Author: jmm-guest
Date: 2005-12-02 23:30:13 +0000 (Fri, 02 Dec 2005)
New Revision: 2931
Modified:
data/CVE/list
Log:
more syntax polishing and decrufting
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-12-02 23:03:57 UTC (rev 2930)
+++ data/CVE/list 2005-12-02 23:30:13 UTC (rev 2931)
@@ -8712,8 +8712,7 @@
CVE-2004-1984 (Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote
attackers ...)
NOT-FOR-US: Coppermine
CVE-2004-1983 (The arch_get_unmapped_area function in mmap.c in the PaX patches
for ...)
- NOTE: only affects pax for 2.6; kernel-patch-adamantix contains pax
- NOTE: but only for 2.4.
+ - kernel-patch-adamantix <not-affected> (Only affects PaX for kernel
2.6)
CVE-2004-1982 (Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify
...)
NOT-FOR-US: YaBB
CVE-2004-1981 (The web interface for Crystal Reports allows remote attackers to
cause ...)
@@ -8783,7 +8782,7 @@
CVE-2004-1949 (SQL injection vulnerability in PostNuke 7.2.6 and earlier allows
...)
NOT-FOR-US: PostNuke
CVE-2004-1948 (NcFTP client 3.1.6 and 3.1.7, when the username and password are
...)
- NOTE: nonsense, all command line passwords can be intercepted at least
sometimes
+ - ncftp 2:3.1.8-1 (low)
CVE-2004-1947 (The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in
BitDefender ...)
NOT-FOR-US: bitdefender
CVE-2004-1946 (Format string vulnerability in the PRINT_ERROR function in
common.c ...)
@@ -9199,7 +9198,7 @@
CVE-2003-1162 (index.php in Tritanium Bulletin Board 1.2.3 allows remote
attackers to ...)
NOT-FOR-US: Tritanium Bulletin Board
CVE-2003-1161 (exit.c in Linux kernel 2.6-test9-CVS, as stored on
kernel.bkbits.net, ...)
- NOTE: ancient and unreleased source code with backdoor
+ - linux-2.6 <not-affected> (Never released, only temporary in Bitkeeper)
CVE-2003-1160 (FlexWATCH Network video server 132 allows remote attackers to
bypass ...)
NOT-FOR-US: FlexWATCH
CVE-2003-1159 (Plug and Play Web Server Proxy 1.0002c allows remote attackers
to ...)
@@ -9212,7 +9211,6 @@
NOT-FOR-US: Sun JRE/SDK
CVE-2003-1155 (X-CD-Roast 0.98 alpha10 through alpha14 allows local users to
...)
- xcdroast 0.98+0alpha15-1 (bug #310046)
- NOTE: woody seems to be vulnerable (see bug #310046)
CVE-2003-1154 (MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus
...)
NOT-FOR-US: MAILsweeper
CVE-2003-1153 (byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary
files ...)
@@ -9279,7 +9277,6 @@
CVE-2005-1471 (Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and
5.3 ...)
NOT-FOR-US: RSA SecurID Web Agent
CVE-2005-XXXX [race condition with a buffered temp file]
- NOTE: no bug ever filed for this one
- pysvn 1.1.2-3
CVE-2005-XXXX [mailutils: sql injection vulnerability in sql authentication
module]
- mailutils 1:0.6.1-2
@@ -9346,20 +9343,18 @@
CVE-2004-2069 (sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other
versions, ...)
- openssh 1:3.8p1
CVE-2004-2068 (fetchnews in leafnode 1.9.47 and earlier allows remote attackers
to ...)
- NOT-FOR-US: Leafnode2 development branch
+ - leafnode <not-affected> (Leafnode2 development branch)
CVE-2002-1661 (The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote
...)
