[Secure-testing-commits] r5584 - in data: . CVE

Sat Mar 24 12:08:10 CET 2007

Author: jmm-guest
Date: 2007-03-24 11:08:07 +0000 (Sat, 24 Mar 2007)
New Revision: 5584

Modified:
   data/CVE/list
   data/mopb.txt
Log:
more MOPB updates (Sean, please double-check if you find the time)


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2007-03-24 10:59:38 UTC (rev 5583)
+++ data/CVE/list	2007-03-24 11:08:07 UTC (rev 5584)
@@ -233,7 +233,9 @@
 CVE-2007-1485 (** DISPUTED ** ...)
 	NOT-FOR-US: LIBFtp
 CVE-2007-1484 (The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x ...)
-	TODO: check
+	- php4 <unfixed> (unimportant)
+	- php5 <unfixed> (unimportant)
+	NOTE: Internal function, only triggerable by malicious script
 CVE-2007-1483 (Multiple PHP remote file inclusion vulnerabilities in WebCalendar ...)
 	- webcalendar <unfixed> (high)
 	NOTE: Requested removal from the archive
@@ -283,7 +285,7 @@
 	- php5 <unfixed> (unimportant)
 	NOTE: Safemode and open_basedir bypasses not supported
 CVE-2007-1460 (The zip:// URL wrapper provided by the PECL zip extension in PHP 5.2.0 ...)
-	- php5 <unfixed> (low)
+	- php5 <unfixed> (unimportant)
 	NOTE: Safemode and open_basedir bypasses not supported
 CVE-2007-1459 (Multiple PHP remote file inclusion vulnerabilities in WebCreator ...)
 	NOT-FOR-US: WebCreator
@@ -296,9 +298,9 @@
 CVE-2007-1455 (Multiple absolute path traversal vulnerabilities in Fantastico, as ...)
 	NOT-FOR-US: Fantastico
 CVE-2007-1454 (ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the ...)
-	TODO: check
+	- php5 <unfixed> (medium)
 CVE-2007-1453 (Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering ...)
-	TODO: check
+	- php5 <unfixed> (medium)
 CVE-2007-1452 (The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement ...)
 	TODO: check
 CVE-2007-1451 (GuppY 4.0 allows remote attackers to delete arbitrary files via a ...)

Modified: data/mopb.txt
===================================================================
--- data/mopb.txt	2007-03-24 10:59:38 UTC (rev 5583)
+++ data/mopb.txt	2007-03-24 11:08:07 UTC (rev 5584)
@@ -14,7 +14,7 @@
 #TODO Should be fixed for PHP5, Sarge is not affected, CVE-2007-1584
 
 24  PHP array_user_key_compare() Double DTOR Vulnerability
-N/A Internal function, only triggerable by malicious script
+#N/A Internal function, only triggerable by malicious script, CVE-2007-1484
 
 23  PHP 5 Rejected Session Identifier Double Free Vulnerability
 TODO It's not yet clear, whether this can be exploited from a remote attacker
@@ -23,16 +23,16 @@
 TODO It's not yet clear, whether this can be exploited from a remote attacker
 
 21  PHP compress.bzip2:// URL Wrapper safemode and open_basedir Bypass Vulnerability
-N/A Safemode and open_basedir bypasses not supported
+#N/A Safemode and open_basedir bypasses not supported, CVE-2007-1461
 
 20  PHP zip:// URL Wrapper safemode and open_basedir Bypass Vulnerability
-N/A Safemode and open_basedir bypasses not supported
+#N/A Safemode and open_basedir bypasses not supported, CVE-2007-1460
 
 19 PHP ext/filter Space Trimming Buffer Underflow Vulnerability
-TODO for PHP5. Sarge not affected.
+#TODO for PHP5. Sarge not affected. CVE-2007-1453
 
 18  PHP ext/filter HTML Tag Stripping Bypass Vulnerability
-TODO for PHP5. Sarge not affected.
+#TODO for PHP5. Sarge not affected. CVE-2007-1453
 
 17  PHP ext/filter FDF Post Bypass Vulnerability
 TODO(low) -> ...or possibly "broken as designed". Sarge is not affected.
@@ -54,7 +54,7 @@
 N/A -> applies to modsecurity, not packaged for sarge/etch/(sid?)
 
 11  PHP WDDX Session Deserialization Information Leak Vulnerability
-Fixed in DSA-1264. CVE-2007-0908
+#Fixed in DSA-1264. CVE-2007-0908
 
 10  PHP php_binary Session Deserialization Information Leak  Vulnerability
 TODO(low) -> Can only leak 127 bytes of data


