diff options
| author | Thierry Thomas <thierry@FreeBSD.org> | 2009-08-02 14:11:24 +0000 |
|---|---|---|
| committer | Thierry Thomas <thierry@FreeBSD.org> | 2009-08-02 14:11:24 +0000 |
| commit | 9bd4a28be3c71244bccb5481de86778b3896ba9a (patch) | |
| tree | f5306c071d61dfd170f97c54ec3479726c990382 /security/vuxml/vuln.xml | |
| parent | a4fc4d09a28267eee70bfd16b2399481afd81aa2 (diff) | |
| download | ports-9bd4a28be3c71244bccb5481de86778b3896ba9a.tar.gz ports-9bd4a28be3c71244bccb5481de86778b3896ba9a.zip | |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
| -rw-r--r-- | security/vuxml/vuln.xml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 0755708a6d7c..fa0ed18b94f4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,34 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="0d0237d0-7f68-11de-984d-0011098ad87f"> + <topic>SquirrelMail -- Plug-ins compromise</topic> + <affects> + <package> + <name>squirrelmail-multilogin-plugin</name> + <range><ge>2.3.4</ge><lt>2.3.4_2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>Problem Description:</h1> + <p>The SquirrelMail Web Server has been compromised, and three plugins + are affected.</p> + <p>The port of squirrelmail-sasql-plugin is safe (right MD5), and + change_pass is not in the FreeBSD ports tree, but multilogin has a + wrong MD5.</p> + </body> + </description> + <references> + <url>http://sourceforge.net/mailarchive/message.php?msg_name=4A727634.3080008%40squirrelmail.org</url> + <url>http://squirrelmail.org/index.php</url> + </references> + <dates> + <discovery>2009-07-31</discovery> + <entry>2009-08-02</entry> + </dates> + </vuln> + <vuln vid="83725c91-7c7e-11de-9672-00e0815b8da8"> <topic>BIND -- Dynamic update message remote DoS</topic> <affects> |