diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2004-02-12 14:23:48 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2004-02-12 14:23:48 +0000 |
| commit | b73c2468c353bc8fc01082f2e8eacdcfb7b14197 (patch) | |
| tree | 0155da473b7f2d35cf6b2e271b68525c7e2ec664 /security | |
| parent | 017e891a43b4010d1c3029a50c0d07681ecf93c4 (diff) | |
| download | ports-b73c2468c353bc8fc01082f2e8eacdcfb7b14197.tar.gz ports-b73c2468c353bc8fc01082f2e8eacdcfb7b14197.zip | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/Makefile | 98 | ||||
| -rw-r--r-- | security/vuxml/distinfo | 2 | ||||
| -rw-r--r-- | security/vuxml/files/catalog.xml | 22 | ||||
| -rw-r--r-- | security/vuxml/files/vuxml.cat | 4 | ||||
| -rw-r--r-- | security/vuxml/pkg-descr | 4 | ||||
| -rw-r--r-- | security/vuxml/pkg-plist | 4 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 481 |
7 files changed, 615 insertions, 0 deletions
diff --git a/security/vuxml/Makefile b/security/vuxml/Makefile new file mode 100644 index 000000000000..79a2fd30fab1 --- /dev/null +++ b/security/vuxml/Makefile @@ -0,0 +1,98 @@ +# New ports collection makefile for: vuxml +# Date created: 2004/02/12 +# Whom: nectar@FreeBSD.org +# +# $FreeBSD$ +# + +PORTNAME= vuxml +PORTVERSION= 1.0 +PORTREVISION= 0 +CATEGORIES= security textproc +MASTER_SITES= http://www.vuxml.org/dtd/vuxml-1/ +DISTFILES= vuxml-10.dtd vuxml-model-10.mod + +MAINTAINER= nectar@FreeBSD.org +COMMENT= Vulnerability and eXposure Markup Language DTD + +RUN_DEPENDS= ${XMLCATMGR}:${PORTSDIR}/textproc/xmlcatmgr \ + ${LOCALBASE}/share/xml/dtd/xhtml-modularization/VERSION:${PORTSDIR}/textproc/xhtml-modularization \ + ${LOCALBASE}/share/xml/dtd/xhtml-basic/xhtml-basic10.dtd:${PORTSDIR}/textproc/xhtml-basic + +NO_MTREE= YES +NO_BUILD= YES +WRKSRC= ${WRKDIR} + +dir_DTD= share/xml/dtd/vuxml + +XMLCATMGR= ${LOCALBASE}/bin/xmlcatmgr +SGMLCAT= ${PREFIX}/share/sgml/catalog.ports +XMLCAT= ${PREFIX}/share/xml/catalog.ports + +XMLCAT_ADD= ${XMLCATMGR} -c ${XMLCAT} add nextCatalog \ + ${PREFIX}/${dir_DTD}/catalog.xml +XMLCAT_RM= ${XMLCATMGR} -c ${XMLCAT} remove nextCatalog \ + ${PREFIX}/${dir_DTD}/catalog.xml +SGMLCAT_ADD= ${XMLCATMGR} -sc ${SGMLCAT} add CATALOG \ + ${PREFIX}/${dir_DTD}/vuxml.cat +SGMLCAT_RM= ${XMLCATMGR} -sc ${SGMLCAT} remove CATALOG \ + ${PREFIX}/${dir_DTD}/vuxml.cat + +CATALOG_PORTS_SGML= ${PREFIX}/share/sgml/catalog.ports +CATALOG_PORTS_XML= ${PREFIX}/share/xml/catalog.ports + +PLIST= ${WRKDIR}/PLIST + +VUXML_FILE?= ${PKGDIR}/vuln.xml + +do-extract: + @${RM} -rf ${WRKDIR} + @${MKDIR} ${WRKDIR} +.for f in ${DISTFILES} + ${CP} ${_DISTDIR}/${f} ${WRKDIR}/${f} +.endfor + +pre-install: + ${CP} ${PKGDIR}/pkg-plist ${PLIST} + ${ECHO} "@unexec ${XMLCAT_RM}" >> ${PLIST} + ${ECHO} "@exec ${XMLCAT_ADD}" >> ${PLIST} + ${ECHO} "@unexec ${SGMLCAT_RM}" >> ${PLIST} + ${ECHO} "@exec ${SGMLCAT_ADD}" >> ${PLIST} + ${ECHO} "@dirrm ${dir_DTD}" >> ${PLIST} + ${ECHO} '@unexec rmdir %D share/xml/dtd 2>/dev/null || true' >> \ + ${PLIST} + +do-install: + @[ -d ${PREFIX}/${dir_DTD} ] || \ + ${MKDIR} ${PREFIX}/${dir_DTD} +.for f in ${DISTFILES} + ${INSTALL_DATA} ${WRKSRC}/${f} ${PREFIX}/${dir_DTD}/${f} +.endfor + ${SED} -e "s;@@PREFIX@@;${PREFIX};g" ${FILESDIR}/catalog.xml > \ + ${WRKDIR}/catalog.xml + ${INSTALL_DATA} ${WRKDIR}/catalog.xml ${PREFIX}/${dir_DTD}/catalog.xml + ${INSTALL_DATA} ${FILESDIR}/vuxml.cat ${PREFIX}/${dir_DTD}/vuxml.cat + ${XMLCAT_ADD} + ${SGMLCAT_ADD} + +validate: +.if defined(WITH_XMLLINT) + ${SETENV} SGML_CATALOG_FILES="${CATALOG_PORTS_XML}" \ + xmllint --catalogs --valid --noout "${VUXML_FILE}" +.elif defined(WITH_NSGMLS) + ${SETENV} SP_CHARSET_FIXED=YES SP_ENCODING=XML \ + nsgmls -wxml -s "${VUXML_FILE}" +.elif defined(WITH_RXP) + ${SETENV} XML_CATALOG_FILES="${CATALOG_PORTS_XML}" \ + rxp -EVNxs "${VUXML_FILE}" +.else + @${ECHO} "Define one of the following to validate:" + @${ECHO} " WITH_XMLLINT Use xmllint from libxml2" + @${ECHO} " WITH_NSGMLS Use nsgmls from jade" +# RXP 1.4 works great, but the ports system is stuck at 1.2.5 +# @${ECHO} " WITH_RXP Use rxp" + @${ECHO} + @${FALSE} +.endif + +.include <bsd.port.mk> diff --git a/security/vuxml/distinfo b/security/vuxml/distinfo new file mode 100644 index 000000000000..133d9444c116 --- /dev/null +++ b/security/vuxml/distinfo @@ -0,0 +1,2 @@ +MD5 (vuxml-10.dtd) = a0fa5d5facdff104bbf25c7e55459fac +MD5 (vuxml-model-10.mod) = bc4b64d08d60d2d4d0dc5b3f83f4fca0 diff --git a/security/vuxml/files/catalog.xml b/security/vuxml/files/catalog.xml new file mode 100644 index 000000000000..2d187c0df09c --- /dev/null +++ b/security/vuxml/files/catalog.xml @@ -0,0 +1,22 @@ +<?xml version="1.0"?> +<!DOCTYPE catalog PUBLIC "-//OASIS//DTD Entity Resolution XML Catalog V1.0//EN" + "http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd"> + + +<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog" + prefer="public" + xml:base="file://@@PREFIX@@/share/xml/dtd/vuxml/"> + + <rewriteSystem + systemIdStartString="http://www.vuxml.org/dtd/vuxml-1" + rewritePrefix="./" /> + + <public + publicId="-//vuxml.org/DTD VuXML 1.0//EN" + uri="vuxml-10.dtd" /> + + <public + publicId="-//vuxml.org//ELEMENTS VuXML 1.0 Document Model//EN" + uri="vuxml-model-10.mod" /> + +</catalog> diff --git a/security/vuxml/files/vuxml.cat b/security/vuxml/files/vuxml.cat new file mode 100644 index 000000000000..e09ccff2cac7 --- /dev/null +++ b/security/vuxml/files/vuxml.cat @@ -0,0 +1,4 @@ +OVERRIDE YES + +PUBLIC "-//vuxml.org//DTD VuXML 1.0//EN" "vuxml-10.dtd" +PUBLIC "-//vuxml.org//ELEMENTS VuXML 1.0 Document Model//EN" "vuxml-model-10.mod" diff --git a/security/vuxml/pkg-descr b/security/vuxml/pkg-descr new file mode 100644 index 000000000000..ee0a0bce86b4 --- /dev/null +++ b/security/vuxml/pkg-descr @@ -0,0 +1,4 @@ +VuXML (the Vulnerability and eXposure Markup Language) is an XML +application for documenting security bugs and corrections within +a software package collection such as the FreeBSD Ports Collection. +This port installs the DTDs required for validating VuXML documents. diff --git a/security/vuxml/pkg-plist b/security/vuxml/pkg-plist new file mode 100644 index 000000000000..c011ca18780c --- /dev/null +++ b/security/vuxml/pkg-plist @@ -0,0 +1,4 @@ +share/xml/dtd/vuxml/catalog.xml +share/xml/dtd/vuxml/vuxml-10.dtd +share/xml/dtd/vuxml/vuxml-model-10.mod +share/xml/dtd/vuxml/vuxml.cat diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml new file mode 100644 index 000000000000..67041da3e9ac --- /dev/null +++ b/security/vuxml/vuln.xml @@ -0,0 +1,481 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!