmgr
+SGMLCAT= ${PREFIX}/share/sgml/catalog.ports
+XMLCAT= ${PREFIX}/share/xml/catalog.ports
+
+XMLCAT_ADD= ${XMLCATMGR} -c ${XMLCAT} add nextCatalog \
+ ${PREFIX}/${dir_DTD}/catalog.xml
+XMLCAT_RM= ${XMLCATMGR} -c ${XMLCAT} remove nextCatalog \
+ ${PREFIX}/${dir_DTD}/catalog.xml
+SGMLCAT_ADD= ${XMLCATMGR} -sc ${SGMLCAT} add CATALOG \
+ ${PREFIX}/${dir_DTD}/vuxml.cat
+SGMLCAT_RM= ${XMLCATMGR} -sc ${SGMLCAT} remove CATALOG \
+ ${PREFIX}/${dir_DTD}/vuxml.cat
+
+CATALOG_PORTS_SGML= ${PREFIX}/share/sgml/catalog.ports
+CATALOG_PORTS_XML= ${PREFIX}/share/xml/catalog.ports
+
+PLIST= ${WRKDIR}/PLIST
+
+VUXML_FILE?= ${PKGDIR}/vuln.xml
+
+do-extract:
+ @${RM} -rf ${WRKDIR}
+ @${MKDIR} ${WRKDIR}
+.for f in ${DISTFILES}
+ ${CP} ${_DISTDIR}/${f} ${WRKDIR}/${f}
+.endfor
+
+pre-install:
+ ${CP} ${PKGDIR}/pkg-plist ${PLIST}
+ ${ECHO} "@unexec ${XMLCAT_RM}" >> ${PLIST}
+ ${ECHO} "@exec ${XMLCAT_ADD}" >> ${PLIST}
+ ${ECHO} "@unexec ${SGMLCAT_RM}" >> ${PLIST}
+ ${ECHO} "@exec ${SGMLCAT_ADD}" >> ${PLIST}
+ ${ECHO} "@dirrm ${dir_DTD}" >> ${PLIST}
+ ${ECHO} '@unexec rmdir %D share/xml/dtd 2>/dev/null || true' >> \
+ ${PLIST}
+
+do-install:
+ @[ -d ${PREFIX}/${dir_DTD} ] || \
+ ${MKDIR} ${PREFIX}/${dir_DTD}
+.for f in ${DISTFILES}
+ ${INSTALL_DATA} ${WRKSRC}/${f} ${PREFIX}/${dir_DTD}/${f}
+.endfor
+ ${SED} -e "s;@@PREFIX@@;${PREFIX};g" ${FILESDIR}/catalog.xml > \
+ ${WRKDIR}/catalog.xml
+ ${INSTALL_DATA} ${WRKDIR}/catalog.xml ${PREFIX}/${dir_DTD}/catalog.xml
+ ${INSTALL_DATA} ${FILESDIR}/vuxml.cat ${PREFIX}/${dir_DTD}/vuxml.cat
+ ${XMLCAT_ADD}
+ ${SGMLCAT_ADD}
+
+validate:
+.if defined(WITH_XMLLINT)
+ ${SETENV} SGML_CATALOG_FILES="${CATALOG_PORTS_XML}" \
+ xmllint --catalogs --valid --noout "${VUXML_FILE}"
+.elif defined(WITH_NSGMLS)
+ ${SETENV} SP_CHARSET_FIXED=YES SP_ENCODING=XML \
+ nsgmls -wxml -s "${VUXML_FILE}"
+.elif defined(WITH_RXP)
+ ${SETENV} XML_CATALOG_FILES="${CATALOG_PORTS_XML}" \
+ rxp -EVNxs "${VUXML_FILE}"
+.else
+ @${ECHO} "Define one of the following to validate:"
+ @${ECHO} " WITH_XMLLINT Use xmllint from libxml2"
+ @${ECHO} " WITH_NSGMLS Use nsgmls from jade"
+# RXP 1.4 works great, but the ports system is stuck at 1.2.5
+# @${ECHO} " WITH_RXP Use rxp"
+ @${ECHO}
+ @${FALSE}
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/vuxml/distinfo b/security/vuxml/distinfo
new file mode 100644
index 0000000..133d944
--- /dev/null
+++ b/security/vuxml/distinfo
@@ -0,0 +1,2 @@
+MD5 (vuxml-10.dtd) = a0fa5d5facdff104bbf25c7e55459fac
+MD5 (vuxml-model-10.mod) = bc4b64d08d60d2d4d0dc5b3f83f4fca0
diff --git a/security/vuxml/files/catalog.xml b/security/vuxml/files/catalog.xml
new file mode 100644
index 0000000..2d187c0
--- /dev/null
