thr3ads.net - Secure testing commits - [Secure-testing-commits] r577

If this information is useful, please help other people find it:
Share via:

Micah Anderson

2005-Mar-18 04:54 UTC

[Secure-testing-commits] r577 - sarge-checks/CAN

Author: micah
Date: 2005-03-18 05:54:01 +0100 (Fri, 18 Mar 2005)
New Revision: 577

Modified:
   sarge-checks/CAN/list
Log:
Bug numbers for CAN-2004-1191 and CAN-2004-1190


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-03-18 01:24:58 UTC (rev 576)
+++ sarge-checks/CAN/list	2005-03-18 04:54:01 UTC (rev 577)
@@ -3066,18 +3066,20 @@
 CAN-2004-1192 (Format string vulnerability in the lprintf function in
Citadel/UX 6.27 ...)
 	NOTE: not-for-us (Citadel/UX)
 CAN-2004-1191 (Race condition in SuSE Linux 8.1 through 9.2, when run on SMP
systems ...)
-	TODO: come back to this one micah
 	NOTE: joshk says he doesn''t understand this one
-	NOTE: looks like 2.4 is ok, 2.6.8 is vulnerable
+	NOTE: 2.4.27 is ok, 2.6.8 is vulnerable, 2.6.10 is ok
+	NOTE: http://xforce.iss.net/xforce/xfdb/18137
+	NOTE: 2.6.8 needs this patch:
http://linux.bkbits.net:8080/linux-2.6/patch@1.1938.197.15?nav=cset@1.1938.197.15
+	kernel-source-2.6.8 (unfixed; bug #300163)
 CAN-2004-1190 (SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9
do not ...)
-	NOTE: There are no useful details to be found on this, only vague information,
I''ve tried to
-	NOTE: extract the patches from Suse kernels, to no avail, I''ve
emailed some suse people...
+	NOTE: Response from Suse people reveals that
http://linux.bkbits.net:8080/linux-2.6/hist/drivers/block/scsi_ioctl.c
+	NOTE: has a misleading entry titled "Fix exploitable hole"
 	NOTE: http://www.securityfocus.com/advisories/7579
 	NOTE: http://xforce.iss.net/xforce/xfdb/18370
-	NOTE: <joshk> i''ve officially no idea what the bug is
 	NOTE: Response from Marcus Meissner <meissner@suse.de> saying the patch
was integrated in upstream 2.6.8
-	NOTE: I verified in 2.6.8, 2.6.9 and 2.6.10 this patch exists, however 2.4 has
a totally different scsi layer
-	TODO: check with kernel team about 2.4
+	NOTE: on further clarification he said that further fixes to this patch were
made after 2.6.8 so only
+	NOTE: 2.6.10 is actually fixed, but 2.6.8 is not
+	kernel-source-2.6.8 (unfixed; bug #300162)
 CAN-2004-1189 (The add_to_history function in svr_principal.c in libkadm5srv
for MIT ...)
 	{DSA-629-1}
 CAN-2004-1188 (The pnm_get_chunk function in xine 0.99.2 and earlier, and other
...)

Secure testing commits - Mar 2005 - r577 - sarge-checks/CAN

[Secure-testing-commits] r577 - sarge-checks/CAN