- NOT-FOR-US: Leafnode2 development branch
+ - leafnode <not-affected> (Leafnode2 development branch)
CVE-2005-XXXX [Missing input validation in xtradius]
- NOTE: not shipped in deb
- - xtradius 1.2.1-beta2-2 (bug #307796; low)
+ - xtradius 1.2.1-beta2-2 (bug #307796; unimportant)
CVE-2005-XXXX [fai tempfile vulnerability]
- fai 2.8.2
CVE-2005-2354 [nvu uses old copy of mozilla xpcom]
RESERVED
NOTE: have not checked to see which security holes are in it exactly
- NOTE: Has been removed from Sarge
- nvu <unfixed> (bug #306822; medium)
-CVE-2005-XXXX [eskuel: arbitrary file retreiving]
+CVE-2005-XXXX [eskuel: arbitrary file retrieving]
- eskuel 1.0.5-3.1 (bug #307270; low)
CVE-2005-2356 [eskuel: No authentication at all]
RESERVED
@@ -9369,15 +9364,15 @@
CVE-2005-XXXX [Unspeficied security issue in ipsec-tool''s single DES
support]
- ipsec-tools 1:0.5.2-1
CVE-2005-1452 (Serendipity before 0.8 allows Chief users to "hide
plugins installed ...)
- NOT-FOR-US: Serendipity
+ - serendipity <itp> (bug #312413)
CVE-2005-1451 (The media manager in Serendipity before 0.8 allows remote
attackers to ...)
- NOT-FOR-US: Serendipity
+ - serendipity <itp> (bug #312413)
CVE-2005-1450 (Unknown vulnerability in "the function used to validate
path-names for ...)
- NOT-FOR-US: Serendipity
+ - serendipity <itp> (bug #312413)
CVE-2005-1449 (Unknown vulnerability in serendipity_config_local.inc.php for
...)
- NOT-FOR-US: Serendipity
+ - serendipity <itp> (bug #312413)
CVE-2005-1448 (Cross-site scripting (XSS) vulnerability in the BBCode plugin
for ...)
- NOT-FOR-US: Serendipity
+ - serendipity <itp> (bug #312413)
CVE-2005-1447 (PHP remote code injection vulnerability in main.php in SitePanel
2.6.1 ...)
NOT-FOR-US: SitePanel
CVE-2005-1446 (SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers
to ...)
@@ -9403,7 +9398,7 @@
CVE-2005-1436 (Multiple cross-site scripting (XSS) vulnerabilities in osTicket
allow ...)
NOT-FOR-US: osTicket
CVE-2005-1435 (Open WebMail (OWM) before 2.51 20050430 allows remote
authenticated ...)
- NOTE: Was once part of Debian, but has been removed
+ - openwebmail <removed>
CVE-2005-1434 (Multiple unknown vulnerabilities in OpenView Network Node
Manager (OV ...)
NOT-FOR-US: HP OpenView
CVE-2005-1433 (Multiple unknown vulnjerabilities HP OpenView Event Correlation
...)
@@ -9493,8 +9488,7 @@
CVE-2005-1393 (Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation
9.0 ...)
NOT-FOR-US: ArcGIS
CVE-2005-1392 (The SQL install script in phpMyAdmin 2.6.2 is created with ...)
- NOTE: In Debian this is only part of the examples in share/doc, any admin will
- NOTE: have to modify it for his purposes anyway, so there''s no
security problem
+ - phpmyadmin <not-affected> (Only part of examples that an admin would
need to modify anyway)
CVE-2005-1391 (Buffer overflow in the add_port function in APSIS Pound 1.8.2
and ...)
- pound 1.8.2-1.1 (bug #307852; bug #311548; medium)
CVE-2005-1390
@@ -9520,7 +9514,7 @@
CVE-2005-1380 (Cross-site scripting (XSS) vulnerability in BEA Admin Console
8.1 ...)
NOT-FOR-US: BEA Weblogic
CVE-2005-1379 (The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on
...)
- NOT-FOR-US: Mandrake specific packaging flaw
+ - lam <not-affected> (Mandrake specific packaging flaw)
CVE-2005-1378 (SQL injection vulnerability in posting_notes.php in the notes
module ...)
NOT-FOR-US: phpbb mod
CVE-2005-1377 (Multiple PHP remote code injection vulnerabilities in Claroline
(aka ...)
@@ -9540,12 +9534,13 @@
CVE-2005-1370 (Unknown vulnerability in Radia Management Agent (RMA) in HP
OpenView ...)
NOT-FOR-US: HP OpenView
CVE-2005-1369 (The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x
before ...)
- NOTE: does not affect 2.4.27 per horms
+ - kernel-source-2.4.27 <not-affected>
- kernel-source-2.6.8 2.6.8-16
- - kernel-source-2.6.11 2.6.11-4
+ - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.8)
CVE-2005-1368 (The key_user_lookup function in security/keys/key.c in Linux
kernel ...)