-- +Copyright 2003, 2004 Jacques Vidrine and contributors + +Redistribution and use in source (VuXML) and 'compiled' forms (SGML, +HTML, PDF, PostScript, RTF and so forth) with or without modification, +are permitted provided that the following conditions are met: +1. Redistributions of source code (VuXML) must retain the above + copyright notice, this list of conditions and the following + disclaimer as the first lines of this file unmodified. +2. Redistributions in compiled form (transformed to other DTDs, + published online in any format, converted to PDF, PostScript, + RTF and other formats) must reproduce the above copyright + notice, this list of conditions and the following disclaimer + in the documentation and/or other materials provided with the + distribution. + +THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS +BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT +OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +--> +<!DOCTYPE vuxml PUBLIC "-//vuxml.org//DTD VuXML 1.0//EN" + "http://www.vuxml.org/dtd/vuxml-1/vuxml-10.dtd"> +<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + + <vuln vid="67c05283-5d62-11d8-80e3-0020ed76ef5a"> + <topic>Buffer overflow in Mutt 1.4</topic> + <affects> + <package> + <name>mutt</name> + <name>ja-mutt</name> + <range><ge>1.4</ge><lt>1.4.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Mutt 1.4 contains a buffer overflow that could be exploited + with a specially formed message, causing Mutt to crash or + possibly execute arbitrary code.</p> + </body> + </description> + <references> + <cvename>CAN-2004-0078</cvename> + <url>http://www.mutt.org/news.html</url> + </references> + <dates> + <discovery>2004/02/11</discovery> + <entry>2004/02/12</entry> + </dates> + </vuln> + + <vuln vid="7557a2b1-5d63-11d8-80e3-0020ed76ef5a"> + <topic>Apache-SSL optional client certificate vulnerability</topic> + <affects> + <package> + <name>apache+ssl</name> + <range><lt>1.3.29.1.53</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>From the Apache-SSL security advisory:</p> + <blockquote> + If configured with SSLVerifyClient set to 1 or 3 (client + certificates optional) and SSLFakeBasicAuth, Apache-SSL + 1.3.28+1.52 and all earlier versions would permit a + client to use real basic authentication to forge a client + certificate. + + All the attacker needed is the "one-line DN" of a valid + user, as used by faked basic auth in Apache-SSL, and the + fixed password ("password" by default). + </blockquote> + </body> + </description> + <references> + <url>http://www.apache-ssl.org/advisory-20040206.txt</url> + </references> + <dates> + <discovery>2004/02/06</discovery> + <entry>2004/02/10</entry> + </dates> + </vuln> + + <vuln vid="96ba2dae-4ab0-11d8-96f2-0020ed76ef5a"> + <topic>L2TP, ISAKMP, and RADIUS parsing vulnerabilities in + tcpdump</topic> + <affects> + <package> + <name>tcpdump</name> + <range><lt>3.8.1_351</lt></range> + </package> + <system> + <name>FreeBSD</name> + <range><lt>5.2.1</lt></range> + </system> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Jonathan Heusser discovered vulnerabilities in tcpdump's + L2TP, ISAKMP, and RADIUS protocol handlers. These + vulnerabilities may be used by an attacker to crash a running + `tcpdump' process.