Author: jmm-guest
Date: 2005-12-18 15:25:40 +0000 (Sun, 18 Dec 2005)
New Revision: 3089
Modified:
data/CVE/list
Log:
more syntax conversions
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-12-18 13:13:59 UTC (rev 3088)
+++ data/CVE/list 2005-12-18 15:25:40 UTC (rev 3089)
@@ -16511,9 +16511,10 @@
CVE-2004-0660 (Cross-site scripting (XSS) vulnerability in (1)
show_archives.php, (2) ...)
NOT-FOR-US: CuteNews
CVE-2004-0659 (Buffer overflow in TranslateFilename for common.c in MPlayer
1.0pre4 ...)
- NOT-FOR-US: mplayer
+ - mplayer <itp> (bug #113238)
CVE-2004-0658 (Integer overflow in the hpsb_alloc_packet function (incorrectly
...)
- NOTE: invalid according to www.osvdb.org/7253
+ - linux-2.6 <not-affected> (Invalid, according to Ben Collins)
+ - kernel-source-2.4.27 <not-affected> (Invalid, according to Ben
Collins)
CVE-2004-0657 (Integer overflow in the NTP daemon (NTPd) before 4.0 causes the
NTP ...)
- ntp 4.0
CVE-2004-0656 (The accept_client function in PureFTPd 1.0.18 and earlier allows
...)
@@ -16527,8 +16528,7 @@
CVE-2004-0652 (BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service
Pack ...)
NOT-FOR-US: BEA WebLogic Server and WebLogic Express
CVE-2004-0651 (Unknown vulnerability in Sun Java Runtime Environment (JRE)
1.4.2 ...)
- NOTE: JRE is not in Debian, assuming the various wrappers handle
- NOTE: the new version. Not worrying about upgrades.
+ NOT-FOR-US: Sun JRE
CVE-2004-0650 (UploadServlet in Cisco Collaboration Server (CCS) running
ServletExec ...)
NOT-FOR-US: Cisco
CVE-2004-0649 (Buffer overflow in write_packet in control.c for l2tpd may allow
...)
@@ -16589,10 +16589,10 @@
NOT-FOR-US: adobe acrobat
CVE-2004-0628 (Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and
5.0, ...)
TODO: Check, which 4.1 and 5.0 versions fixed this
- - mysql-dfsg <not-affected> (Apparently 3.2 not exploitable, see
#330164)
+ - mysql <not-affected> (Apparently 3.2 not exploitable, see #330164)
- mysql-dfsg <not-affected> (Apparently 4.0 not exploitable, see
#330164)
CVE-2004-0627 (The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and
5.0, ...)
- - mysql-dfsg <not-affected> (Apparently 3.2 not exploitable, see
#330164)
+ - mysql <not-affected> (Apparently 3.2 not exploitable, see #330164)
- mysql-dfsg <not-affected> (Apparently 4.0 not exploitable, see
#330164)
- mysql-dfsg-4.1 4.1.11a-1 (bug #330164; medium)
- mysql-dfsg-5.0 <not-affected> (Was fixed before MySQL 5.0 was uploaded
into the archive)
@@ -16642,11 +16642,11 @@
NOT-FOR-US: Infoblox DNS One
CVE-2004-0605 (Non-registered IRC users using (1) ircd-hybrid 7.0.1 and
earlier, (2) ...)
NOTE: Dossibly fixed in ircd-hybrid 7.0.2: "fixed flood limit bug".
- NOTE: Does not match posted patch. Mailed Debian maintainer.
+ TODO: Check: Does not match posted patch. Mailed Debian maintainer.
CVE-2004-0604 (The HTTP client and server in giFT-FastTrack 0.8.6 and earlier
allows ...)
NOT-FOR-US: giFT-FastTrack not in debian
CVE-2004-0603 (gzexe in gzip 1.3.3 and earlier will execute an argument when
the ...)
- NOT-FOR-US: Gentoo-specific bug in gzip introduced by botched security fix
+ - gzip <not-affected> (Gentoo-specific bug in gzip introduced by botched
security fix)
CVE-2004-0602 (The binary compatibility mode for FreeBSD 4.x and 5.x does not
...)
NOT-FOR-US: FreeBSD
CVE-2004-0601 (distcc before 2.16, when running on 64-bit platforms, does not
...)
@@ -16666,7 +16666,9 @@
- libpng 1.0.15-6
- libpng3 1.2.5.0-7
CVE-2004-0596 (The Equalizer Load-balancer for serial network interfaces
(eql.c) in ...)
