FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8fbd4187-0f18-11e5-b6a8-002590263bf5pgbouncer -- remote denial of service

PgBouncer reports:

Fix remote crash - invalid packet order causes lookup of NULL pointer. Not exploitable, just DoS.


Discovery 2015-04-08
Entry 2015-06-10
Modified 2015-09-28
pgbouncer
< 1.5.5

CVE-2015-4054
https://pgbouncer.github.io/2015/04/pgbouncer-1-5-5/
http://www.openwall.com/lists/oss-security/2015/05/21/2
ports/200507
d76961da-56f6-11e5-934b-002590263bf5pgbouncer -- failed auth_query lookup leads to connection as auth_user

PgBouncer reports:

New auth_user functionality introduced in 1.6 allows login as auth_user when client presents unknown username. It's quite likely auth_user is superuser. Affects only setups that have enabled auth_user in their config.


Discovery 2015-09-03
Entry 2015-09-09
pgbouncer
= 1.6.0

CVE-2015-6817
https://pgbouncer.github.io/2015/09/pgbouncer-1-6-1/
https://github.com/pgbouncer/pgbouncer/issues/69
http://www.openwall.com/lists/oss-security/2015/09/04/3