Displaying 20 results from an estimated 230 matches for "cvenam".
Did you mean:
cvename
2007 Jan 10
1
Recent vulnerabilities in xorg-server
Colin, good day!
Spotted two patches for x11-servers/xorg-server port: see entries for
x11r6.9.0-dbe-render.diff and x11r6.9.0-cidfonts.diff at
http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html
Seems like they are not applied to the xorg-server-6.9.0_5. May be
it should be added to the VuXML document?
There is a ports/107733 issue that incorporates these patches. May
be you
2005 May 15
1
About the vulnerabilities in tcpdump and gzip.
...ince none of them are operating system related, I
assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for
the HTT security issue so I wonder, is the FreeBSD version of tcpdump
and/or gzip are secured or simply forgotten/ignored?
tcpdump references:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1279
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1280
gzip references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228
Best regards,
Jespe...
2016 Dec 03
2
CVE-2016-8652 in dovecot
...t; Are you sure about the CVE number? According to Debian [1 [1]] and
> mitre [2 [2]], it's
> for SIEMENS something, not Dovecot.
>
> best regards,
> Jonas Wielicki
>
> [1]: https://security-tracker.debian.org/tracker/CVE-2016-8562
> [2]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-856
> 2
Ups, sent wrong number, correct is CVE-2016-8652.
That is the same number, no?
No, read it again. the wrong and pasted copie are 8 5 62, his revised is
8 6 52
--
Kind Regard,
Noel Butler
This Email, including any attachments, may contain legally privilege...
2016 Dec 03
2
CVE-2016-8652 in dovecot
...> mitre [2 [2]], it's
> > > for SIEMENS something, not Dovecot.
> > >
> > > best regards,
> > > Jonas Wielicki
> > >
> > > [1]: https://security-tracker.debian.org/tracker/CVE-2016-8562
> > > [2]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-856
> > > 2
> >
> > Ups, sent wrong number, correct is CVE-2016-8652.
> > That is the same number, no?
> >
> > No, read it again. the wrong and pasted copie are 8 5 62, his revised
> > is
> > 8 6 52
>
> Ah, thank you....
2007 Aug 30
1
CVE-2007-4091
hi all,
i haven't seen any discussion here of this issue, nor do i see
any obviously related (open) bugs in bugzilla. It's not
clear to me from the CVE how important this issue is or isn't,
but i'm a bit concerned.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4091
thanks as always to wayne & the other contributors for great
software.
danno
--
Dan Pritts, System Administrator
Internet2
office: +1-734-352-4953 | mobile: +1-734-834-7224
Internet2 R&E Network Members
Community,...
2013 Feb 13
0
Announce: Puppet Dashboard 1.2.22 Available [ security release ]
...f Puppet Dashboard, but by default Puppet Dashboard does
not interact with them in a way that exposes it to these
vulnerabilities. Nevertheless, this release of Puppet Dashboard
addresses these CVEs as well.
Detailed information on the CVEs can be found at these URLs:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
Downloads
========
RPM packages for are available at https://yum.puppetlabs.com/el or /fedora...
2012 Sep 20
1
AIX 5.8p1?
Good Morning,
We just performed some security scanning on one of our AIX systems and these vulnerabilities was returned:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000
We are currently running: 5.8.0.6101
The latest on IBMs Website<https://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=aixbp&lang=en_US&S_PKG=openssh&cp=UTF-8> is 5.8p1 (5.8.0.62...
2007 Mar 29
2
Integer underflow in the "file" program before 4.20
Hello
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
"Integer underflow in the file_printf function in the "file" program
before 4.20 allows user-assisted attackers to execute arbitrary code via
a file that triggers a heap-based buffer overflow."
Is FreeBSD 5.x/6.x affected too? It looks the System has fil...
2006 Sep 19
0
FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
...1.9.10.1
src/gnu/usr.bin/gzip/unlzh.c 1.5.36.1
src/gnu/usr.bin/gzip/unpack.c 1.6.36.1
- -------------------------------------------------------------------------
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
The latest revision of this adviso...
2006 Sep 19
0
FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
...1.9.10.1
src/gnu/usr.bin/gzip/unlzh.c 1.5.36.1
src/gnu/usr.bin/gzip/unpack.c 1.6.36.1
- -------------------------------------------------------------------------
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
The latest revision of this adviso...