</p> + </body> + </description> + <references> + <cvename>CAN-2003-0989</cvename> + <cvename>CAN-2003-1029</cvename> + <cvename>CAN-2004-0057</cvename> + <url>http://marc.theaimsgroup.com/?l=tcpdump-workers&m=107228187124962&w=2</url> + <url>http://marc.theaimsgroup.com/?l=tcpdump-workers&m=107325073018070&w=2</url> + </references> + <dates> + <discovery>2003-12-24</discovery> + <entry>2004-01-19</entry> + </dates> + </vuln> + + <vuln vid="20be2982-4aae-11d8-96f2-0020ed76ef5a"> + <topic>fsp buffer overflow and directory traversal vulnerabilities</topic> + <affects> + <package> + <name>fspd</name> + <range><gt>0</gt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The <a href="http://www.debian.org/security">Debian + security team</a> reported a pair of vulnerabilities in + fsp:</p> + <blockquote cite="http://www.debian.org/security/2004/dsa-416"> + <p>A vulnerability was discovered in fsp, client utilities + for File Service Protocol (FSP), whereby a remote user could + both escape from the FSP root directory (CAN-2003-1022), and + also overflow a fixed-length buffer to execute arbitrary + code (CAN-2004-0011).</p> + </blockquote> + </body> + </description> + <references> + <cvename>CAN-2003-1022</cvename> + <cvename>CAN-2004-0011</cvename> + <url>http://www.debian.org/security/2004/dsa-416</url> + </references> + <dates> + <discovery>2004-01-06</discovery> + <entry>2004-01-19</entry> + </dates> + </vuln> + + <vuln vid="fd376b8b-41e1-11d8-b096-0020ed76ef5a"> + <topic>Buffer overflow in INN control message handling</topic> + <affects> + <package> + <name>inn</name> + <range><lt>2.4.1</lt></range> + </package> + <package> + <name>inn-stable</name> + <range><lt>20031022_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>A small, fixed-size stack buffer is used to construct a + filename based on a received control message. This could + result in a stack buffer overflow.</p> + </body> + </description> + <references> + <url>http://lists.litech.org/pipermail/inn-workers/2004q1/002763.html</url> + </references> + <dates> + <discovery>2004-01-07</discovery> + <entry>2004-01-08</entry> + </dates> + </vuln> + + <vuln vid="cf0fb426-3f96-11d8-b096-0020ed76ef5a"> + <topic>ProFTPD ASCII translation bug resulting in remote root + compromise</topic> + <affects> + <package> + <name>proftpd</name> + <range><lt>1.2.8_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>A buffer overflow exists in the ProFTPD code that handles + translation of newline characters during ASCII-mode file + uploads. An attacker may exploit this buffer overflow by + uploading a specially crafted file, resulting in code + execution and ultimately a remote root compromise.</p> + </body> + </description> + <references> + <url>http://xforce.iss.net/xforce/alerts/id/154</url> + <cvename>CAN-2003-0831</cvename> + </references> + <dates> + <discovery>2003-09-23</discovery> + <entry>2004-01-05</entry> + </dates> + </vuln> + <vuln vid="f04cc5cb-2d0b-11d8-beaf-000a95c4d922"> + <topic>bind8 negative cache poison attack</topic> + <affects> + <package> + <name>bind</name> + <range><ge>8.3</ge><lt>8.3.7</lt></range> + <range><ge>8.4</ge><lt>8.4.3</lt></range> + </package> + <system> + <name>FreeBSD</name> + <range><ge>5.1</ge><lt>5.1p11</lt></range> + <range><ge>5.0</ge><lt>5.0p19</lt></range> + <range><ge>4.9</ge><lt>4.9p1</lt></range> + <range><ge>4.8</ge><lt>4.8p14</lt></range> + <range><ge>4.7</ge><lt>4.7p24</lt></range> + <range><ge>4.6</ge><lt>4.6.2p27</lt></range> + <range><ge>4.5</ge><lt>4.5p37</lt></range> + <range><lt>4.4p47</lt></range> + </system> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>A programming error in BIND 8 named can result in a DNS + message being incorrectly cached as a negative response. As + a result, an attacker may arrange for malicious DNS messages + to be delivered to a target name server, and cause that name + server to cache a negative response for some target domain + name. The name server would thereafter respond negatively + to legitimate queries for that domain name, resulting in a + denial-of-service for applications that require DNS.