[Secure-testing-commits] r84 - in sarge-checks: CAN DSA

Joey Hess joeyh@haydn.debian.org
Fri, 05 Nov 2004 14:18:10 -0700 

Author: joeyh
Date: 2004-11-05 14:17:54 -0700 (Fri, 05 Nov 2004)
New Revision: 84

Modified:
   sarge-checks/CAN/list
   sarge-checks/DSA/list
Log:
processed rest of my block fo CANs


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2004-11-05 17:13:36 UTC (rev 83)
+++ sarge-checks/CAN/list	2004-11-05 21:17:54 UTC (rev 84)
@@ -2415,6 +2415,7 @@
 CAN-2003-0849
 CAN-2003-0848
 	NOTE: covered by DSA-428
+	- slocate 2.7-3
 CAN-2003-0847
 CAN-2003-0846
 CAN-2003-0845
@@ -3305,8 +3306,6 @@
 
 end claimed by stef-guest
 
-begin claimed by joeyh
-
 CAN-2003-0399
 	NOTE: not-for-us (Vignette StoryServer)
 CAN-2003-0398
@@ -3331,8 +3330,7 @@
 	NOTE: not-for-us (RSA ACE/Agent)
 CAN-2003-0388
 	NOTE: pam is not vulnerable in default confuguration
-	NOTE: mailed maintainer to see if it's fixed
-	TODO: followup
+	NOTE: pam is not vulnerable at all in sarge, according to maintainer
 CAN-2003-0387
 	NOTE: reserved
 CAN-2003-0386
@@ -3447,17 +3445,21 @@
 CAN-2003-0331
 	NOTE: not-for-us (ttForum)
 CAN-2003-0330
-	TODO: check
+	NOTE: maelstrom in sarge tests not vulnerable to exploit. Unsure when fixed.
 CAN-2003-0329
-	TODO: check
+	NOTE: not-for-us (CesarFTP)
 CAN-2003-0328
 	NOTE: covered by DSA-306
 CAN-2003-0327
-	TODO: check
+	NOTE: not-for-us (Sybase Adaptive Server Enterprise)
 CAN-2003-0326
-	TODO: check
+	NOTE: bug does exist in slocate.
+	NOTE: only impacts security if kernel has been recompiled to allow
+	NOTE: an absurd 536870912 bytes of command line arguments. This is
+	NOTE: very unlikely, and if you do exploit it, you get only slocate
+	NOTE: gid.
 CAN-2003-0325
-	TODO: check
+	NOTE: maelstrom in sarge tests not vulnerable to exploit. Unsure when fixed.
 CAN-2003-0324
 	NOTE: covered by DSA-287
 CAN-2003-0323
@@ -3467,86 +3469,88 @@
 CAN-2003-0320
 	NOTE: covered by DSA-306
 CAN-2003-0320
-	TODO: check
+	NOTE: not-for-us (ttCMS)
 CAN-2003-0319
-	TODO: check
+	NOTE: not-for-us (SmartMax MailMax)
 CAN-2003-0318
-	TODO: check
+	NOTE: not-for-us (PHP-Nuke)
 CAN-2003-0317
-	TODO: check
+	NOTE: not-for-us (iisPROTECT)
 CAN-2003-0316
-	TODO: check
+	NOTE: not-for-us (Venturi Client)
 CAN-2003-0315
-	TODO: check
+	NOTE: not-for-us (Snowblind Web Server)
 CAN-2003-0314
-	TODO: check
+	NOTE: not-for-us (Snowblind Web Server)
 CAN-2003-0313
-	TODO: check
+	NOTE: not-for-us (Snowblind Web Server)
 CAN-2003-0312
-	TODO: check
+	NOTE: not-for-us (Snowblind Web Server)
 CAN-2003-0311
 	NOTE: reserved
 CAN-2003-0310
-	TODO: check
+	NOTE: author apparently fixed hole by time vuln was reported,
+	NOTE: and I guess that fix made it into new upstream versions,
+	NOTE: but I did not check in detail
 CAN-2003-0309
-	TODO: check
+	NOTE: not-for-us (MSIE)
 CAN-2003-0308
 	NOTE: covered by DSA-305
 CAN-2003-0307
-	TODO: check
+	NOTE: not-for-us (Poster version.two)
 CAN-2003-0306
-	TODO: check
+	NOTE: not-for-us (Windows)
 CAN-2003-0305
-	TODO: check
+	NOTE: not-for-us (Cisco)
 CAN-2003-0304
-	TODO: check
+	NOTE: not-for-us (one||zero (aka One or Zero) Helpdesk)
 CAN-2003-0303
-	TODO: check
+	NOTE: not-for-us (one||zero (aka One or Zero) Helpdesk)
 CAN-2003-0302
-	TODO: check
+	NOTE: not-for-us (Eudora)
 CAN-2003-0301
-	TODO: check
+	NOTE: not-for-us (Microsort)
 CAN-2003-0300
-	TODO: check
-
-end claimed by joeyh
-	
+	NOTE: sylpheed and sylpheed-claws might still be vulnerable
+	NOTE: but it's only a crasher
 CAN-2003-0299
-	TODO: check
+	NOTE: mutt and balse might still be vulnerable
+	NOTE: but it's only a crasher
 CAN-2003-0298
-	TODO: check
+	- mozilla 1.4b
 CAN-2003-0297
-	TODO: check
+	- uw-imap 7:2002c
+	NOTE: did not check pine
 CAN-2003-0296
-	TODO: check
+	- evolution 1.3.2
 CAN-2003-0295
-	TODO: check
+	NOTE: not-for-us (vBulletin)
 CAN-2003-0294
-	TODO: check
+	NOTE: not-for-us (php-proxima)
 CAN-2003-0293
-	TODO: check
+	NOTE: not-for-us (PalmOS)
 CAN-2003-0292
-	TODO: check
+	NOTE: not-for-us (Inktomi)
 CAN-2003-0291
-	TODO: check
+	NOTE: not-for-us (3com OfficeConnect Remote 812 ADSL Router)
 CAN-2003-0290
-	TODO: check
+	NOTE: not-for-us (eServ)
 CAN-2003-0289
-	TODO: check
+	- cdrtools 4:2.0+a14-1
 CAN-2003-0288
-	TODO: check
+	NOTE: not-for-us (IP Messenger for Win)
 CAN-2003-0287
-	TODO: check
+	NOTE: not-for-us (Movable Type)
 CAN-2003-0286
-	TODO: check
+	NOTE: not-for-us (Snitz Forums)
 CAN-2003-0285
-	TODO: check
+	NOTE: not-for-us (bad sendmail config on AIX)
 CAN-2003-0284
-	TODO: check
+	NOTE: not-for-us (Adobe Acrobat)
 CAN-2003-0283
-	TODO: check
+	NOTE: not-for-us (Phorum)
 CAN-2003-0282
-	TODO: check
+	NOTE: covered by DSA-344
 CAN-2003-0281
 	TODO: check
 CAN-2003-0280

Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list	2004-11-05 17:13:36 UTC (rev 83)
+++ sarge-checks/DSA/list	2004-11-05 21:17:54 UTC (rev 84)
@@ -780,7 +780,7 @@
 	{CAN-2003-0535}
 	- xbl 1.0k-6
 [08 Jul 2003] DSA-344 unzip - directory traversal
-	{CAN-2003-0282
+	{CAN-2003-0282}
 	- unzip 5.50-3
 [08 Jul 2003] DSA-343 skk, ddskk - insecure temporary file
 	{CAN-2003-0539}