FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-27 12:04:33 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
36858e78-3963-11e4-ad84-000c29f6ae42security/ossec-hids-* -- root escalation via temp files

OSSEC reports:

This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just process id.


Discovery 2014-09-09
Entry 2014-09-11
ossec-hids-server
ossec-hids-client
ossec-hids-local
< 2.8.1

CVE-2014-5284
http://www.ossec.net/?p=1135
c470db07-1098-11e5-b6a8-002590263bf5security/ossec-hids-* -- root escalation via syscheck feature

OSSEC reports:

The CVE-2015-3222 vulnerability, which allows for root escalation via sys check has been fixed in OSSEC 2.8.2. This issue does not affect agents.


Discovery 2015-06-11
Entry 2015-06-12
ossec-hids-server
ossec-hids-client
ossec-hids-local
>= 2.7 lt 2.8.2

CVE-2015-3222
ports/200801
http://www.ossec.net/?p=1198
https://github.com/ossec/ossec-hids/releases/tag/2.8.2