FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 05:42:14 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
915855ad-283d-4597-b01e-e0bf611db78blibspf2 -- Integer Underflow Remote Code Execution

Trendmicro ZDI reports:

Integer Underflow Remote Code Execution Vulnerability

The specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the service account.


Discovery 2022-06-06
Entry 2023-10-04
libspf2
<= 1.2.11

CVE-2023-42118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42118
2ddbfd29-a455-11dd-a55e-00163e000016libspf2 -- Buffer overflow

CVE reports:

Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.


Discovery 2008-10-21
Entry 2008-10-27
libspf2
< 1.2.8

31881
CVE-2008-2469