- NOTE: does not affect 2.6.8, 2.4.27 per horms
- - kernel-source-2.6.11 2.6.11-4
+ [sarge] - kernel-source-2.6.8 <not-affected>
+ - kernel-source-2.4.27 <not-affected>
+ - linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.8)
CVE-2005-1367 (Pico Server (pServ) 3.2 and earlier allows local users to read
...)
NOT-FOR-US: pServ
CVE-2005-1366 (Pico Server (pServ) 3.2 and earlier allows remote attackers to
obtain ...)
@@ -9553,9 +9548,10 @@
CVE-2005-1365 (Pico Server (pServ) 3.2 and earlier allows remote attackers to
execute ...)
NOT-FOR-US: pServ
CVE-2005-XXXX [Insecure mailbox generation in passwd''s useradd]
- NOTE: Incorrect open() call was introduced after 4.0.3 (the version in Sarge,
fixed in 4.0.8)
+ - shadow 4.0.8
+ [sarge] - shadow <not-affected> (was introduced after version 4.0.3)
+ [woody] - shadow <not-affected> (was introduced after version 4.0.3)
CVE-2005-XXXX [Insecure tempfile generation in shadow''s vipw]
- NOTE: Fixed in 4.0.3-33 for sid, Sarge would need an update through t-p-u
- shadow 1:4.0.3-33
CVE-2005-1364 (Multiple SQL injection vulnerabilities in MetaBid Auctions allow
...)
NOT-FOR-US: MetaBid Auctions
@@ -9610,8 +9606,7 @@
CVE-2005-1340 (The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does
not ...)
NOT-FOR-US: Mac OS X
CVE-2005-1339 (lukemftpd in Mac OS X 10.3.9 allows remote authenticated users
to ...)
- NOTE: verified that our lukemftpd uses pw->pw_name when
- NOTE: checking /etc/ftpchroot.
+ - lukemftpd <not-affected> (our lukemftpd uses pw->pw_name when
checking /etc/ftpchroot)
CVE-2005-1338 (Mac OS X 10.3.9, when using an LDAP server that does not use
...)
NOT-FOR-US: Mac OS X
CVE-2005-1337 (Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows
remote ...)
@@ -9652,7 +9647,7 @@
- mnemo 1.1-2.1 (bug #307180)
TODO: check whether nmeno2 is affected as well
CVE-2005-1319 (Cross-site scripting (XSS) vulnerability in Horde IMP Webmail
client ...)
- NOTE: imp4 is not affected
+ - imp4 <not-affected>
- imp3 3.2.8-1 (bug #328218; low)
CVE-2005-1318 (Cross-site scripting (XSS) vulnerability in Horde Forwards
E-Mail ...)
- sork-forwards 2.2.2-1
@@ -9661,7 +9656,7 @@
CVE-2005-1316 (Cross-site scripting (XSS) vulnerability in Horde Accounts
module ...)
- sork-accounts 2.1.2-1
CVE-2005-1315 (Cross-site scripting (XSS) vulnerability in Horde Turba module
before ...)
- NOTE: Maintainer is checking whether turba2 needs fixing as well
+ TODO: Maintainer wanted to check whether turba2 needs fixing as well, re-check
with him
- turba 1.2.5-1
CVE-2005-1314 (Cross-site scripting (XSS) vulnerability in Horde Kronolith
module ...)
- kronolith 1.1.4-1
@@ -9677,8 +9672,7 @@
NOT-FOR-US: bBlog
CVE-2005-1308 (SqWebMail allows remote attackers to inject arbitrary web script
or ...)
- courier <unfixed> (bug #307575; medium)
- NOTE: Upstream explanation looks wrong, not all code paths perform
- NOTE: escaping.
+ NOTE: Upstream explanation looks wrong, not all code paths perform escaping.
CVE-2005-1307 (The (1) stopserver.sh and (2) startserver.sh scripts in Adobe
Version ...)
NOT-FOR-US: Adobe Version Cue
CVE-2005-1306 (The Adobe Reader control in Adobe Reader and Acrobat 7.0 and
7.0.1 ...)
