This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
77c14729-dc5e-11de-92ae-02e0184b8d35 | libtool -- Library Search Path Privilege Escalation Issue Secunia.com
Discovery 2009-11-25 Entry 2009-11-28 Modified 2010-05-02 libtool < 2.2.6b CVE-2009-3736 http://secunia.com/advisories/37414/ http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html |
cacaffbc-5e64-11d8-80e3-0020ed76ef5a | GNU libtool insecure temporary file handling libtool attempts to create a temporary directory in which to write scratch files needed during processing. A malicious user may create a symlink and then manipulate the directory so as to write to files to which she normally has no permissions. This has been reported as a ``symlink vulnerability'', although I do not think that is an accurate description. This vulnerability could possibly be used on a multi-user system to gain elevated privileges, e.g. root builds some packages, and another user successfully exploits this vulnerability to write to a system file. Discovery 2004-01-30 Entry 2004-02-13 libtool >= 1.3 lt 1.3.5_2 >= 1.4 lt 1.4.3_3 >= 1.5 lt 1.5.2 http://www.geocrawler.com/mail/msg.php3?msg_id=3438808&list=405 http://www.securityfocus.com/archive/1/352333 |