[Secure-testing-commits] r1457 - data/CAN

Joey Hess joeyh at costa.debian.org
Fri Jul 22 14:53:37 UTC 2005 

Author: joeyh
Date: 2005-07-22 14:53:34 +0000 (Fri, 22 Jul 2005)
New Revision: 1457

Modified:
   data/CAN/list
Log:
Got CVE assignments from mitre, and requested some more.


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-07-22 06:24:47 UTC (rev 1456)
+++ data/CAN/list	2005-07-22 14:53:34 UTC (rev 1457)
@@ -5,10 +5,8 @@
 	- fetchmail 6.2.5-15 (medium)
 CAN-2005-2320 [webcalender: Inproper access control may lead to privilege escalation]
 	- webcalender (unfixed; bug #315671; medium)
-	NOTE: CAN request sent to mitre
-CAN-2005-XXXX [xsupplicant leaks sensitive password information into logfile]
+CAN-2005-2437 [xsupplicant leaks sensitive password information into logfile]
 	- xsupplicant (unfixed; bug #317703; medium)
-	NOTE: CAN request sent to mitre
 CAN-2005-XXXX [Insecure temp usage in gopher]
 	- gopher 3.0.8 (low)
 CAN-2005-XXXX [fiaif: Package provided cron job updates conf files with access definitions]
@@ -19,6 +17,7 @@
 	- shorewall 2.4.1-2 (medium)
 CAN-2005-XXXX [pdns: Two DoS vulnerabilities in the LDAP backend]
 	- pdns (unfixed; bug #318798; medium)
+	NOTE: CVE id requested from mitre
 CAN-2005-2275
 	NOTE: reserved
 CAN-2005-2274 (Microsoft Internet Explorer 6.0 does not clearly associate a ...)
@@ -428,6 +427,7 @@
 	TODO: check
 CAN-2005-XXXX [netpanzer: DoS through endless loop trigged through a crafted packet]
 	- netpanzer (unfixed; bug #318329; medium)
+	NOTE: CVE id requested from mitre
 CAN-2005-XXXX [Missing input sanitising in affix's btsrv/btobex services]
 	- affix 2.1.2-2 (medium)
 CAN-2005-2259 (The dispallclosed2 function in dispallclosed.pl for multiple USANet ...)
@@ -475,6 +475,7 @@
 	- oftpd (unfixed; bug #318286; medium)
 CAN-2005-XXXX [oftpd port DOS]
 	- oftpd (unfixed; bug #307957; low)
+	NOTE: CVE id requested from mitre
 CAN-2005-2238 (ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to ...)
 	NOTE: not-for-us (AIX)
 CAN-2005-2237 (Format string vulnerability in the swcons command in IBM AIX 5.3, and ...)
@@ -737,9 +738,8 @@
 	NOTE: not-for-us (Online Recruitment Agency)
 CAN-2004-2155 (Online-bookmarks before 0.4.6 allows remote attackers to bypass its ...)
 	NOTE: not-for-us (Online-bookmarks)
-CAN-2005-XXXX [base-config log should not be world readable]
+CAN-2005-2348 [base-config log should not be world readable]
 	- base-config 2.68 (low)
-	NOTE: CAN request sent to mitre
 CAN-2005-2169 (Directory traversal vulnerability in source.php in Quick & Dirty ...)
 	NOTE: not-for-us (PHPSource Printer)
 CAN-2005-2168 (delete.php in Plague News System 0.6 and earlier allows remote ...)
@@ -852,6 +852,7 @@
 	NOTE: reserved
 CAN-2004-2154 (CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as ...)
 	- cupsys 1.1.20final+rc1-1 (low)
+	NOTE: CVE assignement requested from mitre
 CAN-2005-2116
 	NOTE: rejected
 	{DSA-745-1}
@@ -2234,14 +2235,13 @@
 CAN-2005-1858 (FUSE 2.x before 2.3.0 does not properly clear previously used memory ...)
 	{DSA-744-1}
 	- fuse 2.3.0-1
-CAN-2005-XXXX [Directory traversal in zoo]
+CAN-2005-2349 [Directory traversal in zoo]
 	- zoo (unfixed; bug #309594; medium)
-	NOTE: CAN request sent to mitre
-CAN-2005-XXXX [Cross Site Scripting in websieve]
+CAN-2005-2350 [Cross Site Scripting in websieve]
 	- websieve (unfixed; bug #311838; low)
-	NOTE: CAN number requested from mitre
 	NOTE: second half of bug suggets lack of escaping of user data
 	NOTE: could be used to compromise program somehow
+	NOTE: that is not covered by the CAN though due to vagueness
 CAN-2005-1840 (Directory traversal vulnerability in class.layout_phpcms.php in phpCMS ...)
 	NOTE: not-for-us (phpCMS)
