FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-01 08:25:03 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f8b0f83c-8bb3-11dc-bffa-0016179b2dd5	gftp -- multiple vulnerabilities Gentoo reports: Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names. A remote attacker could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name, possibly resulting in the execution of arbitrary code or a Denial of Service. Discovery 2007-11-01 Entry 2007-11-05 Modified 2007-11-11 gftp < 2.0.18_6 CVE-2007-3961 CVE-2007-3962 http://www.gentoo.org/security/en/glsa/glsa-200711-01.xml
2d8cf857-81ea-11d9-a9e7-0001020eed82	gftp -- directory traversal vulnerability A Debian Security Advisory reports: Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client (CAN-2004-1376) which is also present in gftp, a GTK+ FTP client. A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client. Discovery 2005-02-04 Entry 2005-02-18 gftp < 2.0.18 12539 CVE-2005-0372 http://www.debian.org/security/2005/dsa-686 http://www.gftp.org/changelog.html

VuXML ID

Description

f8b0f83c-8bb3-11dc-bffa-0016179b2dd5

gftp -- multiple vulnerabilities

Gentoo reports:

Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names.

A remote attacker could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name, possibly resulting in the execution of arbitrary code or a Denial of Service.

Discovery 2007-11-01
Entry 2007-11-05
Modified 2007-11-11
gftp

< 2.0.18_6

CVE-2007-3961
CVE-2007-3962
http://www.gentoo.org/security/en/glsa/glsa-200711-01.xml

2d8cf857-81ea-11d9-a9e7-0001020eed82

gftp -- directory traversal vulnerability

A Debian Security Advisory reports:

Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client (CAN-2004-1376) which is also present in gftp, a GTK+ FTP client. A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client.

Discovery 2005-02-04
Entry 2005-02-18
gftp

< 2.0.18

12539
CVE-2005-0372
http://www.debian.org/security/2005/dsa-686
http://www.gftp.org/changelog.html