thr3ads.net - Secure testing commits - [Secure-testing-commits] r5916

If this information is useful, please help other people find it:
Share via:
jmm-guest at alioth.debian.org
2007-May-24 21:49 UTC
[Secure-testing-commits] r5916 - data/CVE

Author: jmm-guest
Date: 2007-05-24 21:49:42 +0000 (Thu, 24 May 2007)
New Revision: 5916

Modified:
   data/CVE/list
Log:
- no-dsa for backup-manager issue
- CVEfiy SOAP nonce issue (quick investigate suggests Etch isn''t
affected also, needs
double-checking, though), older php5 issue fixed
- kernel compat mount DoS fixed, kernel/CAPI issue quite a non-issue
- NFUs and remove some obsolete TODOs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-05-24 19:54:49 UTC (rev 5915)
+++ data/CVE/list	2007-05-24 21:49:42 UTC (rev 5916)
@@ -70,11 +70,13 @@
 CVE-2007-2767 (Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4
(Hydrax) ...)
 	TODO: check
 CVE-2007-2766 (Backup Manager before 0.7.6 provides the MySQL password as a
plaintext ...)
-	TODO: check
+	- backup-manager <unfixed> (low)
+	[sarge] - backup-manager <no-dsa> (Minor issue)
+	[etch] - backup-manager <no-dsa> (Minor issue)
 CVE-2007-2765 (blockhosts.py in BlockHosts before 2.0.3 does not properly parse
...)
 	TODO: check
 CVE-2007-2764 (The embedded Linux kernel in certain Sun-Brocade SilkWorm
switches ...)
-	TODO: check
+	NOT-FOR-US: Sun switches
 CVE-2007-2763 (Buffer overflow in the UnlockSupport function in the LockModules
...)
 	TODO: check
 CVE-2007-2762 (Multiple PHP remote file inclusion vulnerabilities in Build it
Fast ...)
@@ -147,7 +149,8 @@
 CVE-2007-2729 (Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall
2.3.6.81, ...)
 	TODO: check
 CVE-2007-2728 (The soap extension in PHP calls php_rand_r with an uninitialized
seed ...)
-	TODO: check
+	- php5 <unfixed> (low)
+	- php4 <not-affected> (no soap functions in php4)
 CVE-2007-2727 (The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP
before ...)
 	TODO: check
 CVE-2007-2726 (BitsCast 0.13.0 allows remote attackers to cause a denial of
service ...)
@@ -438,12 +441,8 @@
 	- squirrelmail 2:1.4.10a-1 (low)
 CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and
...)
 	- wu-ftpd 2.6.2-26 (bug #425162) 
-CVE-2006-XXXX [PHP SOAP Extension HTTP Authentication Weak Nonce]
-	NOTE: see http://secunia.com/advisories/25306/
-	- php5 <unfixed> (low)
-	- php4 <not-affected> (no soap functions in php4)
 CVE-2006-7203 (The compat_sys_mount function in fs/compat.c in Linux kernel
2.6.20 ...)
-	- linux-2.6 <unfixed> (low)
+	- linux-2.6 2.6.18.dfsg.1-9 (low)
 CVE-2007-2588 (Multiple buffer overflows in the Office Viewer OCX ActiveX
control ...)
 	NOT-FOR-US: Office Viewer OCX ActiveX
 CVE-2007-2587 (The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote
...)
@@ -486,7 +485,7 @@
 CVE-2007-2569 (Multiple PHP remote file inclusion vulnerabilities in Friendly
1.0d1 ...)
 	NOT-FOR-US: Friendly
 CVE-2007-2568 (Multiple stack-based buffer overflows in VCDGear 3.55 allow ...)
-	TODO: check
+	NOT-FOR-US: VCDGear
 CVE-2007-2567 (Buffer overflow in the SaveBarCode function in the Taltech Tal
Bar ...)
 	NOT-FOR-US: Taltech Tal Bar Code ActiveX control
 CVE-2007-2566 (The SaveBarCode function in the Taltech Tal Bar Code ActiveX
control ...)
@@ -757,11 +756,11 @@
 CVE-2007-2442
 	RESERVED
 CVE-2007-2441 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and
earlier for ...)
-	TODO: check
+	NOT-FOR-US: Caucho Resin
 CVE-2007-2440 (Directory traversal vulnerability in Caucho Resin Professional
3.1.0 ...)
-	TODO: check
+	NOT-FOR-US: Caucho Resin
 CVE-2007-2439 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and
