[Secure-testing-commits] r3012 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon Dec 12 11:51:34 UTC 2005
Author: jmm-guest
Date: 2005-12-12 11:51:29 +0000 (Mon, 12 Dec 2005)
New Revision: 3012
Modified:
data/CVE/list
Log:
lots of syntax updates and kernel updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-12 10:19:22 UTC (rev 3011)
+++ data/CVE/list 2005-12-12 11:51:29 UTC (rev 3012)
@@ -11929,7 +11929,7 @@
CVE-2002-1595 (Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to ...)
NOT-FOR-US: Cisco
CVE-2002-1594 (Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a ...)
- NOTE: our pwck and grpck do not overflow and are not suid
+ - shadow <not-affected> (Debian's pwck and grpck do not overflow and are not suid)
CVE-2002-1593 (mod_dav in Apache before 2.0.42 does not properly handle versioning ...)
- apache2 2.0.42
CVE-2002-1592 (The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI ...)
@@ -11959,7 +11959,7 @@
CVE-2004-1766 (The default installation of NetScreen-Security Manager before Feature ...)
NOT-FOR-US: NetScreen-Security Manager
CVE-2004-1765 (Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for ...)
- NOTE: only seems to affect 1.7.4, not the newer branch in debian
+ - libapache-mod-security <not-affected> (only seems to affect 1.7.4, not the newer branch in Debian)
CVE-2004-1764 (Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, ...)
NOT-FOR-US: HP-UX
CVE-2004-1763 (Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 ...)
@@ -12027,11 +12027,9 @@
CVE-2005-0688 (Windows Server 2003 and XP SP2, with Windows Firewall turned off, ...)
NOT-FOR-US: Windows
CVE-2005-0687 (Format string vulnerability in Hashcash 1.16 allows remote attackers ...)
- NOTE: hashcash 1.13 (which is in Debian) is not vulnerable
- NOTE: hashcash 1.17 is also ok
+ - hashcash 1.17-1
CVE-2005-0686 (Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf ...)
- - mlterm 2.9.2
- NOTE: see bug #298621, was stalled in NEW, now accepted
+ - mlterm 2.9.2 (bug #298621)
CVE-2005-0685 (Multiple access validation errors in OutStart Participate Enterprise ...)
NOT-FOR-US: OutStart Participate Enterprise
CVE-2005-0684 (Multiple buffer overflows in the web tool for MySQL MaxDB before ...)
@@ -12087,7 +12085,7 @@
CVE-2005-0660 (Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 ...)
NOT-FOR-US: D-Forum
CVE-2005-0659 (phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive ...)
- NOTE: This is not a security issue as the installation path is known.
+ - phpbb2 <unfixed> (unimportant)
CVE-2005-0658 (SQL injection vulnerability in a third party extension to TYPO3 allows ...)
NOT-FOR-US: Typo3
CVE-2005-0657 (Directory traversal vulnerability in Computalynx CProxy 3.3.x and ...)
@@ -12155,8 +12153,7 @@
CVE-2005-0628 (Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 ...)
NOT-FOR-US: Forumwa
CVE-2005-0627 (Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be ...)
- NOTE: We are not vulnerable to this since RPATH has been disable in QT3 ever since
- NOTE: Martin Loschwitz maintain it.
+ - qt-x11-free <not-affected> (RPATH disabled in Debian's build)
CVE-2004-1754 (The DNS proxy (DNSd) for multiple Symantec Gateway Security products ...)
NOT-FOR-US: Symantec DNSd
CVE-2003-1089 (index.php for Zorum 3.4 allows remote attackers to determine the full ...)
@@ -12213,11 +12210,9 @@
- lesstif1-1 1:0.93.94-11.1 (bug #298183; bug #299236)
NOTE: lesstif1
- lesstif1-1 1:0.93.94-11.3 (bug #300421)
- NOTE: libxmp4 is the real culprit, but there are different
- NOTE: source packages for it (xorg-x11 and xfree86). xorg-x11
- NOTE: in unstable is not affected (was fixed before the upload).
+ NOTE: libxmp4 is the real culprit
- xfree86 4.3.0.dfsg.1-13
- NOTE: openmotif is non-free
+ - xorg-x11 <not-affected> (Fixed before upload into archive)
- openmotif 2.2.3-1.1 (bug #308819; medium)
CVE-2005-0604 (lnss.exe in GFI Languard Network Security Scanner 5.0 stores the ...)
