[Secure-testing-commits] r6081 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Mon Jul 2 17:29:19 UTC 2007
Author: jmm-guest
Date: 2007-07-02 17:29:18 +0000 (Mon, 02 Jul 2007)
New Revision: 6081
Modified:
data/CVE/list
Log:
cleaned up iceweasel issues list
zvbi non-issue
new kernel issue
no-dsa for proprietary java
hiki/sarge not affected
NFUs
bugzilla no-dsa
php non-issue
removed some historic TODOs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-07-02 16:24:40 UTC (rev 6080)
+++ data/CVE/list 2007-07-02 17:29:18 UTC (rev 6081)
@@ -213,7 +213,8 @@
CVE-2007-3361 (The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows ...)
NOT-FOR-US: Nortel PC Client SIP Soft Phone
CVE-2007-3360 (hook.c in BitchX 1.1-final allows remote IRC servers to execute ...)
- - ircii-pana <unfixed> (low)
+ - ircii-pana <unfixed> (medium)
+ TODO: File bug
CVE-2007-3359 (Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and ...)
NOT-FOR-US: SerWeb
CVE-2007-3358 (PHP remote file inclusion vulnerability in html/load_lang.php in ...)
@@ -562,8 +563,9 @@
CVE-2007-3206
RESERVED
CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Subhosin, ...)
- - php4 <unfixed> (low)
- - php5 <unfixed> (low)
+ - php4 <unfixed> (unimportant)
+ - php5 <unfixed> (unimportant)
+ NOTE: That's by design
CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...)
- jffnms <unfixed> (high)
NOTE: the fix for CVE-2007-3190 is incomplete (the 'pass' param can still contain an injection)
@@ -692,6 +694,7 @@
- galeon <unfixed> (low; bug #429216)
CVE-2007-3144 (Visual truncation vulnerability in Mozilla 1.7.12 allows remote ...)
- iceweasel <unfixed> (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
- iceape <unfixed> (low)
- firefox <removed> (low)
- mozilla <removed> (low)
@@ -754,7 +757,9 @@
{DSA-1320-1}
- clamav 0.90.3-1
CVE-2007-3121 (Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the ...)
- - zvbi 0.2.25-1 (bug #429221)
+ - zvbi 0.2.25-1 (bug #429221; unimportant)
+ NOTE: Only exploitable through malformed closed captions
+ NOTE: Malicious TV networks have more subtle methods to control people...
CVE-2007-3120 (Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php ...)
NOT-FOR-US: All In One Control Panel (AIOCP)
CVE-2007-3119 (SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi ...)
@@ -798,7 +803,7 @@
CVE-2007-3105
RESERVED
CVE-2007-3104 (The sysfs_readdir function in the Linux kernel in Red Hat Enterprise ...)
- TODO: check
+ - linux-2.6 <unfixed>
CVE-2007-3103
RESERVED
CVE-2007-3102
@@ -1013,9 +1018,11 @@
CVE-2007-3006 (Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted ...)
NOT-FOR-US: Acoustica MP3 CD Burner
CVE-2007-3005 (Unspecified vulnerability in the Sun Java Runtime Environment in JDK ...)
+ [etch] - sun-java <no-dsa> (Non-free not supported)
- sun-java5 1.5.0-11-1 (low)
- sun-java6 <unfixed> (low)
CVE-2007-3004 (Buffer overflow in the image parsing implementation in the Sun Java ...)
+ [etch] - sun-java <no-dsa> (Non-free not supported)
- sun-java5 1.5.0-11-1 (medium)
- sun-java6 <unfixed> (medium)
CVE-2007-3003 (Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier ...)
@@ -1410,6 +1417,7 @@
CVE-2007-2836 [hiki file deletion vulnerability]
RESERVED
- hiki 0.8.7-1 (bug #430691; medium)
+ [sarge] - hiki <not-affected> (Vulnerable code not present)
CVE-2007-2835
RESERVED
CVE-2007-2834
@@ -2294,6 +2302,7 @@
NOT-FOR-US: Caucho Resin Professional
CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1) writefile, ...)
- vim <unfixed> (medium)
+ TODO: File bug
NOTE: Exploitable through modelines.
CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, ...)
- xorg-server 2:1.3.0.0.dfsg-4 (unimportant; bug #422936)
@@ -2382,11 +2391,11 @@
CVE-2007-2402
RESERVED
CVE-2007-2401 (CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, and ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2007-2400 (Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2007-2399 (WebKit in Apple Mac OS X 10.3.9, and 10.4.9 and later performs an ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2007-2398 (Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers ...)
