[Secure-testing-commits] r3244 - data/CVE
Florian Weimer
fw at costa.debian.org
Sat Jan 7 14:58:16 UTC 2006
Author: fw
Date: 2006-01-07 14:58:01 +0000 (Sat, 07 Jan 2006)
New Revision: 3244
Modified:
data/CVE/list
Log:
CVE-2005-4581, CVE-2005-4582: not really exploitable
CVE-2005-4534, CVE-2005-4268, CVE-2005-3973, CVE-2005-0866:
urgency adjusted
[clamav: DoS through multiple empty Content-Disposition header
lines]: likewise
CVE-2005-4154, CVE-2005-3883, CVE-2005-3392, CVE-2005-3391,
CVE-2005-3390, CVE-2005-3389, CVE-2005-3388, CVE-2005-3353,
CVE-2005-3319, CVE-2002-1954: php5 fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-07 10:05:56 UTC (rev 3243)
+++ data/CVE/list 2006-01-07 14:58:01 UTC (rev 3244)
@@ -167,9 +167,12 @@
CVE-2005-4583 (Unspecified vulnerability in the Management Interface in VMware ESX ...)
NOT-FOR-US: VMWare
CVE-2005-4582 (Electric Sheep 2.6.3 does not require authentication or integrity ...)
- - electricsheep 2.6.3+cvs20051206-1
+ - electricsheep 2.6.3+cvs20051206-1 (unimportant)
+ NOTE: Even an authenticated server might serve unwanted content, so
+ NOTE: this can't be considered a real vulnerability.
CVE-2005-4581 (Buffer overflow in Electric Sheep 2.6.3 client allows local users to ...)
- - electricsheep 2.6.3+cvs20051206-1
+ - electricsheep 2.6.3+cvs20051206-1 (unimportant)
+ NOTE: This does not seem to be exploitable.
CVE-2005-4580 (Cross-site scripting (XSS) vulnerability in Day Communique 4 allows ...)
NOT-FOR-US: Day Communique
CVE-2005-4579 (Multiple HTTP response splitting vulnerabilities in Hitachi Business ...)
@@ -385,8 +388,8 @@
CVE-2005-4534 (The shadow database feature (syncshadowdb) in Bugzilla 2.9 through ...)
- bugzilla 2.18 (bug #329387; low)
NOTE: The vulnerable script has been removed in the 2.18 upstream release
- [woody] - bugzilla <unfixed>
- [sarge] - bugzilla <unfixed>
+ [woody] - bugzilla <unfixed> (low)
+ [sarge] - bugzilla <unfixed> (low)
CVE-2005-XXXX [Insecure tempfile in libjpeg6b's exifautotran]
- libjpeg6b 6b-11
[woody] - libjpeg6b <not-affected> (Does not include exifautotran)
@@ -846,9 +849,9 @@
CVE-2005-4269 (mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer ...)
NOT-FOR-US: Microsoft Windows
CVE-2005-4268 (Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a ...)
- - cpio 2.6-10 (bug #344134)
- [sarge] - cpio <unfixed>
- [woody] - cpio <unfixed>
+ - cpio 2.6-10 (bug #344134; medium)
+ [sarge] - cpio <unfixed> (medium)
+ [woody] - cpio <unfixed> (medium)
CVE-2005-4267 (Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote ...)
NOT-FOR-US: Qualcomm WorldMail
CVE-2004-2652 (The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when ...)
@@ -1090,8 +1093,8 @@
CVE-2005-4155 (registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to ...)
NOT-FOR-US: ATutor
CVE-2005-4154 (Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows ...)
- NOT-FOR-US: PEAR installer
- TODO: Please double-check, this could be included somewhere else
+ - php5 5.1.1-1
+ NOTE: PHP 5 in Debian is vulnerable according to the changelog.
CVE-2005-4153 (Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial ...)
- mailman 2.1.5-10
CVE-2005-4152 (Soti Pocket Controller-Professional 5.0 allows remote attackers to ...)
@@ -1470,7 +1473,7 @@
- drupal 4.5.6-1 (low)
[sarge] - drupal <not-affected> (Only vulnerable if running PHP 5)
CVE-2005-3973 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 ...)
- - drupal 4.5.6-1 (unknown)
+ - drupal 4.5.6-1 (medium)
CVE-2005-3972 (Cross-site scripting (XSS) vulnerability in extremesearch.php in ...)
NOT-FOR-US: Extreme Search Corporate Edition
CVE-2005-3971 (Cross-site scripting (XSS) vulnerability in the login form in Citrix ...)
@@ -1778,8 +1781,8 @@
CVE-2005-3884 (Multiple SQL injection vulnerabilities in the search action in Zainu ...)
NOT-FOR-US: Zaimu
CVE-2005-3883 (CRLF injection vulnerability in the mb_send_mail function in PHP ...)