+++ b/security/vuxml/files/catalog.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0"?>
+<!DOCTYPE catalog PUBLIC "-//OASIS//DTD Entity Resolution XML Catalog V1.0//EN"
+ "http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd">
+
+
+<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog"
+ prefer="public"
+ xml:base="file://@@PREFIX@@/share/xml/dtd/vuxml/">
+
+ <rewriteSystem
+ systemIdStartString="http://www.vuxml.org/dtd/vuxml-1"
+ rewritePrefix="./" />
+
+ <public
+ publicId="-//vuxml.org/DTD VuXML 1.0//EN"
+ uri="vuxml-10.dtd" />
+
+ <public
+ publicId="-//vuxml.org//ELEMENTS VuXML 1.0 Document Model//EN"
+ uri="vuxml-model-10.mod" />
+
+</catalog>
diff --git a/security/vuxml/files/vuxml.cat b/security/vuxml/files/vuxml.cat
new file mode 100644
index 0000000..e09ccff
--- /dev/null
+++ b/security/vuxml/files/vuxml.cat
@@ -0,0 +1,4 @@
+OVERRIDE YES
+
+PUBLIC "-//vuxml.org//DTD VuXML 1.0//EN" "vuxml-10.dtd"
+PUBLIC "-//vuxml.org//ELEMENTS VuXML 1.0 Document Model//EN" "vuxml-model-10.mod"
diff --git a/security/vuxml/pkg-descr b/security/vuxml/pkg-descr
new file mode 100644
index 0000000..ee0a0bc
--- /dev/null
+++ b/security/vuxml/pkg-descr
@@ -0,0 +1,4 @@
+VuXML (the Vulnerability and eXposure Markup Language) is an XML
+application for documenting security bugs and corrections within
+a software package collection such as the FreeBSD Ports Collection.
+This port installs the DTDs required for validating VuXML documents.
diff --git a/security/vuxml/pkg-plist b/security/vuxml/pkg-plist
new file mode 100644
index 0000000..c011ca1
--- /dev/null
+++ b/security/vuxml/pkg-plist
@@ -0,0 +1,4 @@
+share/xml/dtd/vuxml/catalog.xml
+share/xml/dtd/vuxml/vuxml-10.dtd
+share/xml/dtd/vuxml/vuxml-model-10.mod
+share/xml/dtd/vuxml/vuxml.cat
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
new file mode 100644
index 0000000..67041da
--- /dev/null
+++ b/security/vuxml/vuln.xml
@@ -0,0 +1,481 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!--
+Copyright 2003, 2004 Jacques Vidrine and contributors
+
+Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
+HTML, PDF, PostScript, RTF and so forth) with or without modification,
+are permitted provided that the following conditions are met:
+1. Redistributions of source code (VuXML) must retain the above
+ copyright notice, this list of conditions and the following
+ disclaimer as the first lines of this file unmodified.
+2. Redistributions in compiled form (transformed to other DTDs,
+ published online in any format, converted to PDF, PostScript,
+ RTF and other formats) must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer
+ in the documentation and/or other materials provided with the
+ distribution.
