thr3ads.net - Secure testing commits - [Secure-testing-commits] r6577

If this information is useful, please help other people find it:
Share via:
jmm-guest at alioth.debian.org
2007-Sep-11 19:01 UTC
[Secure-testing-commits] r6577 - data/CVE

Author: jmm-guest
Date: 2007-09-11 19:01:18 +0000 (Tue, 11 Sep 2007)
New Revision: 6577

Modified:
   data/CVE/list
Log:
- drop severities from php issues until checked by Sean
- some krb5 issues not-affected for Etch and Sarge
- some unimporant gd issues
- fix fixed version for tomcat


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-09-11 18:59:32 UTC (rev 6576)
+++ data/CVE/list	2007-09-11 19:01:18 UTC (rev 6577)
@@ -108,7 +108,7 @@
 CVE-2007-4722 (Multiple stack-based buffer overflows in the Quantum Streaming
...)
 	NOT-FOR-US: Quantum Streaming
 CVE-2007-4721 (Integer signedness error in the DNP3 dissector in Wireshark
0.99.5 and ...)
-	- wireshark 0.99.6pre1-1 (medium)
+	- wireshark 0.99.6pre1-1 (low)
 CVE-2007-4720 (Unspecified vulnerability in the Shared Trace Service in Hitachi
...)
 	NOT-FOR-US: Hitachi
 CVE-2007-4719 (SQL injection vulnerability in read.php in 212cafeBoard 6.30
Beta ...)
@@ -237,15 +237,15 @@
 	[etch] - firebird2 <unfixed>
 	[sarge] - firebird2 <unfixed> 
 CVE-2007-4663 (Directory traversal vulnerability in PHP before 5.2.4 allows
attackers ...)
-	- php5 <unfixed> (medium)
+	- php5 <unfixed>
 CVE-2007-4662 (Buffer overflow in the php_openssl_make_REQ function in PHP
before ...)
-	- php5 <unfixed> (medium)
+	- php5 <unfixed>
 CVE-2007-4661 (The chunk_split function in string.c in PHP 5.2.3 does not
properly ...)
-	- php5 <unfixed> (medium)
+	- php5 <unfixed>
 CVE-2007-4660 (Unspecified vulnerability in the chunk_split function in PHP
before ...)
-	- php5 <unfixed> (low)
+	- php5 <unfixed>
 CVE-2007-4659 (The zend_alter_ini_entry function in PHP before 5.2.4 does not
...)
-	- php5 <unfixed> (low)
+	- php5 <unfixed>
 CVE-2007-4658 (The money_format function in PHP before 5.2.4 permits multiple
(1) %i ...)
 	- php5 <unfixed>
 CVE-2007-4657 (Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5
before ...)
@@ -1691,10 +1691,13 @@
 	RESERVED
 CVE-2007-4000 (The kadm5_modify_policy_internal function in ...)
 	- krb5 1.6.dfsg.1-7 (high)
+	[etch] - krb5 <not-affected> (Vulnerable code not present)
+	[sarge] - krb5 <not-affected> (Vulnerable code not present)
 CVE-2007-3999 (Stack-based buffer overflow in the svcauth_gss_validate function
in ...)
 	{DSA-1368-1}
 	- librpcsecgss 0.14-3
 	- krb5 1.6.dfsg.1-7 (high)
+	[sarge] - krb5 <not-affected> (Vulnerable code not present)
 CVE-2007-3998 (The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before
5.2.4, ...)
 	TODO: check
 CVE-2007-3997 (The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8,
and PHP ...)
@@ -2903,7 +2906,7 @@
 CVE-2007-3479 (Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p)
allows ...)
 	NOT-FOR-US: PCSoft WinDEV
 CVE-2007-3478 (Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c
in ...)
-	- libgd2 <not-affected>
+	- libgd2 <unfixed> (unimportant)
 	NOTE: this is a crash, and does not seem to be attacker controlled.
 CVE-2007-3477 (The (a) imagearc and (b) imagefilledarc functions in GD Graphics
...)
 	- libgd2 2.0.35.dfsg-1 (low)
@@ -2912,16 +2915,15 @@
 	- libgd2 2.0.35.dfsg-1 (low)
 	NOTE: can write a 0 to a 4k window in heap, very unlikely to be controllable.
 CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows
user-assisted ...)
-	- libgd2 <not-affected>
+	- libgd2 <unfixed> (unimportant)
 	NOTE: out-of-band memory read, does not appear attacker controlled.
 CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the GD
...)
-	- libgd2 <not-affected>
 	NOTE: appears to be prophylactic dup of CVE-2007-3476.
 CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library (libgd)
...)
-	- libgd2 <not-affected>
+	- libgd2 <unfixed> (unimportant)
 	NOTE: this is only a NULL deref crash (same as CVE-2007-3472)
 CVE-2007-3472 (Integer overflow in gdImageCreateTrueColor function in the GD
Graphics ...)
-	- libgd2 <not-affected>
+	- libgd2 <unfixed> (unimportant)
 	NOTE: this is only a NULL deref crash.
 CVE-2007-3471 (Buffer overflow in the dtsession Common Desktop Environment
(CDE) ...)
 	NOT-FOR-US: Sun Solaris dtsession
@@ -6134,10 +6136,11 @@
 CVE-2007-2108 (Unspecified vulnerability in the Core RDBMS component Oracle
Database ...)
 	NOT-FOR-US: Oracle
 CVE-2006-7196 (Cross-site scripting (XSS) vulnerability in the calendar
application ...)
-	- tomcat5.5 5.5.20-1 (low)
+	- tomcat5.5 5.5.16-1 (low)
 	- tomcat5 <unfixed> (low)
 	- tomcat4 <removed> (low)
 	[sarge] - tomcat4 <no-dsa> (Contrib not supported) 
+	NOTE: Mark Thomas <markt at apache.org> reported on Bugtraq that
it''s fixed in 5.5.16
 CVE-2006-7195 (Cross-site scripting (XSS) vulnerability in implicit-objects.jsp
in ...)
 	- tomcat5.5 5.5.20-1 (low)
 	- tomcat5 <unfixed> (low)
Secure testing commits - Sep 2007 - r6577 - data/CVE

[Secure-testing-commits] r6577 - data/CVE
