Project

General

Profile

Actions
Copy link

Bug #13578

closed

FreeBSD Vulnerabilities

Added by Adam Esslinger over 1 year ago. Updated over 1 year ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
FreeBSD
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:
amd64

Description

Im running a Nessuss scan against my pfsense+ firewall version pfsense+ 22.05-RELEASE (amd64) and it reports that FreeBSD has the following vulnerabilities:

1. FreeBSD : cURL -- Multiple vulnerabilities (ae5722a6-f5f0-11ec-856e-d4c9ef517024)
http://www.nessus.org/u?90626522
Affected version(s) : >= 7.16.4 < 7.84.0
Score 9.8

2. FreeBSD : expat -- Heap use-after-free vulnerability (0a0670a1-3e1a-11ed-b48b-e0d55e2a8bf9)
http://www.nessus.org/u?26d58c0b
Affected version(s) : < 2.4.9
Score 9.8

3. FreeBSD : dnsmasq -- heap use-after-free in dhcp6_no_relay (3f321a5a-b33b-11ec-80c2-1bb2c6a00592)
http://www.nessus.org/u?e7e361fd
http://www.nessus.org/u?2a4e838c
Affected version(s) : < 2.86_4,1
Score 7.5

4. FreeBSD : Python -- multiple vulnerabilities (80e057e7-2f0a-11ed-978f-fcaa147e860e)
http://www.nessus.org/u?c16cc88f
http://www.nessus.org/u?88a8f7bb
Affected version(s) : < 3.8.14
Score 7.5

5. FreeBSD : strongswan -- DOS attack vulnerability (0ae56f3e-488c-11ed-bb31-b42e99a1b9c3)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-40617
http://www.nessus.org/u?4d4a88a5
Affected version(s) : < 5.9.8
Score 7.5

6. FreeBSD : unbound -- Non-Responsive Delegation Attack (5a1c2e06-3fb7-11ed-a402-b42e991fc52e)
https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
http://www.nessus.org/u?a840c4ec
Affected version(s) : < 1.16.2
Score 7.5

7. FreeBSD : Unbound -- Multiple vulnerabilities (bc43a578-14ec-11ed-856e-d4c9ef517024)
https://www.nlnetlabs.nl/projects/unbound/security-advisories/
http://www.nessus.org/u?146dd999
Affected version(s) : < 1.16.2
Score 6.5

Actions
Copy link
 #1

Updated by Jim Pingle over 1 year ago

  • Status changed from New to Rejected

We run our own scans and deal with such things internally, we do not need outside input in this area.

Actions
Copy link

Also available in: Atom PDF