+
+THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
+BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
+OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+-->
+<!DOCTYPE vuxml PUBLIC "-//vuxml.org//DTD VuXML 1.0//EN"
+ "http://www.vuxml.org/dtd/vuxml-1/vuxml-10.dtd">
+<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+
+ <vuln vid="67c05283-5d62-11d8-80e3-0020ed76ef5a">
+ <topic>Buffer overflow in Mutt 1.4</topic>
+ <affects>
+ <package>
+ <name>mutt</name>
+ <name>ja-mutt</name>
+ <range><ge>1.4</ge><lt>1.4.2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Mutt 1.4 contains a buffer overflow that could be exploited
+ with a specially formed message, causing Mutt to crash or
+ possibly execute arbitrary code.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2004-0078</cvename>
+ <url>http://www.mutt.org/news.html</url>
+ </references>
+ <dates>
+ <discovery>2004/02/11</discovery>
+ <entry>2004/02/12</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="7557a2b1-5d63-11d8-80e3-0020ed76ef5a">
+ <topic>Apache-SSL optional client certificate vulnerability</topic>
+ <affects>
+ <package>
+ <name>apache+ssl</name>
+ <range><lt>1.3.29.1.53</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>From the Apache-SSL security advisory:</p>
+ <blockquote>
+ If configured with SSLVerifyClient set to 1 or 3 (client
+ certificates optional) and SSLFakeBasicAuth, Apache-SSL
+ 1.3.28+1.52 and all earlier versions would permit a
+ client to use real basic authentication to forge a client
+ certificate.
+
+ All the attacker needed is the "one-line DN" of a valid
+ user, as used by faked basic auth in Apache-SSL, and the
+ fixed password ("password" by default).
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://www.apache-ssl.org/advisory-20040206.txt</url>
+ </references>
+ <dates>
+ <discovery>2004/02/06</discovery>
+ <entry>2004/02/10</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="96ba2dae-4ab0-11d8-96f2-0020ed76ef5a">
+ <topic>L2TP, ISAKMP, and RADIUS parsing vulnerabilities in
+ tcpdump</topic>
+ <affects>
+ <package>
+ <name>tcpdump</name>
+ <range><lt>3.8.1_351</lt></range>
+ </package>
+ <system>
+ <name>FreeBSD</name>
+ <range><lt>5.2.1</lt></range>
+ </system>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Jonathan Heusser discovered vulnerabilities in tcpdump's
+ L2TP, ISAKMP, and RADIUS protocol handlers. These
+ vulnerabilities may be used by an attacker to crash a running
+ `tcpdump' process.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2003-0989</cvename>
+ <cvename>CAN-2003-1029</cvename>
+ <cvename>CAN-2004-0057</cvename>
+ <url>http://marc.theaimsgroup.com/?l=tcpdump-workers&amp;m=107228187124962&amp;w=2</url>
+ <url>http://marc.theaimsgroup.com/?l=tcpdump-workers&amp;m=107325073018070&amp;w=2</url>
+ </references>
+ <dates>
+ <discovery>2003-12-24</discovery>
+ <entry>2004-01-19</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="20be2982-4aae-11d8-96f2-0020ed76ef5a">
+ <topic>fsp buffer overflow and directory traversal vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>fspd</name>
+ <range><gt>0</gt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The <a href="http://www.debian.org/security">Debian
+ security team</a> reported a pair of vulnerabilities in
+ fsp:</p>
+ <blockquote cite="http://www.debian.org/security/2004/dsa-416">
+ <p>A vulnerability was discovered in fsp, client utilities
+ for File Service Protocol (FSP), whereby a remote user could
+ both escape from the FSP root directory (CAN-2003-1022), and
+ also overflow a fixed-length buffer to execute arbitrary
+ code (CAN-2004-0011).</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2003-1022</cvename>
+ <cvename>CAN-2004-0011</cvename>
+ <url>http://www.debian.org/security/2004/dsa-416</url>
+ </references>
+ <dates>
