jmm-guest at alioth.debian.org
2007-Aug-31 15:28 UTC
[Secure-testing-commits] r6453 - data/CVE
Author: jmm-guest
Date: 2007-08-31 15:28:25 +0000 (Fri, 31 Aug 2007)
New Revision: 6453
Modified:
data/CVE/list
Log:
tcp-wrappers flaw doesn''t affect Debian
fetchmail, nvidia no-dsa
bugzilla/sarge, asterisk, vim/sarge, asterisk/sarge not-affected
new kernel issue
record apache2 fixes planned for stable
rewrite php entry as non-issue
NFUs
don''t enter pidgin marketing buzz until details available
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-08-31 12:51:23 UTC (rev 6452)
+++ data/CVE/list 2007-08-31 15:28:25 UTC (rev 6453)
@@ -98,6 +98,8 @@
TODO: check
CVE-2007-4601 (A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11
does not ...)
- tcp-wrappers 7.6.dbs-12 (bug #405342; medium)
+ [etch] - tcp-wrappers <not-affected> (Vulnerability was introduced in
-10)
+ [sarge] - tcp-wrappers <not-affected> (Vulnerability was introduced in
-10)
CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5
allows ...)
NOT-FOR-US: BufferZone (Windows)
CVE-2007-4579 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and
Live ...)
@@ -130,6 +132,8 @@
NOT-FOR-US: SIDVault
CVE-2007-4565 (fetchmail before 6.3.9 allows context-dependent attackers to
cause a ...)
- fetchmail 6.3.8-8 (bug #440006; low)
+ [etch] - fetchmail <no-dsa> (Hardly a security problem)
+ [sarge] - fetchmail <no-dsa> (Hardly a security problem)
CVE-2007-4564 (Cosminexus Manager in Cosminexus Application Server 07-00 and
later ...)
NOT-FOR-US: Hitachi Cosminexus
CVE-2007-4563 (Cosminexus Manager in Cosminexus Application Server 06-50 and
later ...)
@@ -175,7 +179,8 @@
CVE-2007-4544 (Cross-site scripting (XSS) vulnerability in wp-newblog.php in
...)
NOT-FOR-US: WordPress multi-user (MU)
CVE-2007-4543 (Cross-site scripting (XSS) vulnerability in enter_bug.cgi in
Bugzilla ...)
- - bugzilla <unfixed> (bug #440106)
+ - bugzilla <unfixed> (low; bug #440106)
+ [sarge] - bugzilla <not-affected> (Vulnerable code not present)
CVE-2007-4542 (Multiple cross-site scripting (XSS) vulnerabilities in MapServer
...)
TODO: check
CVE-2007-4541 (Multiple cross-site scripting (XSS) vulnerabilities in Olate
Download ...)
@@ -222,6 +227,8 @@
NOT-FOR-US: Ripe Website Manager
CVE-2007-4521 (Asterisk Open Source 1.4.5 through 1.4.11, when configured to
use an ...)
- asterisk <not-affected> (The voicemail backend is not enabled in
Debian)
+ [sarge] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
+ [etch] - asterisk <not-affected> (Only Asterisk 1.4.x is affected)
NOTE: Patch:
http://lists.digium.com/pipermail/asterisk-commits/2007-August/015743.html
NOTE: the backend will be enabled in future uploads with a fixed package.
CVE-2007-4520
@@ -811,11 +818,9 @@
CVE-2007-4256 (Directory traversal vulnerability in showpage.cgi in YNP Portal
System ...)
NOT-FOR-US: YNP Portal System
CVE-2007-4255 (Buffer overflow in the mSQL extension in PHP 5.2.3 allows ...)
- - php5 <unfixed>
- - php4 <removed>
- [etch] - php5 <no-dsa> (requires malicious script)
- [etch] - php4 <no-dsa> (requires malicious script)
- [sarge] - php4 <no-dsa> (requires malicious script)
+ - php5 <unfixed> (unimportant)
+ - php4 <removed> (unimportant)
+ NOTE: Only exploitable by malicious script
CVE-2007-4254 (Stack-based buffer overflow in a certain ActiveX control in
VDT70.DLL ...)
NOT-FOR-US: Microsoft
CVE-2007-4253 (SQL injection vulnerability in the News module in modules.php in
...)
@@ -1703,7 +1708,6 @@
CVE-2007-3842 (Cross-site scripting (XSS) vulnerability in the 8e6 R3000
Enterprise ...)
NOT-FOR-US: 8e6 R3000 Enterprise Filter
CVE-2007-3841 (Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for
Linux ...)
- - pidgin 2.1.0-1 (medium)
NOTE: this information is based upon a vague advisory by a vulnerability
NOTE: information sales organization that does not coordinate with vendors or
NOTE: release actionable advisories. So maybe it is not fixed _but_ since it
is
@@ -2404,6 +2408,8 @@
NOT-FOR-US: 3Com
CVE-2007-3532 (NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and
...)
