[Secure-testing-commits] r5915 - data/DTSA/advs
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Thu May 24 19:54:49 UTC 2007
Author: stef-guest
Date: 2007-05-24 19:54:49 +0000 (Thu, 24 May 2007)
New Revision: 5915
Added:
data/DTSA/advs/40-php4.adv
Removed:
data/DTSA/advs/44-kdelibs.adv
Modified:
data/DTSA/advs/39-qemu.adv
Log:
php4 adv; remove never released kdelibs adv
Modified: data/DTSA/advs/39-qemu.adv
===================================================================
--- data/DTSA/advs/39-qemu.adv 2007-05-24 18:23:41 UTC (rev 5914)
+++ data/DTSA/advs/39-qemu.adv 2007-05-24 19:54:49 UTC (rev 5915)
@@ -1,4 +1,4 @@
-source: samba
+source: qemu
date: May 24th, 2007
author: Stefan Fritsch
vuln-type: several vulnerabilities
Added: data/DTSA/advs/40-php4.adv
===================================================================
--- data/DTSA/advs/40-php4.adv (rev 0)
+++ data/DTSA/advs/40-php4.adv 2007-05-24 19:54:49 UTC (rev 5915)
@@ -0,0 +1,58 @@
+source: php4
+date: May 24th, 2007
+author: Stefan Fritsch
+vuln-type: several vulnerabilities
+problem-scope: remote
+debian-specifc: no
+cve: CVE-2007-1286 CVE-2007-1380 CVE-2007-1521 CVE-2007-1583 CVE-2007-1718 CVE-2007-1777 CVE-2007-2509
+vendor-advisory:
+testing-fix: 6:4.4.4-9lenny1
+sid-fix: 6:4.4.6-2
+upgrade: apt-get upgrade
+
+IMPORTANT NOTE:
+ php4 will be removed from testing (lenny); thus you are strongly
+ advised to migrate to php5. If you cannot upgrade, you should
+ consider using the stable distribution (etch) instead.
+
+Several remote vulnerabilities have been discovered in PHP, a
+server-side, HTML-embedded scripting language, which may lead to the
+execution of arbitrary code. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CVE-2007-1286
+ Stefan Esser discovered an overflow in the object reference handling
+ code of the unserialize() function, which allows the execution of
+ arbitrary code if malformed input is passed from an application.
+
+CVE-2007-1380
+ Stefan Esser discovered that the session handler performs
+ insufficient validation of variable name length values, which allows
+ information disclosure through a heap information leak.
+
+CVE-2007-1521
+ Stefan Esser discovered a double free vulnerability in the
+ session_regenerate_id() function, which allows the execution of
+ arbitrary code.
+
+CVE-2007-1538
+ Stefan Esser discovered that the mb_parse_str function sets the internal
+ register_globals flag and does not disable it in certain cases when a script
+ terminates, which allows remote attackers to invoke available PHP scripts with
+ register_globals functionality that is not detectable by these scripts
+
+CVE-2007-1718
+ Stefan Esser discovered that the mail() function performs
+ insufficient validation of folded mail headers, which allows mail
+ header injection.
+
+CVE-2007-1777
+ Stefan Esser discovered that the extension to handle ZIP archives
+ performs insufficient length checks, which allows the execution of
+ arbitrary code.
+
+CVE-2007-2509
+ It was discovered that the ftp extension of PHP, a server-side,
+ HTML-embedded scripting language performs insufficient input sanitising,
+ which permits an attacker to execute arbitrary FTP commands. This
+ requires the attacker to already have access to the FTP server.
Deleted: data/DTSA/advs/44-kdelibs.adv
===================================================================
--- data/DTSA/advs/44-kdelibs.adv 2007-05-24 18:23:41 UTC (rev 5914)
+++ data/DTSA/advs/44-kdelibs.adv 2007-05-24 19:54:49 UTC (rev 5915)
@@ -1,15 +0,0 @@
-source: kdelibs
-date: September 13th, 2005
-author: Moritz Muehlenhoff
-vuln-type: insecure default permissions
-problem-scope: local
-debian-specifc: no
-cve: CVE-2005-1920
-vendor-advisory:
-testing-fix: 4:3.3.2-6.1etch1
-sid-fix: 4:3.4.2-1
-upgrade: apt-get install kdelibs4
-
-kate always created backup files for edited files with default permissions,
-even if the original permissions were stricter. This could lead to information
-disclosure.
\ No newline at end of file
More information about the Secure-testing-commits
mailing list