- NOTE: Fixed in upstream ( <= 2.6.7)
+ - linux-2.6 <not-affected> (Fixed before upload into archive)
+ TODO: Check, which version fixed this
+ TODO: Check 2.4
CVE-2004-0595 (The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to
...)
{DSA-669-1 DSA-531}
- php3 3:3.0.18-27
@@ -16674,8 +16676,7 @@
CVE-2004-0594 (The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x
up to ...)
{DSA-669-1 DSA-531}
- php4 4:4.3.8-1
- NOTE: DSA claims PHP3 is vulnerable, but this is not mentioned
- NOTE: in the changelog.
+ TODO: DSA claims PHP3 is vulnerable, but this is not mentioned in the
changelog.
CVE-2004-0593 (Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic
before ...)
NOT-FOR-US: Sygate Enforcer
CVE-2004-0592
@@ -16739,8 +16740,8 @@
CVE-2004-0566 (Integer overflow in imgbmp.cxx for Windows 2000 allows remote
...)
NOT-FOR-US: Windows
CVE-2004-0565 (Floating point information leak in the context switch code for
Linux ...)
- NOTE: ia64 only
- NOTE: appears fixed in 2.4.27/2.6.8
+ - kernel-source-2.4.27 2.4.27-1
+ TODO: Check 2.6
CVE-2004-0564 (Roaring Penguin pppoe (rp-ppoe), if installed or configured to
run ...)
{DSA-557-1}
- rp-pppoe 3.5-4
@@ -16752,11 +16753,11 @@
CVE-2004-0561 (Format string vulnerability in the log routine for gopher daemon
...)
{DSA-638-1}
- gopher 3.0.6
- NOTE: deprecated in favor of pygopherd
+ NOTE: removed, deprecated in favor of pygopherd
CVE-2004-0560 (Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote
...)
{DSA-638-1}
- gopher 3.0.6
- NOTE: deprecated in favor of pygopherd
+ NOTE: removed, deprecated in favor of pygopherd
CVE-2004-0559 (The maketemp.pl script in Usermin 1.070 and 1.080 allows local
users ...)
{DSA-544-1}
- webmin 1.160-1
@@ -16775,6 +16776,8 @@
CVE-2004-0554 (Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause
a ...)
- kernel-source-2.4.27 2.4.27-1
- linux-2.6 2.6.12-1 (bug #261521)
+ TODO: Check 2.6, entries look flaky
+ TODO: Check 2.4, entries look flaky
CVE-2004-0553
RESERVED
CVE-2004-0552 (Sophos Small Business Suite 1.00 on Windows does not properly
handle ...)
@@ -16799,7 +16802,7 @@
CVE-2004-0543 (Multiple SQL injection vulnerabilities in Oracle Applications
11.0 and ...)
NOT-FOR-US: Oracle
CVE-2004-0542 (PHP before 4.3.7 on Win32 platforms does not properly filter all
shell ...)
- NOT-FOR-US: php4 bug only affects Windows
+ - php4 <not-affected> (Only affects Windows)
CVE-2004-0541 (Buffer overflow in the ntlm_check_auth (NTLM authentication)
function ...)
- squid 2.5.5-5
CVE-2004-0540 (Microsoft Windows 2000, when running in a domain whose Fully
Qualified ...)
@@ -16813,7 +16816,8 @@
CVE-2004-0536 (Format string vulnerability in Tripwire commercial 4.0.1 and
earlier, ...)
- tripwire 2.3.1.2.0-2.1
CVE-2004-0535 (The e1000 driver for Linux kernel 2.4.26 and earlier does not
properly ...)
- NOTE: fixed in 2.4.27
+ - kernel-source-2.4.27 2.4.27-1
+ TODO: Check 2.6
CVE-2004-0534 (Cross-site scripting (XSS) vulnerability in Business Objects
InfoView ...)
NOT-FOR-US: Business Objects WebIntelligence
CVE-2004-0533 (Business Objects WebIntelligence 2.7.0 through 2.7.4 only
enforces ...)
@@ -16823,14 +16827,13 @@
CVE-2004-0531
RESERVED
CVE-2004-0530 (The PHP package in Slackware 8.1, 9.0, and 9.1, when linked
against a ...)
- NOT-FOR-US: Slackware specific rpath issue
+ - php4 <not-affected> (Slackware specific rpath issue)
CVE-2004-0529 (The modified suexec program in cPanel, when configured for
mod_php and ...)
NOT-FOR-US: cPanel is not our cpanel
CVE-2004-0528 (Netscape Navigator 7.1 allows remote attackers to spoof a
legitimate ...)
NOT-FOR-US: Netscape Navigator 7.1
CVE-2004-0527 (KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a
...)