+ <discovery>2004-01-06</discovery>
+ <entry>2004-01-19</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="fd376b8b-41e1-11d8-b096-0020ed76ef5a">
+ <topic>Buffer overflow in INN control message handling</topic>
+ <affects>
+ <package>
+ <name>inn</name>
+ <range><lt>2.4.1</lt></range>
+ </package>
+ <package>
+ <name>inn-stable</name>
+ <range><lt>20031022_1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>A small, fixed-size stack buffer is used to construct a
+ filename based on a received control message. This could
+ result in a stack buffer overflow.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html</url>
+ </references>
+ <dates>
+ <discovery>2004-01-07</discovery>
+ <entry>2004-01-08</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="cf0fb426-3f96-11d8-b096-0020ed76ef5a">
+ <topic>ProFTPD ASCII translation bug resulting in remote root
+ compromise</topic>
+ <affects>
+ <package>
+ <name>proftpd</name>
+ <range><lt>1.2.8_1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>A buffer overflow exists in the ProFTPD code that handles
+ translation of newline characters during ASCII-mode file
+ uploads. An attacker may exploit this buffer overflow by
+ uploading a specially crafted file, resulting in code
+ execution and ultimately a remote root compromise.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://xforce.iss.net/xforce/alerts/id/154</url>
+ <cvename>CAN-2003-0831</cvename>
+ </references>
+ <dates>
+ <discovery>2003-09-23</discovery>
+ <entry>2004-01-05</entry>
+ </dates>
+ </vuln>
+ <vuln vid="f04cc5cb-2d0b-11d8-beaf-000a95c4d922">
+ <topic>bind8 negative cache poison attack</topic>
+ <affects>
+ <package>
+ <name>bind</name>
+ <range><ge>8.3</ge><lt>8.3.7</lt></range>
+ <range><ge>8.4</ge><lt>8.4.3</lt></range>
+ </package>
+ <system>
+ <name>FreeBSD</name>
+ <range><ge>5.1</ge><lt>5.1p11</lt></range>
+ <range><ge>5.0</ge><lt>5.0p19</lt></range>
+ <range><ge>4.9</ge><lt>4.9p1</lt></range>
+ <range><ge>4.8</ge><lt>4.8p14</lt></range>
+ <range><ge>4.7</ge><lt>4.7p24</lt></range>
+ <range><ge>4.6</ge><lt>4.6.2p27</lt></range>
+ <range><ge>4.5</ge><lt>4.5p37</lt></range>
+ <range><lt>4.4p47</lt></range>
+ </system>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>A programming error in BIND 8 named can result in a DNS
+ message being incorrectly cached as a negative response. As
+ a result, an attacker may arrange for malicious DNS messages
+ to be delivered to a target name server, and cause that name
+ server to cache a negative response for some target domain
+ name. The name server would thereafter respond negatively
+ to legitimate queries for that domain name, resulting in a
+ denial-of-service for applications that require DNS.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2003-0914</cvename>
+ <freebsdsa>SA-03:19</freebsdsa>
+ <certvu>734644</certvu>
+ </references>
+ <dates>
+ <discovery>2003-11-28</discovery>
+ <entry>2003-12-12</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="81313647-2d03-11d8-9355-0020ed76ef5a">
+ <topic>ElGamal sign+encrypt keys created by GnuPG can be
+ compromised</topic>
+ <affects>
+ <package>
+ <name>gnupg</name>
+ <range><ge>1.0.2</ge><lt>1.2.3_4</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Any ElGamal sign+encrypt keys created by GnuPG contain a
+ cryptographic weakness that may allow someone to obtain
+ the private key. <strong>These keys should be considered
+ unusable and should be revoked.</strong></p>
+ <p>The following summary was written by Werner Koch, GnuPG
+ author:</p>
+ <blockquote cite="http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html">
+ <p>Phong Nguyen identified a severe bug in the way GnuPG
+ creates and uses ElGamal keys for signing. This is
+ a significant security failure which can lead to a
+ compromise of almost all ElGamal keys used for signing.
