[Secure-testing-commits] r1199 - sarge-checks/CAN

Moritz Muehlenhoff jmm-guest@costa.debian.org
Fri, 03 Jun 2005 23:09:33 +0000 

Author: jmm-guest
Date: 2005-06-03 23:09:30 +0000 (Fri, 03 Jun 2005)
New Revision: 1199

Modified:
   sarge-checks/CAN/list
Log:
- Several not-for-us
- some issues need further evaluation (kernel disk encryption, some minor
  temp races)
- CANified ht issues


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-06-03 22:29:30 UTC (rev 1198)
+++ sarge-checks/CAN/list	2005-06-03 23:09:30 UTC (rev 1199)
@@ -17,7 +17,8 @@
 CAN-2005-1832 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
 	NOTE: not-for-us (MyBB)
 CAN-2005-1831 (Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux ...)
-	TODO: check
+	NOTE: Unreproducable by SuSE security team, sudo contains code to circumvent such
+	NOTE: behaviour, seems like a broken PAM setup on the submitter's side
 CAN-2005-1830 (The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 ...)
 	NOTE: not-for-us (SoftICE)
 CAN-2005-1829 (Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a ...)
@@ -174,13 +175,15 @@
 CAN-2005-1751 (Race condition in shtool 2.0.1 and earlier allows local users to ...)
 	- shtool (unfixed; bug #311206)
 CAN-2004-2136 (dm-crypt on Linux kernel 2.6.x, when used on certain file systems ...)
-	TODO: check
+	NOTE: This looks like a minor issue, the paper is from Feb 2004, check whether this still applies
+	TODO: check, whether this still applies
 CAN-2004-2135 (cryptoloop on Linux kernel 2.6.x, when used on certain file systems ...)
-	TODO: check
+	NOTE: This looks like a minor issue, the paper is from Feb 2004, check whether this still applies
+	TODO: check, whether this still applies
 CAN-2004-2134 (Oracle toplink mapping workBench uses a weak encryption algorithm for ...)
 	NOTE: not-for-us (Oracle)
 CAN-2004-2133 (Certain third-party packages for CVSup 16.1h, such as SuSE Linux, ...)
-	TODO: check
+	NOTE: not-for-us (CVSup third party modules)
 CAN-2004-2132 (Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo ...)
 	NOTE: not-for-us (PJ CGI Nero)
 CAN-2004-2131 (Stack-based buffer overflow in ontape for IBM Informix Dynamic Server ...)
@@ -253,7 +256,8 @@
 CAN-2004-2098 (Cross-site scripting (XSS) vulnerability in the banner engine (TBE) ...)
 	NOTE: not-for-us (Banner engine)
 CAN-2004-2097 (Multiple scripts on SuSE Linux 9.0 allow local users to overwrite ...)
-	TODO: check
+	TODO: check these packages, whether they create tempfiles with the current PID:
+	TODO: fvwm, fvwm-gnome, x-base-clients, lvm10
 CAN-2004-2096 (Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 ...)
 	NOTE: not-for-us (Mephistoles)
 CAN-2004-2095 (Honeyd before 0.8 replies to TCP packets with the SYN and RST flags ...)
@@ -792,15 +796,15 @@
 CAN-2005-1547 (Heap-based buffer overflow in the demo version of Bakbone Netvault, ...)
 	NOTE: not-for-us (Bakbone Netvault)
 CAN-2005-1546 (Buffer overflow in the PE parser in HT Editor before 0.8.0 allows ...)
-	NOTE: not-for-us (HT Editor)
+	- ht 0.8.0-2
 CAN-2005-1545 (Integer overflow in the ELF parser in HT Editor before 0.8.0 allows ...)
-	NOTE: not-for-us (HT Editor)
+	- ht 0.8.0-2
 CAN-2005-1544 (Stack-based buffer overflow in libTIFF before 1.53 allows remote ...)
 	NOTE: CVE info about vulnerable version number is bogus
 	- tiff 3.7.2-3
 	NOTE: tiff3g not in testing
 CAN-2005-1543 (Multiple stack-based and heap-based buffer overflows in Remote ...)
-	TODO: check
+	NOTE: not-for-us (Novell Zenworks)
 CAN-2005-1542
 	NOTE: reserved
 CAN-2005-1541
@@ -867,8 +871,6 @@
 	- binutils 2.15-6
 CAN-2005-XXXX [kmd affected by binutils's ELF parser vulnerability]
 	- kmd 0.9.19-1.1
-CAN-2005-XXXX [Multiple vulnerabilities in HT editor]
-	- ht 0.8.0-2
 CAN-2005-XXXX [unrar: opens /tmp/debug_unrar.txt]
 	NOTE: Source package has been renamed from unrar to unrar-free
 	- unrar-free 1:0.0.1-2
@@ -1862,7 +1864,7 @@
 CAN-2005-1409 (PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain ...)
 	- postgresql 7.4.7-6
 CAN-2005-1408 (Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary ...)
-	TODO: check
+	NOTE: not-for-us (Apple)
 CAN-2005-1407 (Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the ...)
 	NOTE: not-for-us (Skype)
 CAN-2005-1406 (The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly ...)
@@ -2197,21 +2199,21 @@
 CAN-2005-1257
 	NOTE: reserved
 CAN-2005-1256 (Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail ...)
-	TODO: check
+	NOTE: not-for-us (IMail)
 CAN-2005-1255 (Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 ...)
-	TODO: check
+	NOTE: not-for-us (IMail)
 CAN-2005-1254 (Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 ...)
-	TODO: check
+	NOTE: not-for-us (IMail)
 CAN-2005-1253
 	NOTE: reserved
 CAN-2005-1252 (Directory traversal vulnerability in the Web Calendaring server in ...)
-	TODO: check
+	NOTE: not-for-us (IMail)
 CAN-2005-1251
 	NOTE: reserved
 CAN-2005-1250
 	NOTE: reserved
 CAN-2005-1249 (The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) ...)
-	TODO: check
+	NOTE: not-for-us (IMail)
 CAN-2005-1248 (Buffer overflow in Apple iTunes before 4.8 allows remote attackers to ...)
 	NOTE: not-for-us (Apple iTunes)
 CAN-2005-1247 (webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to ...)