stef-guest at alioth.debian.org
2007-May-17 12:18 UTC
[Secure-testing-commits] r5863 - data/DTSA/advs
Author: stef-guest Date: 2007-05-17 12:18:22 +0000 (Thu, 17 May 2007) New Revision: 5863 Added: data/DTSA/advs/36-mydns.adv data/DTSA/advs/37-clamav.adv Log: advs for clamav and mydns Added: data/DTSA/advs/36-mydns.adv ==================================================================--- data/DTSA/advs/36-mydns.adv (rev 0) +++ data/DTSA/advs/36-mydns.adv 2007-05-17 12:18:22 UTC (rev 5863) @@ -0,0 +1,14 @@ +source: mydns +date: April 30th, 2007 +author: Stefan Fritsch +vuln-type: multiple buffer overflows +problem-scope: remote +debian-specifc: no +cve: CVE-2007-2362 +vendor-advisory: +testing-fix: 1:1.1.0-7.1lenny1 +sid-fix: 1:1.1.0-8 +upgrade: apt-get upgrade + +Multiple buffer overflows in MyDNS allow remote attackers to cause a denial of +service (daemon crash) and possibly execute arbitrary code. Added: data/DTSA/advs/37-clamav.adv ==================================================================--- data/DTSA/advs/37-clamav.adv (rev 0) +++ data/DTSA/advs/37-clamav.adv 2007-05-17 12:18:22 UTC (rev 5863) @@ -0,0 +1,27 @@ +source: clamav +date: April 30th, 2007 +author: Stefan Fritsch +vuln-type: several vulnerabilities +problem-scope: remote +debian-specifc: no +cve: CVE-2007-1745 CVE-2007-1997 CVE-2007-2029 +vendor-advisory: +testing-fix: 0.90.1-3lenny1 +sid-fix: 0.90.2-1 +upgrade: apt-get upgrade + +Several remote vulnerabilities have been discovered in the Clam anti-virus +toolkit. The Common Vulnerabilities and Exposures project identifies the +following problems: + +CVE-2007-1745 +It was discovered that a file descriptor leak in the CHM handler may lead to +denial of service. + +CVE-2007-1997 +It was discovered that a buffer overflow in the CAB handler may lead to the +execution of arbitrary code. + +CVE-2007-2029 +It was discovered that a file descriptor leak in the PDF handler may lead to +denial of service.