[Secure-testing-commits] r5863 - data/DTSA/advs

[stef-guest at alioth.debian.org]

Author: stef-guest
Date: 2007-05-17 12:18:22 +0000 (Thu, 17 May 2007)
New Revision: 5863

Added:
   data/DTSA/advs/36-mydns.adv
   data/DTSA/advs/37-clamav.adv
Log:
advs for clamav and mydns

Added: data/DTSA/advs/36-mydns.adv
===================================================================
--- data/DTSA/advs/36-mydns.adv	                        (rev 0)
+++ data/DTSA/advs/36-mydns.adv	2007-05-17 12:18:22 UTC (rev 5863)
@@ -0,0 +1,14 @@
+source: mydns
+date: April 30th, 2007
+author: Stefan Fritsch
+vuln-type: multiple buffer overflows
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-2362
+vendor-advisory: 
+testing-fix: 1:1.1.0-7.1lenny1
+sid-fix: 1:1.1.0-8
+upgrade: apt-get upgrade
+
+Multiple buffer overflows in MyDNS allow remote attackers to cause a denial of 
+service (daemon crash) and possibly execute arbitrary code.

Added: data/DTSA/advs/37-clamav.adv
===================================================================
--- data/DTSA/advs/37-clamav.adv	                        (rev 0)
+++ data/DTSA/advs/37-clamav.adv	2007-05-17 12:18:22 UTC (rev 5863)
@@ -0,0 +1,27 @@
+source: clamav
+date: April 30th, 2007
+author: Stefan Fritsch
+vuln-type: several vulnerabilities
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-1745 CVE-2007-1997 CVE-2007-2029
+vendor-advisory: 
+testing-fix: 0.90.1-3lenny1
+sid-fix: 0.90.2-1
+upgrade: apt-get upgrade
+
+Several remote vulnerabilities have been discovered in the Clam anti-virus 
+toolkit. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2007-1745 
+It was discovered that a file descriptor leak in the CHM handler may lead to 
+denial of service.
+
+CVE-2007-1997 
+It was discovered that a buffer overflow in the CAB handler may lead to the 
+execution of arbitrary code.
+
+CVE-2007-2029 
+It was discovered that a file descriptor leak in the PDF handler may lead to 
+denial of service.