- NOTE: konquror 2.2.2 and earlier, later should not be vulnerale
- NOTE: but did not check in detail
+ - kdebase 2.2.3
CVE-2004-0526 (Unknown versions of Internet Explorer and Outlook allow remote
...)
NOT-FOR-US: Windows
CVE-2004-0525 (HP Integrated Lights-Out (iLO) 1.10 and other versions before
1.55 ...)
@@ -16895,11 +16898,12 @@
CVE-2004-0498 (The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and
...)
NOT-FOR-US: StoneSoft firewall engine
CVE-2004-0497 (Unknown vulnerability in Linux kernel 2.x may allow local users
to ...)
- NOTE: linux kernel fchown hole, fixed in all current kernels
+ - kernel-source-2.4.27 2.4.27-1
+ TODO: Check 2.6
CVE-2004-0496 (Multiple unknown vulnerabilities in Linux kernel 2.6 allow local
users ...)
NOTE: fixed in 2.6.7
CVE-2004-0495 (Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6
allow ...)
- NOTE: fixed in 2.4.27-rc1
+ - kernel-source-2.4.27 <not-affected> (Fixed before upload into archive;
2.4.27-rc1)
CVE-2004-0494 (Multiple extfs backend scripts for GNOME virtual file system
(VFS) ...)
- gnome-vfs 1.0.1
TODO: Fedora fixed this in a recent mc advisory, we should double-check
whether
@@ -16973,7 +16977,6 @@
CVE-2004-0462 (The built-in web servers for multiple networking devices do not
set ...)
NOT-FOR-US: Multiple embedded hardware vendors
CVE-2004-0461 (The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13,
when ...)
- NOTE: debian probably not vulnerable
- dhcp3 3.0.1
CVE-2004-0460 (Buffer overflow in the logging capability for the DHCP daemon
(DHCPD) ...)
- dhcp3 3.0.1
@@ -17041,8 +17044,8 @@
{DSA-504}
- heimdal 0.6.2-1
CVE-2004-0433 (Multiple buffer overflows in the Real-Time Streaming Protocol
(RTSP) ...)
- NOTE: mplayer not in Debian
- - xine-lib 1-rc4
+ - mplayer <itp> (bug #113238)
+ - xine-lib 1-rc4
CVE-2004-0432 (ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR
based ACL ...)
- proftpd 1.2.9-4
CVE-2004-0431 (Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1
...)
@@ -17064,9 +17067,11 @@
CVE-2004-0424 (Integer overflow in the ip_setsockopt function in Linux kernel
2.4.22 ...)
NOTE: fixed after 2.6.4/2.4.26 kernel
CVE-2004-0423 (The log_event function in ssmtp 2.50.6 and earlier allows local
users ...)
+ - ssmtp <unfixed> (unimportant)
NOTE: bug still exists in the ssmtp source, but is only activated if
NOTE: --enable-logfile is used in ./configure
NOTE: The package doesn''t enable that flag so it is safe.
+ TODO: Check, whether this is fixed by now
CVE-2004-0422 (flim before 1.14.3 creates temporary files insecurely, which
allows ...)
{DSA-500}
- flim 1:1.14.6+0.20040415-1
@@ -17077,7 +17082,7 @@
CVE-2004-0420 (The Windows Shell application in Windows 98, Windows ME, Windows
NT ...)
NOT-FOR-US: windows
CVE-2004-0419 (XDM in XFree86 opens a chooserFd TCP socket even when ...)
- NOTE: reserved (baruch)
+ TODO: Check
CVE-2004-0418 (serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through
1.11.16, ...)
{DSA-519}
- cvs 1:1.12.9-1
@@ -17088,7 +17093,7 @@
{DSA-519}
- cvs 1:1.12.9-1
CVE-2004-0415 (Linux kernel does not properly convert 64-bit file offset
pointers to ...)
- NOTE: fixed in 2.4.27-rc6, so fixed in kernel-source-2.4.27
+ - kernel-source-2.4.27 <not-affected> (Fixed before upload into archive;
2.4.27-rc6)
CVE-2004-0414 (CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not
...)
{DSA-517}
- cvs 1:1.12.9-1
@@ -17101,7 +17106,6 @@
- kdelibs 4:3.2.3
CVE-2004-0410
RESERVED
- NOTE: An empty CVE, never published.
CVE-2004-0409 (Stack-based buffer overflow in the Socks-5 proxy code for XChat
1.8.0 ...)
