svn commit: r310216 - head/security/vuxml
Ryan Steinmetz
zi at FreeBSD.org
Fri Jan 11 01:16:15 UTC 2013
Author: zi
Date: Fri Jan 11 01:16:14 2013
New Revision: 310216
URL: http://svnweb.freebsd.org/changeset/ports/310216
Log:
- Document vulnerability in net-mgmt/nagios (CVE-2012-6096)
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Fri Jan 11 01:14:52 2013 (r310215)
+++ head/security/vuxml/vuln.xml Fri Jan 11 01:16:14 2013 (r310216)
@@ -51,6 +51,34 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="97c22a94-5b8b-11e2-b131-000c299b62e1">
+ <topic>nagios -- buffer overflow in history.cgi</topic>
+ <affects>
+ <package>
+ <name>nagios</name>
+ <range><lt>3.4.3_1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>full disclosure reports:</p>
+ <blockquote cite="http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html">
+ <p>history.cgi is vulnerable to a buffer overflow due to the use of
+ sprintf with user supplied data that has not been restricted in size.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2012-6096</cvename>
+ <url>http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html</url>
+ <url>http://nagios.svn.sourceforge.net/viewvc/nagios?view=revision&revision=2547</url>
+ </references>
+ <dates>
+ <discovery>2013-01-10</discovery>
+ <entry>2013-01-10</entry>
+ </dates>
+ </vuln>
+
<vuln vid="46bd747b-5b84-11e2-b06d-00262d5ed8ee">
<topic>chromium -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list