+ Note that this is a real world vulnerability which will
+ reveal your private key within a few seconds.</p>
+ <p>...</p>
+ <p>Please <em>take immediate action and revoke your ElGamal
+ signing keys</em>. Furthermore you should take whatever
+ measures necessary to limit the damage done for signed or
+ encrypted documents using that key.</p>
+ <p>Note that the standard keys as generated by GnuPG (DSA
+ and ElGamal encryption) as well as RSA keys are NOT
+ vulnerable. Note also that ElGamal signing keys cannot
+ be generated without the use of a special flag to enable
+ hidden options and even then overriding a warning message
+ about this key type. See below for details on how to
+ identify vulnerable keys.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2003-0971</cvename>
+ <url>http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html</url>
+ </references>
+ <dates>
+ <discovery>2003-11-27</discovery>
+ <entry>2003-12-12</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="96fdbf5b-2cfd-11d8-9355-0020ed76ef5a">
+ <topic>Mathopd buffer overflow</topic>
+ <affects>
+ <package>
+ <name>mathopd</name>
+ <range><lt>1.4p2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Mathopd contains a buffer overflow in the prepare_reply()
+ function that may be remotely exploitable.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://www.mail-archive.com/mathopd%40mathopd.org/msg00136.html</url>
+ </references>
+ <dates>
+ <discovery>2003-12-04</discovery>
+ <entry>2003-12-12</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="d7af61c8-2cc0-11d8-9355-0020ed76ef5a">
+ <topic>lftp HTML parsing vulnerability</topic>
+ <affects>
+ <package>
+ <name>lftp</name>
+ <range><le>2.6.10</le></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>A buffer overflow exists in lftp which may be triggered when
+ requesting a directory listing from a malicious server over
+ HTTP.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2003-0963</cvename>
+ <url>http://lftp.yar.ru/news.html#2.6.10</url>
+ </references>
+ <dates>
+ <discovery>2003-12-11</discovery>
+ <entry>2003-12-12</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="af0296be-2455-11d8-82e5-0020ed76ef5a">
+ <topic>Fetchmail address parsing vulnerability</topic>
+ <affects>
+ <package>
+ <name>fetchmail</name>
+ <range><le>6.2.0</le></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Fetchmail can be crashed by a malicious email message.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://security.e-matters.de/advisories/052002.html</url>
+ </references>
+ <dates>
+ <discovery>2003-10-25</discovery>
+ <entry>2003-10-25</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="2bcd2d24-24ca-11d8-82e5-0020ed76ef5a">
+ <topic>Buffer overflow in pam_smb password handling</topic>
+ <affects>
+ <package>
+ <name>pam_smb</name>
+ <range><lt>1.9.9_3</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Applications utilizing pam_smb can be compromised by
+ any user who can enter a password. In many cases,
+ this is a remote root compromise.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://www.skynet.ie/~airlied/pam_smb/</url>
+ <cvename>CAN-2003-0686</cvename>
+ </references>
+ <dates>
+ <discovery>2003-10-25</discovery>
+ <entry>2003-10-25</entry>
+ <modified>2003-10-25</modified>
+ </dates>
+ </vuln>
+
+ <vuln vid="c4b7badf-24ca-11d8-82e5-0020ed76ef5a">
+ <topic>Buffer overflows in libmcrypt</topic>
+ <affects>
+ <package>
+ <name>libmcrypt</name>
+ <range><lt>2.5.6</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>libmcrypt does incomplete input validation, leading to
+ several buffer overflow vuxml. Additionally,
+ a memory leak is present. Both of these problems may be
+ exploited in a denial-of-service attack.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://seclists.org/lists/bugtraq/2003/Jan/0022.html</url>
+ <cvename>CAN-2003-0031</cvename>
+ <cvename>CAN-2003-0032</cvename>
+ </references>
+ <dates>
+ <discovery>2003-10-25</discovery>
+ <entry>2003-10-25</entry>
+ <modified>2003-10-25</modified>
+ </dates>
+ </vuln>
+
+ <vuln vid="ebdf65c7-2ca6-11d8-9355-0020ed76ef5a">
+ <topic>qpopper format string vulnerability</topic>
+ <affects>
+ <package>
+ <name>qpopper</name>
+ <range><lt>2.53_1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>An authenticated user may trigger a format string
+ vulnerability present in qpopper's UIDL code, resulting
+ in arbitrary code execution with group ID `mail'
+ privileges.</p>
+ </body>
+ </description>
+ <references>
+ <bid>1241</bid>
+ <cvename>CVE-2000-0442</cvename>
+ <url>http://www.netsys.com/suse-linux-security/2000-May/att-0137/01-b0f5-Qpopper.txt</url>
+ </references>
+ <dates>
+ <discovery>2000-05-23</discovery>
+ <entry>2003-12-12</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="42c50e16-5ce8-11d8-80e3-0020ed76ef5a">
+ <topic>Vulnerable test port</topic>
+ <affects>
+ <package>
+ <name>vulnerability-test-port</name>
+ <range><lt>2004.02.12</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>This is a test entry.</p>
+ </body>
+ </description>
+ <references>
+ <url>http://cvsweb.freebsd.org/ports/security/vulnerability-test-port/</url>
+ </references>
+ <dates>
+ <discovery>2004-02-12</discovery>
+ <entry>2004-02-12</entry>
+ </dates>
+ </vuln>
+
+</vuxml>
OpenPOWER on IntegriCloud