NOT-FOR-US: GFI Languard Network Security Scanner
@@ -12481,17 +12476,21 @@
CVE-2005-0533 (Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI ...)
NOT-FOR-US: Trend Micro AntiVirus
CVE-2005-0532 (The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c ...)
- - kernel-source-2.6.8 2.6.8-14
- NOTE: 2.4.27 seems to be unaffected
+ - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11-rc4)
+ [sarge] - kernel-source-2.6.8 2.6.8-14
+ TODO: 2.4.27 seems to be unaffected, check back with kernel patch tracker
CVE-2005-0531 (The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 ...)
- - kernel-source-2.6.8 2.6.8-14
+ - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11-rc4)
+ [sarge] - kernel-source-2.6.8 2.6.8-14
- kernel-source-2.4.27 2.4.27-9
CVE-2005-0530 (Signedness error in the copy_from_read_buf function in n_tty.c for ...)
- kernel-source-2.6.8 2.6.8-14
NOTE: affects only 2.6 (see #296906)
CVE-2005-0529 (Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for ...)
- - kernel-source-2.6.8 2.6.8-14
- NOTE: 2.4.27 seems to be unaffected
+ - linux-2.6 <not-affected> (Fixed before upload into archive)
+ [sarge] - kernel-source-2.6.8 2.6.8-14
+ TODO: 2.4.27 seems to be unaffected, check back with kernel patch tracker
+ TODO: check, when this was fixed in 2.6
CVE-2005-0528
RESERVED
CVE-2005-0527 (Firefox 1.0 allows remote attackers to execute arbitrary code via ...)
@@ -12505,7 +12504,7 @@
- php4 4:4.3.10-10
- php3 3:3.0.18-31
CVE-2005-0524 (The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 ...)
- NOTE: php3 not affected
+ - php3 <not-affected>
- php4 4:4.3.10-10
CVE-2005-0523 (Format string vulnerability in ProZilla 1.3.7.3 and earlier allows ...)
{DSA-719-1}
@@ -12726,8 +12725,9 @@
NOTE: hard disc, well than you have "DoSed" yourself, congratulations.
NOTE: It's reproducable with 1.0.2, but I doubt it will ever be "fixed", as HTML parsers
NOTE: generally try to make sense of anything even remotely resembling HTML.
- TODO: This is still a bug (maybe not a security one)
- TODO: and needs fixing. (IMHO, fw)
+ - mozilla-firefox <unfixed> (unimportant)
+ - mozilla <unfixed> (unimportant)
+ TODO: This is still a bug (maybe not a security one) and needs fixing. (IMHO, fw)
CVE-2004-1638 (Buffer overflow in MailCarrier 2.51 allows remote attackers to execute ...)
NOT-FOR-US: mailcarrier
CVE-2004-1637 (The Hawking Technologies HAR11A modem/router allows remote attackers ...)
@@ -12778,7 +12778,7 @@
CVE-2004-1615 (Opera allows remote attackers to cause a denial of service (invalid ...)
NOT-FOR-US: Opera
CVE-2004-1614 (Mozilla allows remote attackers to cause a denial of service ...)
- NOTE: assuming this is mozilla_die2.html, does not bother firefox 1.0+dfsg.1-6
+ - mozilla-firefox <not-affected> (assuming this is mozilla_die2.html, does not bother firefox 1.0+dfsg.1-6)
NOTE: mozilla-browser 1.7.5-1 also ok
CVE-2004-1613 (Mozilla allows remote attackers to cause a denial of service ...)
NOTE: example page did not bother firefox 1.0+dfsg.1-6
@@ -12860,8 +12860,8 @@
CVE-2004-1575 (The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a ...)
- xerces25 2.5.0-4
- xerces24 2.4.0-4
- NOTE: maintainer believe that this CVE doesn't apply to xerces23 (see bug #296432)
- NOTE: maintainer believe that this CVE doesn't apply to xerces21 (see bug #296466)
+ - xerces23 <not-affected> (not affected, see bug #296432)
+ - xerces21 <not-affected> (not affected, see bug #296466)
CVE-2004-1574 (Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote ...)
NOT-FOR-US: Vypress
CVE-2004-1573 (The documentation for AJ-Fork 167 implies that users should set ...)
@@ -13094,6 +13094,7 @@
CVE-2005-0460 (index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to ...)
NOT-FOR-US: MercuryBoard
CVE-2005-0459 (phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote ...)
