[Secure-testing-commits] r6070 - in data: . CVE
keescook-guest at alioth.debian.org
keescook-guest at alioth.debian.org
Wed Jun 27 23:30:05 UTC 2007
Author: keescook-guest
Date: 2007-06-27 23:30:04 +0000 (Wed, 27 Jun 2007)
New Revision: 6070
Modified:
data/CVE/list
data/mopb.txt
Log:
NFUs: 5
unfixed: php4 php5 tomcat5 tomcat5.5
fixed: linux-2.6 php5
not-affected: apache2
removed: tomcat4
MOPB: added a missing CVE
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-06-27 21:14:30 UTC (rev 6069)
+++ data/CVE/list 2007-06-27 23:30:04 UTC (rev 6070)
@@ -155,9 +155,9 @@
CVE-2007-3373 (daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear ...)
TODO: check
CVE-2006-7209 (Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA ...)
- TODO: check
+ NOT-FOR-US: phpTrafficA
CVE-2006-7208 (PHP remote file inclusion vulnerability in download.php in the Adam ...)
- TODO: check
+ NOT-FOR-US: phpBB component com_forum
CVE-2003-1332 (Stack-based buffer overflow in the reply_nttrans function in Samba ...)
TODO: check
CVE-2003-1331 (Stack-based buffer overflow in the mysql_real_connect function in the ...)
@@ -286,7 +286,7 @@
CVE-2007-3323 (SQL injection vulnerability in comersus_optReviewReadExec.asp in ...)
NOT-FOR-US: Comersus Shop Cart
CVE-2006-7207 (Buffer overflow in ageet AGEphone before 1.4.0 might allow remote ...)
- TODO: check
+ NOT-FOR-US: AGEphone
CVE-2006-7206 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
TODO: check
CVE-2007-4168
@@ -447,9 +447,9 @@
CVE-2007-3247 (SQL injection vulnerability in VirtueMart before 1.0.11 allows remote ...)
TODO: check
CVE-2005-4847 (Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack ...)
- TODO: check
+ NOT-FOR-US: Spey
CVE-2005-4846 (Format string vulnerability in Logger.cc for Spey 0.3.3 allows ...)
- TODO: check
+ NOT-FOR-US: Spey
CVE-2007-3246 (The do_set_password function in modules/chanserv/set.c in IRC Services ...)
TODO: check
CVE-2007-3245 (IRC Services before 5.0.62, and 5.1 before 5.1pre3, allows remote ...)
@@ -1462,9 +1462,12 @@
CVE-2007-2798 (Stack-based buffer overflow in the rename_principal_2_svc function in ...)
- krb5 <unfixed> (high; bug #430785)
CVE-2006-7205 (The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 ...)
- TODO: check
+ - php4 <unfixed> (unimportant)
+ - php5 <unfixed> (unimportant)
+ NOTE: local DoS when Apache memory limit is set high
CVE-2006-7204 (The imap_body function in PHP before 4.4.4 does not implement safemode ...)
- TODO: check
+ - php4 <unfixed> (unimportant)
+ NOTE: open_basedir bypasses not supported
CVE-2003-1330 (Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on ...)
TODO: check
CVE-2001-1581 (The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows ...)
@@ -3548,7 +3551,8 @@
CVE-2007-1863
RESERVED
CVE-2007-1862 (The recall_headers function in mod_mem_cache in Apache 2.2.4 does not ...)
- TODO: check
+ - apache2 <not-affected> (low)
+ NOTE: this is actually only vulnerable in Apache 2.2.4
CVE-2007-1861 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...)
{DSA-1289-1}
- linux-2.6 2.6.21-1
@@ -4062,7 +4066,7 @@
CVE-2007-1650 (pcapsipdump.cpp in pcapsipdump before 0.1.3 allows remote attackers to ...)
NOT-FOR-US: pcapsipdump
CVE-2007-1649 (PHP 5.2.1 allows context-dependent attackers to read portions of heap ...)
- - php5 <unfixed>
+ - php5 5.2.2-1
[etch] - php5 <not-affected> (Only affects PHP 5.2.1)
CVE-2007-1648 (0irc 1345 build 20060823 allows remote attackers to cause a denial of ...)
NOT-FOR-US: 0irc
@@ -4791,7 +4795,9 @@
CVE-2007-1356
RESERVED
CVE-2007-1355 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ - tomcat4 <removed> (low)
+ - tomcat5 <unfixed> (low)
+ - tomcat5.5 <unfixed> (low)
CVE-2007-1354
RESERVED
CVE-2007-1353 (The setsockopt function in the L2CAP and HCI Bluetooth support in the ...)
@@ -6572,7 +6578,7 @@
[etch] - libapache-mod-jk <not-affected>
NOTE: affects only 1.2.19 and 1.2.20
CVE-2007-0773 (The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users ...)
- TODO: check
+ - linux-2.6 2.6.12-1
CVE-2007-0772 (The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows ...)
- linux-2.6 2.6.18.dfsg.1-11
CVE-2007-0771 (Unspecified vulnerability in the utrace support for Linux kernel ...)
@@ -7367,7 +7373,8 @@
CVE-2007-0449 (Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve ...)
NOT-FOR-US: CA BrightStor
CVE-2007-0448 (The fopen function in PHP 5.2.0 does not properly handle invalid URI ...)
- TODO: check
+ - php5 <unfixed> (unimportant)
+ NOTE: open_basedir bypasses not supported
CVE-2007-0447
RESERVED
CVE-2007-0446 (Stack-based buffer overflow in magentproc.exe for Hewlett-Packard ...)
Modified: data/mopb.txt
===================================================================
--- data/mopb.txt 2007-06-27 21:14:30 UTC (rev 6069)
+++ data/mopb.txt 2007-06-27 23:30:04 UTC (rev 6070)
@@ -108,7 +108,7 @@
#N/A -> register_globals not supported, already fixed in DSA-1264, dupe CVE-2007-0910/CVE-2007-1701 (php4 & php5, very hard to trigger remotely, code execution)
29 PHP 5.2.1 unserialize() Information Leak Vulnerability
-#N/A -> Only affects PHP 5.2.1 (heap leak via broken "S" unserializer, which should maybe be removed from 5.2.1, since it is only for future compatibility and is totally broken?)
+#N/A -> Only affects PHP 5.2.1, CVE-2007-1649 (heap leak via broken "S" unserializer, which should maybe be removed from 5.2.1, since it is only for future compatibility and is totally broken?)
[MOPB-29-php5.diff]
28 PHP hash_update_file() Already Freed Resource Access Vulnerability
More information about the Secure-testing-commits
mailing list