[Secure-testing-commits] r5439 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Sun Feb 11 21:06:22 UTC 2007 

Author: stef-guest
Date: 2007-02-11 22:06:19 +0100 (Sun, 11 Feb 2007)
New Revision: 5439

Modified:
   data/CVE/list
Log:
CVE-2007-0855: new rar/unrar issue (high, because they are called by amavisd-new in default configuration)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-02-11 20:14:09 UTC (rev 5438)
+++ data/CVE/list	2007-02-11 21:06:19 UTC (rev 5439)
@@ -4,7 +4,7 @@
 	NOTE: might not affect Debian version because HTML mode is disabled. sf: pinged maintainer
 CVE-2007-XXXX [php: multiple issues fixed in php 5.2.1]
 	- php4 <unfixed>
-	- php5 <unfixed> (bug filed)
+	- php5 <unfixed> (bug #410561)
 CVE-2007-XXXX [ikiwiki allows web user to edit images and other non-page format files in the wiki]
 	- ikiwiki 1.42
 CVE-2007-0858
@@ -14,7 +14,12 @@
 CVE-2007-0856 (TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module ...)
 	NOT-FOR-US: Trend Micro Anti-Rootkit Common Module
 CVE-2007-0855 (Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR ...)
-	TODO: check
+	- rar <unfixed> (high)
+	- unrar-nonfree <unfixed> (high) (bug filed)
+	NOTE: amavid-new automatically uses "rar -p-" or "unrar -p-",
+	NOTE: which probably turns this into remote code execution
+	NOTE: clamav can also call unrar -p-, but AFAICS not in default configuration
+	TODO: unrar-free and clamav (which embeds unrar-free code) need to be checked
 CVE-2007-0854 (Remote file inclusion vulnerability in objcache in cPanel WebHost ...)
 	NOT-FOR-US: cPanel WebHost Manager
 CVE-2007-0853 (SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers ...)
@@ -1638,7 +1643,7 @@
 	- gforge 4.5.14-20 (low; bug #406244)
 	[sarge] - gforge <not-affected> (Vulnerable code not present)
 CVE-2007-0175 (Cross-site scripting (XSS) vulnerability in htsrv/login.php in ...)
-	- b2evolution <unfixed> (bug filed; low)
+	- b2evolution <unfixed> (bug #410568; low)
 CVE-2007-0174 (Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ...)
 	NOT-FOR-US: Sina UC2006
 CVE-2007-0173 (Directory traversal vulnerability in index.php in L2J Statistik Script ...)

More information about the Secure-testing-commits mailing list