NOT-FOR-US: Apple Safari
CVE-2007-2397
@@ -2639,6 +2648,7 @@
NOTE: only in 1.4.x
CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication support for ...)
- iceweasel (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
- firefox <removed> (low)
- mozilla <removed> (low)
CVE-2007-2291 (CRLF injection vulnerability in the Digest Authentication support for ...)
@@ -3356,6 +3366,7 @@
NOT-FOR-US: fotokategori.asp
CVE-2007-1970 (Mozilla Firefox does not warn the user about HTTP elements on an HTTPS ...)
- iceweasel <unfixed> (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
CVE-2007-1969 (Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam ...)
NOT-FOR-US: MyBlog
CVE-2007-1968 (PHP remote file inclusion vulnerability in games.php in Sam Crew ...)
@@ -3846,6 +3857,7 @@
NOT-FOR-US: Microsoft
CVE-2007-1762 (Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs ...)
- iceweasel <unfixed> (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
CVE-2007-1761
RESERVED
CVE-2007-1760
@@ -3900,6 +3912,7 @@
NOT-FOR-US: Opera
CVE-2007-1736 (Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or ...)
- iceweasel <unfixed> (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
CVE-2007-1735 (Stack-based buffer overflow in Corel WordPerfect Office X3 ...)
NOT-FOR-US: Corel WordPerfect
CVE-2007-1734 (The DCCP support in the do_dccp_getsockopt function in ...)
@@ -4995,6 +5008,7 @@
CVE-2006-7162 (PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files ...)
- putty 0.59-1 (bug #400804; unimportant)
NOTE: Unsafe default, but not a vulnerability
+ NOTE: Sensitive operations like key generation should only be done in private home
CVE-2006-7161 (SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows ...)
NOT-FOR-US: Hazir Site
CVE-2006-7160 (The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly ...)
@@ -5595,6 +5609,7 @@
NOT-FOR-US: Google Desktop
CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...)
- iceweasel <unfixed> (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
- iceape <unfixed> (low)
NOTE: xulrunner by itself is not affeced, but other browsers based on xulrunner may be affected
TODO: check epiphany, galeon and kazehakase
@@ -5938,6 +5953,7 @@
NOT-FOR-US: eTrust Intrusion Detection
CVE-2007-1004 (Mozilla Firefox might allow remote attackers to conduct spoofing and ...)
- iceweasel <unfixed> (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
- iceape <unfixed> (low)
- xulrunner <unfixed> (low)
NOTE: maintainer notes that this may affect browsers based on xulrunner
@@ -6509,6 +6525,7 @@
[sarge] - stlport5 <not-affected> (Vulnerable code not compiled in)
CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...)
- iceweasel <unfixed> (low)
+ [etch] - iceweasel <no-dsa> (Minor issue)
CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox ...)
- iceweasel 2.0.0.2+dfsg-1 (low)
- firefox <removed> (low)
@@ -6540,6 +6557,7 @@
- bugzilla <not-affected> (Only development version 2.23.3 is affected)
CVE-2007-0791 (Cross-site scripting (XSS) vulnerability in Atom feeds in Bugzilla ...)
- bugzilla <unfixed> (bug #409824; low)
+ [etch] - bugzilla <no-dsa> (Minor issue, far-fetched attack, minor impact)
[sarge] - bugzilla <not-affected> (Vulnerable code not present)
CVE-2007-0790 (Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP ...)
NOT-FOR-US: SmartFTP
@@ -9054,7 +9072,6 @@
CVE-2007-0010 (The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) ...)
{DSA-1256-1}
- gtk+2.0 2.8.20-5
- TODO: check gdk-pixbuf
CVE-2007-0009 (Stack-based buffer overflow in the SSLv2 support in Mozilla Network ...)
NOTE: MFSA-2007-06
- iceweasel 2.0.0.2+dfsg-1 (low)
@@ -9250,7 +9267,6 @@
CVE-2006-6585 (The Extensions manager in Mozilla Firefox 2.0 does not properly ...)
- iceweasel 2.0.0.1+dfsg-1
- firefox <removed>
- TODO: check iceape, sarge's firefox
CVE-2006-6584 (Multiple buffer overflows in italkplus (Italk+) before 0.92.1 allow ...)
NOT-FOR-US: italkplus (Italk+)
CVE-2006-6583 (ScriptMate User Manager 2.1 and earlier allow remote attackers to ...)
@@ -20483,7 +20499,6 @@
CVE-2005-4778 (The powersave daemon in SUSE Linux 10.0 before 20051007 has an ...)
- powersave 0.12.7-1
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=119628&x=18&y=11&=Find
- TODO: Pinged maintainer. Not clear if this bug has indeed been fixed.