</p> + </body> + </description> + <references> + <cvename>CAN-2003-0914</cvename> + <freebsdsa>SA-03:19</freebsdsa> + <certvu>734644</certvu> + </references> + <dates> + <discovery>2003-11-28</discovery> + <entry>2003-12-12</entry> + </dates> + </vuln> + + <vuln vid="81313647-2d03-11d8-9355-0020ed76ef5a"> + <topic>ElGamal sign+encrypt keys created by GnuPG can be + compromised</topic> + <affects> + <package> + <name>gnupg</name> + <range><ge>1.0.2</ge><lt>1.2.3_4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Any ElGamal sign+encrypt keys created by GnuPG contain a + cryptographic weakness that may allow someone to obtain + the private key. <strong>These keys should be considered + unusable and should be revoked.</strong></p> + <p>The following summary was written by Werner Koch, GnuPG + author:</p> + <blockquote cite="http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html"> + <p>Phong Nguyen identified a severe bug in the way GnuPG + creates and uses ElGamal keys for signing. This is + a significant security failure which can lead to a + compromise of almost all ElGamal keys used for signing. + Note that this is a real world vulnerability which will + reveal your private key within a few seconds.</p> + <p>...</p> + <p>Please <em>take immediate action and revoke your ElGamal + signing keys</em>. Furthermore you should take whatever + measures necessary to limit the damage done for signed or + encrypted documents using that key.</p> + <p>Note that the standard keys as generated by GnuPG (DSA + and ElGamal encryption) as well as RSA keys are NOT + vulnerable. Note also that ElGamal signing keys cannot + be generated without the use of a special flag to enable + hidden options and even then overriding a warning message + about this key type. See below for details on how to + identify vulnerable keys.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CAN-2003-0971</cvename> + <url>http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html</url> + </references> + <dates> + <discovery>2003-11-27</discovery> + <entry>2003-12-12</entry> + </dates> + </vuln> + + <vuln vid="96fdbf5b-2cfd-11d8-9355-0020ed76ef5a"> + <topic>Mathopd buffer overflow</topic> + <affects> + <package> + <name>mathopd</name> + <range><lt>1.4p2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Mathopd contains a buffer overflow in the prepare_reply() + function that may be remotely exploitable.</p> + </body> + </description> + <references> + <url>http://www.mail-archive.com/mathopd%40mathopd.org/msg00136.html</url> + </references> + <dates> + <discovery>2003-12-04</discovery> + <entry>2003-12-12</entry> + </dates> + </vuln> + + <vuln vid="d7af61c8-2cc0-11d8-9355-0020ed76ef5a"> + <topic>lftp HTML parsing vulnerability</topic> + <affects> + <package> + <name>lftp</name> + <range><le>2.6.10</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>A buffer overflow exists in lftp which may be triggered when + requesting a directory listing from a malicious server over + HTTP.