mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-18 08:02:48 +00:00
e14ed8232d
modify tidy.xsl to make it generates manually the xml declaration xsl is not able to generate a list of entity otherwise. Remove copyright form included files, they are redudundant anyway and in the end only the vuln.xml file is distribued with entities expanded Rework a bit the entity declaration in order for the document to look great after expansion (as it did before we introduced the expansion mechanism) All validation are now processed direcly on the flattened file. This is based on a patch from mfechner here Submitted by: mfechner Differential Revision: https://reviews.freebsd.org/D28299
252 lines
8.0 KiB
XML
252 lines
8.0 KiB
XML
<vuln vid="81313647-2d03-11d8-9355-0020ed76ef5a">
|
|
<topic>ElGamal sign+encrypt keys created by GnuPG can be compromised</topic>
|
|
<affects>
|
|
<package>
|
|
<name>gnupg</name>
|
|
<range><ge>1.0.2</ge><lt>1.2.3_4</lt></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>Any ElGamal sign+encrypt keys created by GnuPG contain a
|
|
cryptographic weakness that may allow someone to obtain
|
|
the private key. <strong>These keys should be considered
|
|
unusable and should be revoked.</strong></p>
|
|
<p>The following summary was written by Werner Koch, GnuPG
|
|
author:</p>
|
|
<blockquote cite="http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html">
|
|
<p>Phong Nguyen identified a severe bug in the way GnuPG
|
|
creates and uses ElGamal keys for signing. This is
|
|
a significant security failure which can lead to a
|
|
compromise of almost all ElGamal keys used for signing.
|
|
Note that this is a real world vulnerability which will
|
|
reveal your private key within a few seconds.</p>
|
|
<p>...</p>
|
|
<p>Please <em>take immediate action and revoke your ElGamal
|
|
signing keys</em>. Furthermore you should take whatever
|
|
measures necessary to limit the damage done for signed or
|
|
encrypted documents using that key.</p>
|
|
<p>Note that the standard keys as generated by GnuPG (DSA
|
|
and ElGamal encryption) as well as RSA keys are NOT
|
|
vulnerable. Note also that ElGamal signing keys cannot
|
|
be generated without the use of a special flag to enable
|
|
hidden options and even then overriding a warning message
|
|
about this key type. See below for details on how to
|
|
identify vulnerable keys.</p>
|
|
</blockquote>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<cvename>CVE-2003-0971</cvename>
|
|
<mlist>http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html</mlist>
|
|
</references>
|
|
<dates>
|
|
<discovery>2003-11-27</discovery>
|
|
<entry>2003-12-12</entry>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="f04cc5cb-2d0b-11d8-beaf-000a95c4d922">
|
|
<topic>bind8 negative cache poison attack</topic>
|
|
<affects>
|
|
<package>
|
|
<name>bind</name>
|
|
<range><ge>8.3</ge><lt>8.3.7</lt></range>
|
|
<range><ge>8.4</ge><lt>8.4.3</lt></range>
|
|
</package>
|
|
<package>
|
|
<name>FreeBSD</name>
|
|
<range><ge>5.1</ge><lt>5.1_11</lt></range>
|
|
<range><ge>5.0</ge><lt>5.0_19</lt></range>
|
|
<range><ge>4.9</ge><lt>4.9_1</lt></range>
|
|
<range><ge>4.8</ge><lt>4.8_14</lt></range>
|
|
<range><ge>4.7</ge><lt>4.7_24</lt></range>
|
|
<range><ge>4.6</ge><lt>4.6.2_27</lt></range>
|
|
<range><ge>4.5</ge><lt>4.5_37</lt></range>
|
|
<range><lt>4.4_47</lt></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>A programming error in BIND 8 named can result in a DNS
|
|
message being incorrectly cached as a negative response. As
|
|
a result, an attacker may arrange for malicious DNS messages
|
|
to be delivered to a target name server, and cause that name
|
|
server to cache a negative response for some target domain
|
|
name. The name server would thereafter respond negatively
|
|
to legitimate queries for that domain name, resulting in a
|
|
denial-of-service for applications that require DNS.</p>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<cvename>CVE-2003-0914</cvename>
|
|
<freebsdsa>SA-03:19.bind</freebsdsa>
|
|
<certvu>734644</certvu>
|
|
</references>
|
|
<dates>
|
|
<discovery>2003-11-28</discovery>
|
|
<entry>2003-12-12</entry>
|
|
<modified>2004-05-05</modified>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="96fdbf5b-2cfd-11d8-9355-0020ed76ef5a">
|
|