+ - phpmyadmin 2.6.2 (unimportant)
NOTE: From maintainer Piotr Roszatycki <Piotr_Roszatycki at netia.net.pl> :
NOTE: I think it is not a problem on Debian as far as everybody knows the full
NOTE: path of phpMyAdmin is /usr/share/phpmyadmin.
@@ -13122,7 +13123,6 @@
CVE-2005-0450 (Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows ...)
NOT-FOR-US: Sami HTTP Server
CVE-2005-0449 (The netfilter/iptables module in Linux before 2.6.8.1 allows remote ...)
- NOTE: http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1e01441051dda3bb01c455b6e20bce6d00563d82"
- kernel-source-2.6.8 2.6.8-14 (bug #295949; high)
- linux-2.6 <not-affected> (Vulnerable code was removed betwen 2.6.11 and 2.6.12)
- kernel-source-2.4.27 <not-affected> (Per Herbet Xu: http://oss.sgi.com/archives/netdev/2005-01/msg01107.html)
@@ -13137,8 +13137,7 @@
{DSA-688-1}
- squid 2.5.8-3
CVE-2005-0445 (Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows ...)
- NOTE: Not in testing, only sid
- NOTE: Was once part of Debian, but has been removed
+ - openwebmail <removed>
CVE-2005-0444 (VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries ...)
NOT-FOR-US: VMware
CVE-2005-0443 (index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the ...)
@@ -13235,8 +13234,8 @@
- mozilla-firefox 1.0.2-1
- mozilla-thunderbird 1.0.2-1
CVE-2005-0400 (The ext2_make_empty function call in the Linux kernel before 2.6.11.6 ...)
+ - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.6)
- kernel-source-2.4.27 2.4.27-10 (bug #303294)
- - kernel-source-2.6.8 2.6.8-16 (bug #303294)
CVE-2005-0399 (Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, ...)
- mozilla-firefox 1.0.2-1
- mozilla-thunderbird 1.0.2-1
@@ -13279,7 +13278,8 @@
{DSA-693-1}
- luxman 0.41-20 (bug #299857)
CVE-2005-0384 (Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 ...)
- - kernel-source-2.6.8 2.6.8-15
+ - linux-2.6 <not-affected> (Fixed before upload into archive)
+ TODO: Check, when this was fixed upstream
- kernel-source-2.4.27 2.4.27-9
CVE-2004-1488 (wget 1.8.x and 1.9.x does not filter or quote control characters when ...)
- wget 1.9.1-11
@@ -13296,7 +13296,8 @@
CVE-2005-0379 (Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and ...)
NOT-FOR-US: ZeroBoard
CVE-2005-0378 (Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow ...)
- NOTE: horde 2.0 not vulnerable
+ - horde2 <not-affected>
+ TODO: check horde3
CVE-2005-0377 (SQL injection vulnerability in imageview.php for SGallery 1.01 allows ...)
NOT-FOR-US: sgallery
CVE-2005-0376 (PHP remote code injection vulnerability in SGallery 1.01 allows local ...)
@@ -13327,7 +13328,7 @@
CVE-2005-0366 (The integrity check feature in OpenPGP, when handling a message that ...)
- gnupg 1.4.1-1
CVE-2005-0364 (Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and ...)
- NOT-FOR-US: bind on hp-ux
+ - bind9 <not-affected> (Bind on hp-ux)
CVE-2005-0361
RESERVED
CVE-2005-0360 (The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked ...)
@@ -13339,7 +13340,8 @@
CVE-2005-0357 (EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge ...)
NOT-FOR-US: EMC Legato
CVE-2005-0356 (Multiple TCP implementations with Protection Against Wrapped Sequence ...)
- NOTE: linux is not vulnerable, see #310804
+ - linux-2.6 <not-affected> (Linux is not vulnerable, see #310804)
+ - kernel-source-2.4.27 <not-affected> (Linux is not vulnerable, see #310804)
- kfreebsd5-source 5.3-15 (medium)
CVE-2005-0355
RESERVED
@@ -13362,9 +13364,9 @@
CVE-2004-1486 (Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and ...)
NOT-FOR-US: Serviceguard and Cluster Object Manager on HP-UX, HP Linux
CVE-2004-1485 (Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote ...)