CVE-2005-4777 (Tashcom ASPEdit 2.9 stores the administration password (aka the FTP ...)
NOT-FOR-US: Tashcom ASPEdit
CVE-2005-4776 (Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in ...)
@@ -28333,10 +28348,8 @@
- gnutls12 <not-affected> (fixed before upload)
CVE-2004-2530 (Visual truncation vulnerability in Gadu-Gadu allows remote attackers ...)
NOT-FOR-US: Gadu-Gadu
- TODO: Check, whether vulnerable code is shared with ekg
CVE-2004-2529 (Gadu-Gadu allows remote attackers to bypass the "image send" option by ...)
NOT-FOR-US: Gadu-Gadu
- TODO: Check, whether vulnerable code is shared with ekg
CVE-2004-2528 (Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam ...)
NOT-FOR-US: Webcam Watchdog
CVE-2004-2527 (The local and remote desktop login screens in Microsoft Windows XP ...)
@@ -28972,7 +28985,6 @@
- linux-2.6 2.6.12-1
CVE-2005-XXXX [Minor local DoS as libldap]
- openldap <unfixed> (bug #253838; low)
- TODO: Check, whether openldap2.2 is affected as well
CVE-2005-XXXX [Insecure bounds checking in mpack's content parser]
- mpack 1.6-1 (bug #216566)
CVE-2005-XXXX [coreutils ignores umask when using -m in mkdir, mkfifo and mknod]
@@ -29185,7 +29197,6 @@
NOT-FOR-US: My Little Forum
CVE-2003-1232 (Emacs 21.2.1 does not prompt or warn the user before executing Lisp ...)
- emacs21 21.3-1 (bug #286183; medium)
- TODO: check xemacs21
CVE-2005-XXXX [egroupware unsafe use of /tmp for storing a log file]
- egroupware 1.0.0.009.dfsg-3-1 (bug #329597; low)
[sarge] - egroupware <no-dsa> (Minor issue)
@@ -36597,11 +36608,9 @@
NOT-FOR-US: AIX
CVE-2005-1175 (Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT ...)
{DSA-757-1}
- TODO: check krb4
- krb5 1.3.6-4 (bug #318437; medium)
CVE-2005-1174 (MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) ...)
{DSA-757-1}
- TODO: check krb4
- krb5 1.3.6-4 (bug #318437; medium)
CVE-2004-1774 (Buffer overflow in the SDO_CODE_SIZE peocedure of the MD2 package ...)
NOT-FOR-US: Oracle
@@ -38559,7 +38568,7 @@
- curl 7.13.0-2
CVE-2005-0489 (The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows ...)
{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
- TODO: check
+ - linux-2.6 <not-affected> (Fixed before initial release)
CVE-2004-1702 (The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to ...)
- cfengine2 2.1.8-1
CVE-2004-1701 (Heap-based buffer overflow in the AuthenticationDialogue function in ...)
@@ -38690,7 +38699,6 @@
CVE-2003-1085 (The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ...)
NOT-FOR-US: Thomson cable modem
CVE-2005-0488 (Certain BSD-based Telnet clients, including those used on Solaris and ...)
- TODO: check heimdal, netkit-telnet-ssl
- krb4 <unfixed> (unimportant)
[woody] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
[sarge] - krb4 <no-dsa> (Documented behaviour in MIT Kerberos)
@@ -38953,7 +38961,6 @@
{DSA-731-1 DSA-703-1}
- krb5 1.3.6-2
- krb4 1.2.2-11.2 (bug #306141)
- TODO: check netkit-telnet, netkit-telnet-ssl
CVE-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2) ...)
- putty 0.57-1
CVE-2005-0466
@@ -40000,7 +40007,7 @@
- kernel-source-2.4.27 <not-affected> (intlen and outlen are unsigned in 2.4)
CVE-2005-0179 (Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of ...)
[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was only introduced in 2.6.9)
- TODO: Check, when this was fixed in 2.6
+ - linux-2.6 <not-affected> (Fixed before initial release)
CVE-2005-0178 (Race condition in the setsid function in Linux before 2.6.8.1 allows ...)
- kernel-source-2.4.27 <not-affected> (v2.4 is safe because back there current->signal was not shared.)
- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.8.1)
@@ -40653,7 +40660,6 @@
CVE-2004-1308 (Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff ...)
{DSA-617-1}
- tiff 3.6.1-4
- TODO: other packages containing libtiff code may be vulnerable, e.g. kfax
CVE-2004-1307 (Integer overflow in the TIFFFetchStripThing function in tif_dirread.c ...)
- tiff 3.7.0 (low)
CVE-2004-1306 (Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 ...)
More information about the Secure-testing-commits
mailing list