<topic>Mathopd buffer overflow</topic>
|
|
<affects>
|
|
<package>
|
|
<name>mathopd</name>
|
|
<range><lt>1.4p2</lt></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>Mathopd contains a buffer overflow in the prepare_reply()
|
|
function that may be remotely exploitable.</p>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<url>http://www.mail-archive.com/mathopd%40mathopd.org/msg00136.html</url>
|
|
</references>
|
|
<dates>
|
|
<discovery>2003-12-04</discovery>
|
|
<entry>2003-12-12</entry>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="d7af61c8-2cc0-11d8-9355-0020ed76ef5a">
|
|
<topic>lftp HTML parsing vulnerability</topic>
|
|
<affects>
|
|
<package>
|
|
<name>lftp</name>
|
|
<range><le>2.6.10</le></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>A buffer overflow exists in lftp which may be triggered when
|
|
requesting a directory listing from a malicious server over
|
|
HTTP.</p>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<cvename>CVE-2003-0963</cvename>
|
|
<url>http://lftp.yar.ru/news.html#2.6.10</url>
|
|
</references>
|
|
<dates>
|
|
<discovery>2003-12-11</discovery>
|
|
<entry>2003-12-12</entry>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="ebdf65c7-2ca6-11d8-9355-0020ed76ef5a">
|
|
<topic>qpopper format string vulnerability</topic>
|
|
<affects>
|
|
<package>
|
|
<name>qpopper</name>
|
|
<range><lt>2.53_1</lt></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>An authenticated user may trigger a format string
|
|
vulnerability present in qpopper's UIDL code, resulting
|
|
in arbitrary code execution with group ID `mail'
|
|
privileges.</p>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<bid>1241</bid>
|
|
<cvename>CVE-2000-0442</cvename>
|
|
<url>http://www.netsys.com/suse-linux-security/2000-May/att-0137/01-b0f5-Qpopper.txt</url>
|
|
</references>
|
|
<dates>
|
|
<discovery>2000-05-23</discovery>
|
|
<entry>2003-12-12</entry>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="af0296be-2455-11d8-82e5-0020ed76ef5a">
|
|
<topic>fetchmail -- address parsing vulnerability</topic>
|
|
<affects>
|
|
<package>
|
|
<name>fetchmail</name>
|
|
<range><le>6.2.0</le></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>Fetchmail can be crashed by a malicious email message.</p>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<url>http://security.e-matters.de/advisories/052002.html</url>
|
|
</references>
|
|
<dates>
|
|
<discovery>2003-10-25</discovery>
|
|
<entry>2003-10-25</entry>
|
|
<modified>2012-09-04</modified>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="2bcd2d24-24ca-11d8-82e5-0020ed76ef5a">
|
|
<topic>Buffer overflow in pam_smb password handling</topic>
|
|
<affects>
|
|
<package>
|
|
<name>pam_smb</name>
|
|
<range><lt>1.9.9_3</lt></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>Applications utilizing pam_smb can be compromised by
|
|
any user who can enter a password. In many cases,
|
|
this is a remote root compromise.</p>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<url>http://www.skynet.ie/~airlied/pam_smb/</url>
|
|
<cvename>CVE-2003-0686</cvename>
|
|
</references>
|
|
<dates>
|
|
<discovery>2003-10-25</discovery>
|
|
<entry>2003-10-25</entry>
|
|
<modified>2003-10-25</modified>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="c4b7badf-24ca-11d8-82e5-0020ed76ef5a">
|
|
<topic>Buffer overflows in libmcrypt</topic>
|
|
<affects>
|
|
<package>
|
|
<name>libmcrypt</name>
|
|
<range><lt>2.5.6</lt></range>
|
|
</package>
|
|
</affects>
|
|
<description>
|
|
<body xmlns="http://www.w3.org/1999/xhtml">
|
|
<p>libmcrypt does incomplete input validation, leading to
|
|
several buffer overflows. Additionally,
|
|
a memory leak is present. Both of these problems may be
|
|
exploited in a denial-of-service attack.</p>
|
|
</body>
|
|
</description>
|
|
<references>
|
|
<mlist>http://marc.theaimsgroup.com/?l=bugtraq&m=104162752401212&w=2</mlist>
|
|
<cvename>CVE-2003-0031</cvename>
|
|
<cvename>CVE-2003-0032</cvename>
|
|
</references>
|
|
<dates>
|
|
<discovery>2003-10-25</discovery>
|
|
<entry>2003-10-25</entry>
|
|
<modified>2003-10-25</modified>
|
|
</dates>
|
|
</vuln>
|
|
|
|
<vuln vid="6fd9a1e9-efd3-11d8-9837-000c41e2cdad">
|
|
<cancelled/>
|
|
</vuln>
|
|
|
|
<vuln vid="3362f2c1-8344-11d8-a41f-0020ed76ef5a">
|
|
<cancelled/>
|
|
</vuln>
|