 CAN-2005-1839 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk ...)
@@ -2527,9 +2527,8 @@
 	NOTE: not-for-us (Yahoo Messenger)
 CAN-2005-XXXX [Unspecified issue in moodle's admin/delete.php]
 	- moodle 1.4.4.dfsg.1-3
-CAN-2005-XXXX [Minor DoS condition in mutt due to preditable tempfiles]
+CAN-2005-2351 [Minor DoS condition in mutt due to preditable tempfiles]
 	- mutt (unfixed; bug #311296; low)
-	NOTE: CAN number assignment requested from mitre
 CAN-2005-XXXX [gforge arbitrary code execution through viewFile.php]
 	NOTE: viewFile.php has been removed along with other files in -26, so Debian is
 	NOTE: no longer affected.
@@ -3961,20 +3960,21 @@
 	- mailutils 0.6.1-2
 CAN-2005-XXXX [maradns: More frequent rekeying to mitigate possible AES attacks]
 	- maradns 1.0.27-1
-CAN-2005-XXXX [Temp file races in gs-gpl addons scripts]
+CAN-2005-2352 [Temp file races in gs-gpl addons scripts]
 	- gs-gpl (unfixed; bug #291373; low)
-	NOTE: CAN number requested from mitre
 CAN-2005-XXXX [Possible SQL injection in freeradius]
 	- freeradius 1.0.2-4
-CAN-2005-XXXX [Insecure temp file handling in Thunderbird]
+CAN-2005-2353 [Insecure temp file handling in Thunderbird]
 	- mozilla-thunderbird (unfixed; bug #306893; low)
-	NOTE: CAN request sent to mitre
 CAN-2005-XXXX [Directory traversal in unzoo]
 	- unzoo 4.4-4
 CAN-2005-XXXX [Logging bypassing through SIGHUP in syslog-ng]
 	- syslog-ng 1.6.5-2.1
-CAN-2005-XXXX [tracksballs: Missing checks for symlinks when writing to predictable file names]
+CAN-2005-XXXX [trackballs: Follows symlinks as gid games]
 	- trackballs (unfixed; bug #302454; medium)
+	NOTE: CVE request sent to mitre
+	TODO: check possibility of exploitation via scripting language,
+	TODO: as mentioned in the bug report as a separate issue
 CAN-2005-XXXX [Less secure default setting in pwgen or the lack documentation about it]
 	- pwgen 2.04-1
 CAN-2005-XXXX [Insecure handling of gpg passphrases in gabber]
@@ -4026,17 +4026,14 @@
 	- xtradius 1.2.1-beta2-2 (low)
 CAN-2005-XXXX [fai tempfile vulnerability]
 	- fai 2.8.2
-CAN-2005-XXXX [nvu uses old version of mozilla]
-	NOTE: contains old copy of xpcom library
+CAN-2005-2354 [nvu uses old copy of mozilla xpcom]
 	NOTE: have not checked to see which security holes re in it exatly
 	NOTE: Has been removed from Sarge
 	- nvu (unfixed; bug #306822)
-	NOTE: CAN number requested from mitre
 CAN-2005-XXXX [eskuel: arbitrary file retreiving]
 	- eskuel 1.0.5-3.1 (low)
-CAN-2005-XXXX [eskuel: No authentication at all]
+CAN-2005-2355 [eskuel: No authentication at all]
 	- eskuel (unfixed; bug #163653; low)
-	NOTE: CAN number requested from mitre
 CAN-2005-XXXX [Buffer overflow in elog's header buffer]
 	- elog 2.5.7+r1558-3
 CAN-2005-XXXX [Unspeficied security issue in ipsec-tool's single DES support]
@@ -4494,6 +4491,7 @@
 	NOTE: this release added lots of warnings about the security problems
 	- quake2 1:0.3-1.1
 	- quake2 (unfixed; bug #280573; low)
+	NOTE: CVE id requested from mitre
 CAN-2005-1245 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, ...)
 	NOTE: not-for-us (MediaWiki not yet in Debian), see CAN-2005-1888
 CAN-2005-1244 (Directory traversal vulnerability in the third party tool from NetIQ, ...)
@@ -9559,6 +9557,8 @@
 	- libc6 2.3.2.ds1-19
 CAN-2004-0967 (The (1) pj-gs.sh, (2) ps2epsi , (3) pv.sh, and (4) sysvlp.sh scripts ...)
 	- gs-common 0.3.6-0.1
+	- gs-gpl (unfixed; bug #291373; low)
+	NOTE: ps2epsi hole present in gs-gpl, but not shipped in binary
 CAN-2004-0966 (The (1) autopoint and (2) gettextize scripts in the GNU gettext ...)
 	- gettext 0.14.1-6
 CAN-2004-0965 (stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified ...)

More information about the Secure-testing-commits mailing list