</p> + </body> + </description> + <references> + <cvename>CAN-2003-0963</cvename> + <url>http://lftp.yar.ru/news.html#2.6.10</url> + </references> + <dates> + <discovery>2003-12-11</discovery> + <entry>2003-12-12</entry> + </dates> + </vuln> + + <vuln vid="af0296be-2455-11d8-82e5-0020ed76ef5a"> + <topic>Fetchmail address parsing vulnerability</topic> + <affects> + <package> + <name>fetchmail</name> + <range><le>6.2.0</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Fetchmail can be crashed by a malicious email message.</p> + </body> + </description> + <references> + <url>http://security.e-matters.de/advisories/052002.html</url> + </references> + <dates> + <discovery>2003-10-25</discovery> + <entry>2003-10-25</entry> + </dates> + </vuln> + + <vuln vid="2bcd2d24-24ca-11d8-82e5-0020ed76ef5a"> + <topic>Buffer overflow in pam_smb password handling</topic> + <affects> + <package> + <name>pam_smb</name> + <range><lt>1.9.9_3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Applications utilizing pam_smb can be compromised by + any user who can enter a password. In many cases, + this is a remote root compromise.</p> + </body> + </description> + <references> + <url>http://www.skynet.ie/~airlied/pam_smb/</url> + <cvename>CAN-2003-0686</cvename> + </references> + <dates> + <discovery>2003-10-25</discovery> + <entry>2003-10-25</entry> + <modified>2003-10-25</modified> + </dates> + </vuln> + + <vuln vid="c4b7badf-24ca-11d8-82e5-0020ed76ef5a"> + <topic>Buffer overflows in libmcrypt</topic> + <affects> + <package> + <name>libmcrypt</name> + <range><lt>2.5.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>libmcrypt does incomplete input validation, leading to + several buffer overflow vuxml. Additionally, + a memory leak is present. Both of these problems may be + exploited in a denial-of-service attack.</p> + </body> + </description> + <references> + <url>http://seclists.org/lists/bugtraq/2003/Jan/0022.html</url> + <cvename>CAN-2003-0031</cvename> + <cvename>CAN-2003-0032</cvename> + </references> + <dates> + <discovery>2003-10-25</discovery> + <entry>2003-10-25</entry> + <modified>2003-10-25</modified> + </dates> + </vuln> + + <vuln vid="ebdf65c7-2ca6-11d8-9355-0020ed76ef5a"> + <topic>qpopper format string vulnerability</topic> + <affects> + <package> + <name>qpopper</name> + <range><lt>2.53_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>An authenticated user may trigger a format string + vulnerability present in qpopper's UIDL code, resulting + in arbitrary code execution with group ID `mail' + privileges.</p> + </body> + </description> + <references> + <bid>1241</bid> + <cvename>CVE-2000-0442</cvename> + <url>http://www.netsys.com/suse-linux-security/2000-May/att-0137/01-b0f5-Qpopper.txt</url> + </references> + <dates> + <discovery>2000-05-23</discovery> + <entry>2003-12-12</entry> + </dates> + </vuln> + + <vuln vid="42c50e16-5ce8-11d8-80e3-0020ed76ef5a"> + <topic>Vulnerable test port</topic> + <affects> + <package> + <name>vulnerability-test-port</name> + <range><lt>2004.02.12</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>This is a test entry.</p> + </body> + </description> + <references> + <url>http://cvsweb.freebsd.org/ports/security/vulnerability-test-port/</url> + </references> + <dates> + <discovery>2004-02-12</discovery> + <entry>2004-02-12</entry> + </dates> + </vuln> + +</vuxml> |