- NOTE: checked inetutils 2:1.4.2+20040207-4; not vulnerable and its tftpd is not shipped
- NOTE: atftp checks h_length
- NOTE: netkit-tftp not vulnerable
+ - inetutils <not-affected> (inetutils 2:1.4.2+20040207-4; not vulnerable and its tftpd is not shipped)
+ - atftp <not-affected> (atftp checks h_length)
+ - netkit-tftp <not-affected> (netkit-tftp not vulnerable)
- tftpd-hpa <unfixed> (bug #295297; unimportant)
NOTE: The address length comes from libc, not the network.
CVE-2004-1484 (Format string vulnerability in the _msg function in error.c in socat ...)
@@ -13891,7 +13893,7 @@
NOTE: to ... execute arbitrary commands via malformed GIF files ... parsed by the Windows batch file parser
NOTE: any interpretor would require the file to be +x to execute it and then would spit if handed a GIF
NOTE: < vorlon> hacim: it's specific to Windows, home to the dumbest interpreter on the planet.
- NOT-FOR-US: Firefox on Windows
+ - mozilla-firefox <not-affected> (Affects only Firefox on Windows)
CVE-2005-0229 (CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file ...)
NOT-FOR-US: CitrusDB
CVE-2005-0228
@@ -13920,7 +13922,7 @@
CVE-2005-0216 (Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab ...)
NOT-FOR-US: Woltlab Burning Board Lite
CVE-2005-0215 (Mozilla 1.6 and possibly other versions allows remote attackers to ...)
- NOT-FOR-US: Mozilla 1.6 for Windows
+ - mozilla <not-affected> (Mozilla 1.6 for Windows)
CVE-2005-0214 (Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c ...)
NOT-FOR-US: SPHPBlog
CVE-2005-0213 (Directory traversal vulnerability in WinHKI 1.4d allows remote ...)
@@ -13932,29 +13934,33 @@
- squid 2.5.7-6
CVE-2005-0210 (Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a ...)
- linux-2.6 <not-affected> (Fixed before upload into archive)
+ TODO: Check, which version fixed this
[sarge] - kernel-source-2.6.8 2.6.8-15
- kernel-source-2.4.27 2.4.27-9 (bug #300838)
CVE-2005-0209 (Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a ...)
- NOTE: <horms> all kernels seem to be clear with regards to 2005-0209
- NOTE: <dilinger> http://oss.sgi.com/archives/netdev/2005-01/msg01072.html resolves this and it is in all our kernels
+ - linux-2.6 <not-affected> (Fixed before upload into archive)
+ TODO: Check, which version fixed this
- kernel-source-2.4.27 2.4.27-9
CVE-2005-0208 (The HTML parsing functions in Gaim before 1.1.4 allow remote attackers ...)
- gaim 1:1.1.4
CVE-2005-0207 (Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows ...)
- NOTE: this is http://www.acm.cs.rpi.edu/~dilinger/patches/2.6.10/as2/linux-2.6.10-as2/026-nfs_o_direct_error.patch
- NOTE: http://linux.bkbits.net:8080/linux-2.6/cset@41db2d65wbgJvuXTv4x9_quExW0vEA
- NOTE: fixed in upstream 2.6.10, 2.6.9 is dead
- - kernel-source-2.6.8 2.6.8-14
+ - linux-2.6 <not-affected> (Fixed before upload into archive)
+ [sarge] - kernel-source-2.6.8 2.6.8-14
+ TODO: Check 2.4
CVE-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 ...)
- NOTE: turns out that xpdf, kpdf, tetex-bin and pdftohtml were patched for CVE-2004-0888 with
- NOTE: a fixed patch from the beginning, cupsys doesn't include xpdf code any more
- NOTE: found this: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393
- NOTE: gpdf ok, all implementations seem ok
+ - xpdf <not-affected> (Initial Debian fix was already correct)
+ - gpdf <not-affected> (Initial Debian fix was already correct)
+ - kdegraphics <not-affected> (Initial Debian fix was already correct)
+ - tetex-bin <not-affected> (Initial Debian fix was already correct)
+ - pdftohtml <not-affected> (Initial Debian fix was already correct)
+ - cupsys <not-affected> (Uses an external xpdf now)
+ NOTE: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135393
CVE-2005-0205 (KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain ...)
{DSA-692-1}
- kdenetwork 4:3.1.6
CVE-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T ...)
- NOTE: According to a question on linux-kernel 2.6 is not vulnerable
+ - linux-2.6 <not-affected> (Fixed before upload into archive)
+ TODO: Check, which version fixed this
- kernel-source-2.4.27 2.4.27-12 (bug #296700; high)
CVE-2005-0203
REJECTED
More information about the Secure-testing-commits
mailing list