Author: micah
Date: 2005-02-17 20:30:25 +0100 (Thu, 17 Feb 2005)
New Revision: 428
Modified:
sarge-checks/CAN/list
Log:
Ticked off some more, claimed all the kernel team checks
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-02-17 18:44:44 UTC (rev 427)
+++ sarge-checks/CAN/list 2005-02-17 19:30:25 UTC (rev 428)
@@ -827,12 +827,13 @@
NOTE: not-for-us (mod_dosevasive module for apache)
CAN-2005-0181
NOTE: reserved
-begin claimed by micah
CAN-2005-0180 (Multiple integer signedness errors in the sg_scsi_ioctl function
in ...)
- TODO: check with kernel team
+ NOTE: Fixed in 2.6.8-12
+ - kernel-source-2.6.8 2.6.8-12
CAN-2005-0179 (Linux kernel 2.4.x and 2.6.x allows local users to cause a
denial of ...)
- TODO: check with kernel team
-end claimed by micah
+ NOTE: Does not apply to 2.6.8
+ NOTE: Fixed in 2.6.9-6 to be uploaded
+ - kernel-source-2.6.9 2.6.9-6
CAN-2005-0178
NOTE: reserved
NOTE: see USN-82-1
@@ -1339,8 +1340,10 @@
- mysql-dfsg-4.1 4.1.8a-6
- mysql-dfsg 4.0.23-3
CAN-2005-0003 (The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on
64-bit ...)
- TODO: check with kernel team
NOTE: 2.4 unaffected; 64 bit arches only
+ NOTE: fixed in 2.6.9-3 and 2.6.8-9 according to joshk
+ - kernel-source-2.6.8 2.6.8-9
+ - kernel-source-2.6.9 2.6.9-3
CAN-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password,
does not ...)
NOTE: not-for-us (poppassd_pam)
CAN-2005-0001 (Race condition in the page fault handler (fault.c) for Linux
kernel ...)
@@ -1356,16 +1359,21 @@
NOTE: not-for-us (oracle)
CAN-2004-1337 (The POSIX Capability Linux Security Module (LSM) for Linux
kernel 2.6 ...)
NOTE: <dilinger> joeyh: we''re mostly not vulnerable, because
the module is generally loaded from the initrd (or very early on at some point)
+ NOTE: micah checking with kernel team
TODO: re-check with kernel team re fix
NOTE: apparently it only affects 2.6
CAN-2004-1336 (The xdvizilla script in tetex-bin 2.0.2 creates temporary files
with ...)
- tetex-bin 2.0.2-25
CAN-2004-1335 (Memory leak in the ip_options_get function in the Linux kernel
before ...)
- kernel-source-2.6.8 2.6.8-11
+ NOTE: micah checking with kernel team
+ NOTE: 14:26 <joshk> ok, you got me there 14:27 <joshk> applying
now
TODO: what about 2.4? Vulnerable according to advisory.
CAN-2004-1334 (Integer overflow in the ip_options_get function in the Linux
kernel ...)
+ NOTE: micah checking with kernel team
TODO: re-check with kernel team (was unfixed before)
CAN-2004-1333 (Integer overflow in the vc_resize function in the Linux kernel
2.4 and ...)
+ NOTE: micah checking with kernel team
- kernel-source-2.6.8 2.6.8-11
TODO: what about 2.4?
CAN-2004-1332 (Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i,
with ...)
@@ -1684,9 +1692,11 @@
CAN-2004-1192 (Format string vulnerability in the lprintf function in
Citadel/UX 6.27 ...)
NOTE: not-for-us (Citadel/UX)
CAN-2004-1191 (Race condition in SuSE Linux 8.1 through 9.2, when run on SMP
systems ...)
+ NOTE: micah checking with kernel team
TODO: check with kernel team
NOTE: looks like 2.4 is ok, 2.6.8 is vulnerable
CAN-2004-1190 (SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9
do not ...)
+ NOTE: micah checking with kernel team
TODO: check with kernel team
CAN-2004-1189 (The add_to_history function in svr_principal.c in libkadm5srv
for MIT ...)
{DSA-629-1}
@@ -1773,6 +1783,7 @@
NOTE: not-for-us (Adobe Acrobat Reader)
CAN-2004-1151 (Multiple buffer overflows in the (1) sys32_ni_syscall and (2)
...)
NOTE: fixed in kernel team svn (?)
+ NOTE: micah checking with kernel team
TODO: track fix
CAN-2004-1150 (Stack-based buffer overflow in the in_cdda.dll plugin for Winamp
5.0 ...)
NOTE: not-for-us (Winamp)
@@ -1788,6 +1799,7 @@
- kdelibs 4:3.3.2-1
CAN-2004-1144 (Unknown vulnerability in the 32bit emulation code in Linux 2.4
on ...)
NOTE: amd64 specific
+ NOTE: micah checking with kernel team
TODO: check with kernel team
CAN-2004-1143 (The password generation in mailman before 2.1.5 generates only 5
...)
- mailman 2.1.5-5
@@ -1977,6 +1989,7 @@
CAN-2004-1059 (Multiple cross-site scripting (XSS) vulnerabilities in
mnoGoSearch ...)
- mnogosearch 3.2.18-2.2
CAN-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read
the ...)
+ NOTE: micah checking with kernel team
TODO: check with kernel team
CAN-2004-1057 (Multiple drivers in Linux kernel 2.4.19 and earlier do not
properly ...)
NOTE: fixed after kernel 2.4.19
@@ -2077,6 +2090,7 @@
CAN-2004-1018 (Multiple integer handling errors in PHP before 4.3.10 allow
attackers ...)
- php4 4:4.3.10-1
CAN-2004-1017 (Multiple "overflows" in the io_edgeport driver
for Linux kernel 2.4.x ...)
+ NOTE: micah checking with kernel team
TODO: check with kernel team
CAN-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up
to ...)
- kernel-image-2.4.27-i386 2.4.27-7
@@ -2416,6 +2430,7 @@
CAN-2004-0884 (The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18
and ...)
{DSA-568-1 DSA-563-1}
CAN-2004-0883 (Multiple vulnerabilities in the samba filesystem (smbfs) in
Linux ...)
+ NOTE: micah checking with kernel team
TODO: check with kernel team
CAN-2004-0882 (Buffer overflow in the QFILEPATHINFO request handler in Samba
3.0.x ...)
NOTE: details http://security.e-matters.de/advisories/132004.html
@@ -2846,6 +2861,7 @@
CAN-2004-0686 (Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4,
when the ...)
- samba 3.0.5
CAN-2004-0685 (Certain USB drivers in the Linux 2.4 kernel use the copy_to_user
...)
+ NOTE: micah checking with kernel team
TODO: check with kernel team
CAN-2004-0684 (WebSphere Edge Component Caching Proxy in WebSphere Edge Server
5.02, ...)
NOTE: not-for-us (WebSphere Edge Server)
@@ -3031,6 +3047,7 @@
CAN-2004-0597 (Multiple buffer overflows in libpng 1.2.5 and earlier, as used
in ...)
{DSA-536}
CAN-2004-0596 (The Equalizer Load-balancer for serial network interfaces
(eql.c) in ...)
+ NOTE: micah checking with kernel team
TODO: check with kernel team
CAN-2004-0595 (The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to
...)
{DSA-689-1 DSA-531}