diff options
| author | Beech Rintoul <beech@FreeBSD.org> | 2007-12-12 07:55:42 +0000 |
|---|---|---|
| committer | Beech Rintoul <beech@FreeBSD.org> | 2007-12-12 07:55:42 +0000 |
| commit | ef56eeec23fc5ab4b48956fe8cce1629fdd82c03 (patch) | |
| tree | 20373a46beb17869de77ea1b32880610509720d6 /security/vuxml/vuln.xml | |
| parent | f24415b0e3e181ae25337639cbf524b37891c20b (diff) | |
| download | ports-ef56eeec23fc5ab4b48956fe8cce1629fdd82c03.tar.gz ports-ef56eeec23fc5ab4b48956fe8cce1629fdd82c03.zip | |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
| -rw-r--r-- | security/vuxml/vuln.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 69b309f2a415..22e9130cfbc4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,33 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="b2571f88-a867-11dc-a6f0-00a0cce0781e"> + <topic>smbftpd -- format string vulnerability </topic> + <affects> + <package> + <name>smbftpd</name> + <range><lt>0.96</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>SO-AND-SO reports:</p> + <blockquote cite="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5184"> + <p>Format string vulnerability in the SMBDirList function in dirlist.c in + SmbFTPD 0.96 allows remote attackers to execute arbitrary code via + format string specifiers in a directory name..</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2007-5184</cvename> + </references> + <dates> + <discovery>2007-10-01</discovery> + <entry>2007-12-12</entry> + </dates> + </vuln> + <vuln vid="6ae7cef2-a6ae-11dc-95e6-000c29c5647f"> <topic>jetty -- multiple vulnerabilities</topic> <affects> |