- - php5 <unfixed> (bug #341368; medium)
- php4 <unfixed> (bug #341726; medium)
+ - php5 5.1.1-1 (bug #341368; medium)
CVE-2005-3882 (SQL injection vulnerability in answer.php in FAQSystems FAQRing ...)
NOT-FOR-US: FAQRing Knowledge Base
CVE-2005-3881 (SQL injection vulnerability in search.php in AtlantisFAQ Knowledge ...)
@@ -3306,27 +3309,27 @@
- openvpn 2.0.5-1 (bug #336751; medium)
CVE-2005-3392 (Unspecified vulnerability in PHP before 4.4.1, when using the virtual ...)
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug #336654; low)
+ - php5 5.1.1-1 (bug #336654; low)
NOTE: According to CVE, this is a safe mode violation,
NOTE: therefore low impact. (According to SuSE, it's an
NOTE: information leak.)
CVE-2005-3391 (Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to ...)
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug #336654; low)
+ - php5 5.1.1-1 (bug #336654; low)
NOTE: This is a safe mode violation, therefore low impact.
CVE-2005-3390 (The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to ...)
- php4 <unfixed> (bug #336645; high)
- - php5 <unfixed> (bug #336654; high)
+ - php5 5.1.1-1 (bug #336654; high)
NOTE: http://www.hardened-php.net/advisory_202005.79.html
NOTE: http://www.hardened-php.net/globals-problem
CVE-2005-3389 (The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, ...)
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug #336654; low)
+ - php5 5.1.1-1 (bug #336654; low)
NOTE: http://www.hardened-php.net/advisory_192005.78.html
CVE-2005-3388 (Cross-site scripting (XSS) vulnerability in the phpinfo function in ...)
{CVE-2002-1954}
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug #336654; low)
+ - php5 5.1.1-1 (bug #336654; low)
NOTE: http://www.hardened-php.net/advisory_182005.77.html
NOTE: fixed in CVS, estimated release of PHP5.1 to fix this issue
CVE-2005-3387 (The startup script in packages/RedHat/ntop.init in ntop before 3.2, ...)
@@ -3405,7 +3408,7 @@
- sylpheed-claws-gtk2 1.9.100-1 (bug #339529; medium)
CVE-2005-3353 (The exif_read_data function in the Exif module in PHP before 4.4.1 ...)
- php4 <unfixed> (bug #339577; medium)
- - php5 <unfixed> (bug #336654; medium)
+ - php5 5.1.1-1 (bug #336654; medium)
CVE-2005-3352 (Cross-site scripting (XSS) vulnerability in the mod_imap module allows ...)
- apache 1.3.34-2 (bug #343466; low)
- apache2 <unfixed> (bug #343467; low)
@@ -3519,7 +3522,7 @@
NOT-FOR-US: SiteTurn Domain Manager
CVE-2005-3319 (The apache2handler SAPI (sapi_apache2.c) in the Apache module ...)
- php4 <unfixed> (bug #336004; low)
- - php5 <unfixed> (bug #336005; low)
+ - php5 5.1.1-1 (bug #336005; low)
CVE-2005-3318 (Buffer overflow in the _chm_decompress_block function in CHM lib ...)
{DSA-886-1}
- chmlib 0.37-1 (bug #335931; medium)
@@ -8146,7 +8149,7 @@
NOTE: function.
NOTE: fixed in CVS, estimated release of PHP5.1 to fix this issue
- php4 <unfixed> (bug #336645; low)
- - php5 <unfixed> (bug #336654; low)
+ - php5 5.1.1-1 (bug #336654; low)
CVE-2002-1953 (Heap-based buffer overflow in the goim handler of AOL Instant ...)
NOT-FOR-US: AIM
CVE-2002-1952 (phpRank 1.8 does not properly check the return codes for MySQL ...)
@@ -9993,7 +9996,7 @@
CVE-2003-1168 (HTTP Commander 4.0 allows remote attackers to obtain sensitive ...)
NOT-FOR-US: HTTP Commander
CVE-2005-XXXX [clamav: DoS through multiple empty Content-Disposition header lines]
- - clamav 0.85.1-1
+ - clamav 0.85.1-1 (low)
CVE-2005-XXXX [libxpm4: new s_popen() function is insecure garbage]
- xfree86 4.3.0.dfsg.1-14 (bug #308783)
- xorg-x11 <not-affected> (Xfree-specific, inspected the Subversion tree)
@@ -12581,7 +12584,7 @@
- linux-2.6 <not-affected> (Fixed before upload into archive)
[sarge] - kernel-source-2.6.8 <not-affected> (Not vulnerable, see #306137)
CVE-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users to ...)
- - cdrtools 4:2.01+01a01-4 (bug #291376)
+ - cdrtools 4:2.01+01a01-4 (bug #291376; low)
NOTE: Sarge and Woody affected
CVE-2004-1771 (Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass ...)
NOT-FOR-US: Scalable OGo (SOGo)
More information about the Secure-testing-commits
mailing list