earlier for ...)
-	TODO: check
+	NOT-FOR-US: Caucho Resin
 CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1)
writefile, ...)
 	- vim <unfixed> (medium)
 	NOTE: Exploitable through modelines.
@@ -2470,7 +2469,7 @@
 CVE-2007-1690 (Multiple stack-based buffer overflows in Second Sight Software
...)
 	NOT-FOR-US: Second Sight Software
 CVE-2007-1689 (Buffer overflow in the ISAlertDataCOM ActiveX control in
ISLALERT.DLL ...)
-	TODO: check
+	NOT-FOR-US: Norton
 CVE-2007-1688
 	RESERVED
 CVE-2007-1687 (Multiple buffer overflows in the Internet Pictures Corporation
iPIX ...)
@@ -3710,8 +3709,8 @@
 	- isdnutils 1:3.9.20060704-3 (bug #408530; low)
 	[sarge] - isdnutils <no-dsa> (Not exploitable over ISDN network)
 	- asterisk-chan-capi 0.7.1-1.1 (bug #411293)
-	- linux-2.6 <unfixed> (bug #411294; low)
-	NOTE: Not exploitable over ISDN network, only through a CAPI server
+	- linux-2.6 <unfixed> (bug #411294; unimportant)
+	NOTE: Not exploitable over ISDN network, only theoretically through a
dedicated CAPI server
 CVE-2007-1216 (Double-free vulnerability in the GSS-API library ...)
 	{DSA-1276-1}
 	- krb5 1.4.4-8 (high)
@@ -3800,7 +3799,7 @@
 CVE-2007-1174 (Multiple cross-site scripting (XSS) vulnerabilities in WebAPP
before ...)
 	NOT-FOR-US: WebAPP
 CVE-2007-1173 (Multiple buffer overflows in the CentennialIPTransferServer
service ...)
-	TODO: check
+	NOT-FOR-US: CentennialIPTransferServer
 CVE-2007-1172 (SQL injection vulnerability in nukesentinel.php in NukeSentinel
...)
 	NOT-FOR-US: WebAPP
 CVE-2007-1171 (SQL injection vulnerability in includes/nsbypass.php in
NukeSentinel ...)
@@ -4618,11 +4617,8 @@
 CVE-2007-0912 (Cross-Site Request Forgery (CSRF) vulnerability in
admin/admin.adm.php ...)
 	NOT-FOR-US: JPortal
 CVE-2007-0911 (Off-by-one error in the str_ireplace function in PHP 5.2.1 might
allow ...)
-	- php5 <not-affected> (A regression only affecting 5.2.1)
-	TODO: - php5 <unfixed> (bug #410561; bug #410995; medium)
-	NOTE: this is a regression in the 5.2.1 release which is not yet uploaded.
-	NOTE: so we should just make sure we patch 5.2.1.  Leaving open in the
-	NOTE: meantime, so we don''t forget about it.
+	- php5 5.2.2-1 (bug #410561; bug #410995; medium)
+	[etch] - php5 <not-affected> (A regression only affecting 5.2.1)
 CVE-2007-0910 (Unspecified vulnerability in PHP before 5.2.1 allows attackers
to ...)
 	{DSA-1264-1}
 	- php5 5.2.0-9 (bug #410561; bug #410995; medium)
@@ -15893,9 +15889,7 @@
 CVE-2006-2942 (TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain
Twiki ...)
 	- twiki <not-affected> (Debian''s version is old and does not
include affected file)
 CVE-2006-2941 (Mailman before 2.1.9rc1 allows remote attackers to cause a
denial of ...)
-	- mailman <not-affected>
-	NOTE: Mailman uses the system version of the affected Python lib
-	TODO: Check affected Python versions
+	- mailman <not-affected> (Mailman uses the system version of the
affected Python lib)
 CVE-2006-2940 (OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier
versions ...)
 	{DSA-1195-1 DSA-1185-2}
 	- openssl 0.9.8c-2 (bug #389940)
@@ -18896,7 +18890,6 @@
 	NOT-FOR-US: DNGuestbook
 CVE-2005-4784 (Multiple buffer overflows in the POSIX readdir_r function, as
used in ...)
 	NOTE: this does not affect linux
-	TODO: check kfreebsd
 CVE-2005-4783 (kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does
not ...)
 	NOT-FOR-US: NetBSD
 CVE-2005-4782 (NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the
kernel is ...)
Secure testing commits - May 2007 - r5916 - data/CVE

[Secure-testing-commits] r5916 - data/CVE