- nvidia-kernel-common <unfixed> (bug #434398)
+ [sarge] - nvidia-kernel-common <no-dsa> (Contrib and non-free not
supported)
+ [etch] - nvidia-kernel-common <no-dsa> (Contrib and non-free not
supported)
CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia
NVClock ...)
TODO: check
CVE-2007-3530 (PHPDirector 0.21 and earlier stores the admin account name and
...)
@@ -2802,7 +2808,7 @@
[sarge] - gdm <no-dsa> (Minor issue)
[etch] - gdm <no-dsa> (Minor issue)
CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for
Linux ...)
- TODO: check
+ - linux-2.6 2.6.23-1
CVE-2007-3379
RESERVED
CVE-2007-3378 (The (1) session_save_path and (2) ini_set functions in PHP 4.4.7
and ...)
@@ -3000,7 +3006,7 @@
[etch] - apache <unfixed> (low)
[sarge] - apache <unfixed> (low)
- apache2 2.2.4-2 (low)
- [etch] - apache2 <unfixed> (low)
+ [etch] - apache2 2.2.3-4+etch2
[sarge] - apache2 2.0.54-5sarge2 (low)
CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module,
allows ...)
- apache2 <unfixed> (unimportant)
@@ -4546,7 +4552,6 @@
- xfsdump 2.2.45-1 (bug #417894; low)
CVE-2007-2653
REJECTED
- NOT-FOR-US: This is bogus, the annoucement refers to the recently discovered
modelines issues
CVE-2007-2652 (Multiple unspecified vulnerabilities in Free-SA before 1.2.2
allow ...)
NOT-FOR-US: Free-SA
CVE-2007-2651 (Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27
allow ...)
@@ -5027,9 +5032,9 @@
CVE-2007-2439 (Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and
earlier for ...)
NOT-FOR-US: Caucho Resin Professional
CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1)
writefile, ...)
- - vim 1:7.1-022+1 (bug #435401; medium)
- TODO: File bug
- NOTE: Exploitable through modelines.
+ - vim 1:7.1-022+1 (bug #435401; low)
+ [sarge] - vim <not-affected> (Vulnerable code not present)
+ NOTE: Exploitable through modelines, needs to be used with care in any case
CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0,
7.1, ...)
- xorg-server 2:1.3.0.0.dfsg-4 (unimportant; bug #422936)
NOTE: etch vulnerable (patch below applies)
@@ -5040,7 +5045,6 @@
NOTE: just as well provide a binary which does more harm
CVE-2007-2436
REJECTED
- NOTE: duplicate of CVE-2007-1861
CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and
Java ...)
- sun-java5 1.5.0-11-1 (medium; bug #423062)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
@@ -5502,7 +5506,7 @@
[etch] - bind9 <not-affected> (Only 9.4/9.5 branches affected)
[sarge] - bind9 <not-affected> (Only 9.4/9.5 branches affected)
CVE-2007-2240 (The IBM Lenovo Access Support acpRunner ActiveX control, as ...)
- TODO: check
+ NOT-FOR-US: IBM Lenovo Access Support acpRunner ActiveX control
CVE-2007-2239 (Stack-based buffer overflow in the SaveBMP method in the AXIS
Camera ...)
NOT-FOR-US: AXIS Camera Control
CVE-2007-2238
@@ -6339,6 +6343,7 @@
CVE-2007-1863 (cache_util.c in the mod_cache module in Apache HTTP Server
(httpd), ...)
- apache2 2.2.4-1 (low)
[sarge] - apache2 2.0.54-5sarge2
+ [etch] - apache2 2.2.3-4+etch2
TODO: check apache 1
NOTE: see
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/cache/cache_util.c?view=markup&pathrev=551944
CVE-2007-1862 (The recall_headers function in mod_mem_cache in Apache 2.2.4
does not ...)
@@ -6980,6 +6985,7 @@
CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in
Asterisk ...)
- asterisk 1:1.4.0~dfsg-1 (low)
[etch] - asterisk <not-affected> (Only affects 1.4.x)
+ [sarge] - asterisk <not-affected> (Only affects 1.4.x)
CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator
(VVR) ...)
NOT-FOR-US: Symantec
CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 ...)
@@ -13938,6 +13944,7 @@
CVE-2006-5752 (Cross-site scripting (XSS) vulnerability in mod_status.c in the
...)
- apache2 2.2.4-2 (low)
[sarge] - apache2 2.0.54-5sarge2
+ [etch] - apache2 2.2.3-4+etch2
- apache <removed> (low)
CVE-2006-5751 (Integer overflow in the get_fdb_entries function in ...)
{DSA-1233}