Author: stef-guest Date: 2007-02-22 00:18:11 +0100 (Thu, 22 Feb 2007) New Revision: 5480 Modified: data/CVE/list Log: - new mt-daapd, amavid-new, pure-ftpd issue - bugnums Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-02-21 22:54:21 UTC (rev 5479) +++ data/CVE/list 2007-02-21 23:18:11 UTC (rev 5480) @@ -1,3 +1,9 @@ +CVE-2007-XXXX [mt-daapd remote access & default password] + - mt-daapd <unfixed> (bug #404640) +CVE-2007-XXXX [amavids-new uses contrib/non-free packers without security support in default config] + - amavisd-new <unfixed> (bug #410588) +CVE-2006-XXXX [pure-ftpd-mysql: any problems with a home dir will allow rw to the entire filesystem] + - pure-ftpd <unfixed> (bug #350889) CVE-2007-XXXX [MediaWiki XSS based on Microsoft Internet Explorer''s UTF-7 charset autodetection] - mediawiki1.7 1.7.1-9 (low) CVE-2007-1049 [wordpress security issue related to code used to prevent XSS] @@ -294,17 +300,17 @@ CVE-2007-0912 (Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php ...) NOT-FOR-US: JPortal CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow ...) - - php5 <unfixed> (bug #410561; medium) + - php5 <unfixed> (bug #410561; bug #410995; medium) NOTE: this is a regression in the 5.2.1 release which is not yet uploaded. NOTE: so we should just make sure we patch 5.2.1. Leaving open in the NOTE: meantime, so we don''t forget about it. CVE-2007-0910 (Unspecified vulnerability in PHP before 5.2.1 allows attackers to ...) - - php5 <unfixed> (bug #410561; medium) + - php5 <unfixed> (bug #410561; bug #410995; medium) NOTE: fix is believed to be isolated, needs verification and backporting: NOTE: see CVE-2007-0910_clobbering-superglobals.diff in NOTE: http://people.debian.org/~seanius/security/php CVE-2007-0909 (Multiple format string vulnerabilities in PHP before 5.2.1 might allow ...) - - php5 <unfixed> (bug #410561; medium) + - php5 <unfixed> (bug #410561; bug #410995; medium) NOTE: half of fix (odbc part) is found, still trying to dig out the NOTE: problems related to *print functions. NOTE: see CVE-2007-0910_clobbering-superglobals.diff in @@ -316,7 +322,7 @@ NOT-FOR-US: PHP NOTE: this extension is not enabled in the php packages CVE-2007-0907 (Buffer underflow in PHP before 5.2.1 allows attackers to cause a ...) - - php5 <unfixed> (bug #410561; medium) + - php5 <unfixed> (bug #410561; bug #410995; medium) NOTE: fix found, needs testing/backporting. see: NOTE: CVE-2007-0907_sapi_header_op.diff in NOTE: http://people.debian.org/~seanius/security/php @@ -327,9 +333,9 @@ NOTE: available as CVE-2007-0906_N_description.diff at NOTE: http://people.debian.org/~seanius/security/php/ NOTE: (4) is a non-issue, as we don''t use the bundled sqlite - - php5 <unfixed> (bug #410561; medium) + - php5 <unfixed> (bug #410561; bug #410995; medium) CVE-2007-0905 (PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir ...) - - php5 <unfixed> (bug #410561; medium) + - php5 <unfixed> (bug #410561; bug #410995; medium) NOTE: we normally don''t spend much time on safe_mode and open_basedir NOTE: issues, but the because the attack vectors are "unspecified", it NOTE: might be harder for us to try and sort out the fixes for this @@ -499,13 +505,13 @@ NOTE: might not affect Debian version because HTML mode is disabled. sf: pinged maintainer CVE-2007-XXXX [php: multiple issues fixed in php 5.2.1] - php4 <unfixed> - - php5 <unfixed> (bug #410561) + - php5 <unfixed> (bug #410561; bug #410995) CVE-2007-XXXX [ikiwiki allows web user to edit images and other non-page format files in the wiki] - ikiwiki 1.42 CVE-2007-0858 RESERVED CVE-2007-0857 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before ...) - - moin <unfixed> (bug #410338; medium) + - moin <unfixed> (bug #410338; medium; bug #410552) CVE-2007-0856 (TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module ...) NOT-FOR-US: Trend Micro Anti-Rootkit Common Module CVE-2007-0855 (Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR ...)