{DSA-493}
- xchat 2.0.8-1
@@ -17140,8 +17144,7 @@
- cadaver 0.22.1-3
- neon 0.24.6.dfsg-1
CVE-2004-0397 (Stack-based buffer overflow during the apr_time_t data
conversion in ...)
- - subversion 1.0.3-1
- NOTE: fix history: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=249791
+ - subversion 1.0.3-1 (bug #249791)
CVE-2004-0396 (Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and
1.12.x up ...)
{DSA-505}
- cvs 1:1.12.5-6
@@ -17149,9 +17152,9 @@
{DSA-509}
- gatos 0.0.5-12
CVE-2004-0394 (A "potential" buffer overflow exists in the
panic() function in Linux ...)
- NOTE: apparently not very exploitable, does not affect 2.6
+ - linux-2.6 <not-affected>
NOTE: patch: http://www.ultramonkey.org/bugs/cve-patch/CVE-2004-0394.patch
- NOTE: not fixed in 2.4.27 by inspection, didn''t bother with a bug
+ TODO: not fixed in 2.4.27 by inspection, didn''t bother with a bug
CVE-2004-0393 (Format string vulnerability in the msg function for rlpr daemon
...)
{DSA-524}
- rlpr 2.02-7.1 (bug #255402)
@@ -17169,7 +17172,7 @@
CVE-2004-0387 (Stack-based buffer overflow in the RT3 plugin, as used in
RealPlayer ...)
NOT-FOR-US: RealPlayer plugin
CVE-2004-0386 (Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and
earlier, ...)
- NOT-FOR-US: mplayer; not in the archive
+ - mplayer <itp> (bug #113238)
CVE-2004-0385 (Heap-based buffer overflow in Oracle 9i Application Server Web
Cache ...)
NOT-FOR-US: Oracle 9i Application Server Web Cache
CVE-2004-0384
@@ -17188,7 +17191,7 @@
CVE-2004-0378
RESERVED
CVE-2004-0377 (Buffer overflow in the win32_stat function for (1)
ActiveState''s ...)
- NOT-FOR-US: perl; Win32 is affected, UNIX systems not
+ - perl <not-affected> (Win32 specific)
CVE-2004-0376 (oftpd 0.3.6 and earlier allows remote attackers to cause a
denial of ...)
{DSA-473}
- oftpd 20040304-1
@@ -17550,31 +17553,31 @@
{DSA-478}
- tcpdump 3.7.2-4
CVE-2004-0182 (Mailman before 2.0.13 allows remote attackers to cause a denial
of ...)
- NOT-FOR-US: mailman; RedHat specific bug
+ - mailman <not-affected> (RedHat specific bug)
CVE-2004-0181 (The JFS file system code in Linux 2.4.x has an information leak
in ...)
NOTE: fixed in 2.4.26-pre5
CVE-2004-0180 (The client for CVS before 1.11 allows a remote malicious CVS
server to ...)
{DSA-486}
+ TODO: Check for the sid fix
CVE-2004-0179 (Multiple format string vulnerabilities in (1) neon 0.24.4 and
earlier, ...)
{DSA-487}
- neon 0.24.5-1
CVE-2004-0178 (The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x
before ...)
{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
- - kernel-source-2.4.27 2.4.27-1
- NOTE: fixed in 2.4.26-pre3
+ TODO: Check 2.6
+ - kernel-source-2.4.27 <not-affected> (Fixed before upload into archive;
2.4.26-pre3)
CVE-2004-0177 (The ext3 code in Linux 2.4.x before 2.4.26 does not properly
...)
{DSA-495 DSA-491 DSA-489 DSA-482 DSA-481 DSA-480 DSA-479}
- - kernel-source-2.4.27 2.4.27-1
- NOTE: fixed in 2.4.26-pre4
+ TODO: Check 2.6
+ - kernel-source-2.4.27 <not-affected> (Fixed before upload into archive;
2.4.26-pre4)
CVE-2004-0176 (Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow
remote ...)
{DSA-511}
- ethereal 0.10.3-1 (bug #239576)
CVE-2004-0175 (Directory traversal vulnerability in scp for OpenSSH before
3.4p1 ...)
- NOTE: openssh bug #270770
+ - openssh <unfixed> (bug #270770)
NOTE: this bug is old and known; see the bug discussion for further
information.
NOTE: apparently the security team thinks this is a minor issue; nevertheless,
NOTE: the bug is still open, so they should close it if it really is
neglectible.
- NOTE: not listed in usual format since I''m tired of looking at it in
the report -- JEH
CVE-2004-0174 (Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using
...)
- apache 1.3.29.0.2-5
CVE-2004-0172 (Heap-based buffer overflow in the search_for_command function of
...)