Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2012-08-01 Apache -- Insecure LD_LIBRARY_PATH handling
2012-01-31 apache -- multiple vulnerabilities
2011-11-14 Apache 1.3 -- mod_proxy reverse proxy exposure
2011-08-30 apache -- Range header DoS vulnerability
2010-07-26 apache -- Remote DoS bug in mod_cache and mod_dav
2010-02-03 apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long)
2009-08-25 apache22 -- several vulnerabilities
2009-06-08 apr -- multiple vulnerabilities
2009-03-11 apache -- Cross-site scripting vulnerability
2008-06-24 apache -- multiple vulnerabilities
2007-09-11 apache -- multiple vulnerabilities
2006-07-28 apache -- mod_rewrite buffer overflow vulnerability
2006-01-01 apache -- mod_imap cross-site scripting flaw
2005-09-17 apache -- Certificate Revocation List (CRL) off-by-one vulnerability
2005-07-26 apache -- http request smuggling
2004-11-10 apache2 multiple space header denial-of-service vulnerability
2004-11-06 apache mod_include buffer overflow vulnerability
2004-10-21 apache2 -- SSL remote DoS
2004-09-19 apache -- heap overflow in mod_proxy
2004-09-15 apache -- ap_resolve_env buffer overflow
apache -- apr_uri_parse IPv6 address handling vulnerability
mod_dav -- lock related denial-of-service
2004-03-08 Apache 1.3 IP address access control failure on some 64-bit platforms
Apache 2 mod_ssl denial-of-service