@@ -9786,10 +9780,8 @@
- kernel-source-2.4.27 2.4.27-10
NOTE: believed not to be exploitable in 2.6 after all, re Greg K-H
CVE-2005-1262 (Gaim 1.2.1 and earlier allows remote attackers to cause a denial
of ...)
- NOTE: see http://gaim.sourceforge.net/security/
- gaim 1:1.2.1-1.1
CVE-2005-1261 (Stack-based buffer overflow in the URL parsing function in Gaim
before ...)
- NOTE: see http://gaim.sourceforge.net/security/
- gaim 1:1.2.1-1.1
CVE-2005-1260 (bzip2 allows remote attackers to cause a denial of service (hard
drive ...)
{DSA-741-1}
@@ -9912,6 +9904,7 @@
CVE-2005-1205 (The Telnet client for Microsoft Windows XP, Windows Server 2003,
and ...)
NOT-FOR-US: Microsoft
CVE-2002-1657 (PostgreSQL uses the username for a salt when generating
passwords, ...)
+ - postgresql <unfixed> (unimportant)
NOTE: This is not a real world problem; it''s only applicable in rare
circurstances
NOTE: like someone analysing stolen user database information and even then
the gain
NOTE: is slim. In that case SHA256 hashes would be more appropriate anyway.
@@ -9936,7 +9929,6 @@
CVE-2005-1196 (SQL injection vulnerability in kb.php in the Knowledge Base
module for ...)
NOT-FOR-US: PHPBB Knowledgebase Mod
CVE-2005-1195 (Multiple heap-based buffer overflows in the code used to handle
(1) ...)
- NOTE: The vulnerable code is present in xine-lib as well, MPlayer is not in
Debian
- xine-lib 1.0.1-1
CVE-2005-1194 (Stack-based buffer overflow in the ieee_putascii function for
nasm ...)
- nasm 0.98.38-1.2 (bug #309049)
@@ -9957,20 +9949,20 @@
CVE-2001-1474 (SSH before 2.0 disables host key checking when connecting to the
...)
NOT-FOR-US: Commercial SSH
CVE-2001-1473 (The SSH-1 protocol allows remote servers conduct
man-in-the-middle ...)
- NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
+ NOR-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2
protocol
CVE-2001-1472 (SQL injection vulnerability in prefs.php in phpBB 1.4.0 and
1.4.1 ...)
- phpbb2 2.0.6c-1
CVE-2001-1471 (prefs.php in phpBB 1.4.0 and earlier allows remote authenticated
users ...)
- phpbb2 2.0.6c-1
CVE-2001-1470 (The IDEA cipher as implemented by SSH1 does not protect the
final ...)
- NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
+ NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2
protocol
CVE-2001-1469 (The RC4 stream cipher as used by SSH1 allows remote attackers to
...)
- NOTE: SSH1 protocol design flaw issue, proper fix is to use the SSH2 protocol
+ NOT-FOR-US: SSH1 protocol design flaw issue, proper fix is to use the SSH2
protocol
CVE-2001-1468 (PHP remote code injection vulnerability in checklogin.php in
...)
NOT-FOR-US: phpSecurePages
CVE-2001-1467 (mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through
7.0, ...)
- NOTE: in expect 5.42.1, mkpasswd does not seed by pid; doesn''t seem
- NOTE: to seed at all; my tests indicate it generates no dups in
+ - expect <not-affected> (in expect 5.42.1, mkpasswd does not seed by
pid)
+ NOTE: doesn''t seem to seed at all; my tests indicate it generates no
dups in
NOTE: some 100000 passwords.
CVE-2001-1466 (Buffer overflow in VanDyke SecureCRT before 3.4.2, when using
the ...)
NOT-FOR-US: VanDyke SecureCRT
@@ -10007,7 +9999,7 @@
CVE-2001-1450 (Microsoft Internet Explorer 5.0 through 6.0 allows attackers to
cause ...)
NOT-FOR-US: Windows
CVE-2001-1449 (The default installation of Apache before 1.3.19 on Mandrake
Linux 7.1 ...)
- NOT-FOR-US: Mandrake specific packaging flaw
+ - apache <not-affected> (Mandrake specific packaging flaw)
CVE-2001-1448 (Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows
local ...)
NOT-FOR-US: Magic eDeveloper
CVE-2001-1447 (NetInfo Manager for Mac OS X 10.0 through 10.1 allows local
users to ...)