2006 Sep 19
0
FreeBSD Security Advisory FreeBSD-SA-06:21.gzip
...1.9.10.1
src/gnu/usr.bin/gzip/unlzh.c 1.5.36.1
src/gnu/usr.bin/gzip/unpack.c 1.6.36.1
- -------------------------------------------------------------------------
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
The latest revision of this adviso...
2016 Dec 02
2
CVE-2016-8652 in dovecot
...2016-8562)
> Are you sure about the CVE number? According to Debian [1] and mitre [2], it?s
> for SIEMENS something, not Dovecot.
>
> best regards,
> Jonas Wielicki
>
> [1]: https://security-tracker.debian.org/tracker/CVE-2016-8562
> [2]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8562
Ups, sent wrong number, correct is CVE-2016-8652.
Aki
2005 Jun 09
0
FreeBSD Security Advisory FreeBSD-SA-05:10.tcpdump
...1.12.4.1
src/contrib/tcpdump/print-ldp.c 1.1.1.1.4.1
src/contrib/tcpdump/print-rsvp.c 1.1.1.1.4.1
- -------------------------------------------------------------------------
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280
http://marc.theaimsgroup.com/?l=bugtraq&m=111454406222040
http://marc.theaimsgroup.com/?l=b...
2005 Jun 09
0
FreeBSD Security Advisory FreeBSD-SA-05:10.tcpdump
...1.12.4.1
src/contrib/tcpdump/print-ldp.c 1.1.1.1.4.1
src/contrib/tcpdump/print-rsvp.c 1.1.1.1.4.1
- -------------------------------------------------------------------------
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280
http://marc.theaimsgroup.com/?l=bugtraq&m=111454406222040
http://marc.theaimsgroup.com/?l=b...
2003 Apr 07
0
FreeBSD Security Notice FreeBSD-SN-03:01
...s user gaining root access on a Samba
serving system. All versions of Samba up to and including Samba 2.2.8
are vulnerable. Alpha versions of Samba 3.0 and above are *NOT*
vulnerable.''
<URL: http://us1.samba.org/samba/whatsnew/samba-2.2.8.html >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0085 >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0086 >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0196 >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0201 >
+-----------------------------------------------...
2003 Apr 07
0
FreeBSD Security Notice FreeBSD-SN-03:01
...s user gaining root access on a Samba
serving system. All versions of Samba up to and including Samba 2.2.8
are vulnerable. Alpha versions of Samba 3.0 and above are *NOT*
vulnerable.''
<URL: http://us1.samba.org/samba/whatsnew/samba-2.2.8.html >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0085 >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0086 >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0196 >
<URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0201 >
+-----------------------------------------------...
2002 May 13
0
FreeBSD Security Notice FreeBSD-SN-02:02
...Fixed
Directory traversal vulnerability.
Remote attackers may cause a denial of service via a URL that ends in
. (dot), / (forward slash), or \ (backward slash).
Buffer overflows may allow remote attackers to execute arbitrary code or
cause a denial of service.
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0784>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1083>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1229>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1230>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=C...
2002 Jul 30
1
OpenSSL Security Advisory [30 July 2002]
...l the patches are applied.
Known Exploits
--------------
There are no know exploits available for these vulnerabilities. As
noted above, Neohapsis have demonstrated internally that an exploit is
possible, but have not released the exploit code.
References
----------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0657
Acknowledgements
----------------
The project leading to this advisory is sponsored by the Defense
Advanced Research Projects Agency (DARPA) and Air Forc...
2007 Apr 17
0
VuXML entry for CVE-2007-1870: ClamAV CAB File Unstore Buffer Overflow
...is that the ChangeLog for the ClamAV
(http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog) says about
CVE-2007-1997 as the libclamav/cab.c log entry, but I think they are
messed the numbers -- there is no such CVE, at least I failed to
find it via cve.mitre.org:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997
But the CVE-2007-1870 is a candidate and has no relevant information,
so I am not 100% sure about the correct number.
--
Eygene
-------------- next part --------------
<vuln vid="unknown">
<topic>clamav -- CAB File Unstore Buffer Overflow Vulnera...
2004 Feb 05
2
Status Check: CVE CAN-2004-0002
Hi,
Just want to ask about the status of this:-
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0002
>From list archives I gather the fix is still under refinement (but
committed (and removed?) in HEAD and RELENG_5_2).
One paranoid little shop is running a public web server on RELENG_4_9, and
contemplating this patch:-
http://marc.theaimsgroup.com/?l=freebsd-cvs-all&a...