stef-guest at alioth.debian.org
2007-Sep-17 18:55 UTC
[Secure-testing-commits] r6622 - data/CVE
Author: stef-guest Date: 2007-09-17 18:55:03 +0000 (Mon, 17 Sep 2007) New Revision: 6622 Modified: data/CVE/list Log: new apache issue that is actually an old browser issue fixed: cvstrac, teamspeak-server old ezpublish issues: should be removed from Debian new unimportant php issue new libgd2 issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-09-17 17:17:12 UTC (rev 6621) +++ data/CVE/list 2007-09-17 18:55:03 UTC (rev 6622) @@ -817,13 +817,9 @@ CVE-2007-4531 (Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and ...) NOT-FOR-US: Soldat game server CVE-2007-4530 (Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak ...) - - teamspeak-server <unfixed> - NOTE: likely fixed in 2.0.23.19-1 - TODO: check + - teamspeak-server 2.0.23.19-1 CVE-2007-4529 (The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote ...) - - teamspeak-server <unfixed> - NOTE: likely fixed in 2.0.23.19-1 - TODO: check + - teamspeak-server 2.0.23.19-1 CVE-2007-4528 (The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not ...) NOT-FOR-US: ffi extension for php CVE-2007-4527 (Unrestricted file upload vulnerability in phUploader.php in phphq.Net ...) @@ -963,7 +959,11 @@ CVE-2003-1334 (Cross-site scripting (XSS) vulnerability in Kai Blankenhorn Bitfolge ...) NOT-FOR-US: snif CVE-2007-4465 (Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the ...) - TODO: check + - apache <unfixed> + - apache2 2.2.6-1 + NOTE: This is really a browser bug, see CVE-2006-5152. But still unfixed in MSIE. + NOTE: Etch''s default configuration not vulnerable due to AddDefaultCharset, + NOTE: but many users change this. CVE-2007-4464 (CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total ...) NOT-FOR-US: Total Commander CVE-2007-4463 (The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted ...) @@ -1998,9 +1998,12 @@ NOTE: so maybe this is already fixed in 5.2.3, not sure TODO: check php4, contact upstream CVE-2007-3997 (The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP ...) - TODO: check + - php5 <unfixed> (unimportant) + - php4 <unfixed> (unimportant) + NOTE: only exploitable by malicious script CVE-2007-3996 (Multiple integer overflows in libgd in PHP before 5.2.4 allow remote ...) - TODO: check + - libgd2 <unfixed> + TODO: file bug CVE-2007-3995 RESERVED CVE-2007-3994 @@ -3095,17 +3098,17 @@ CVE-2005-4856 (The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, ...) - ezpublish <not-affected> (Debian''s version is too old) CVE-2005-4855 (Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, ...) - TODO: check + - ezpublish <unfixed> (bug #424790) CVE-2005-4854 (eZ publish 3.5 through 3.7 before 20050830 does not use a folder''s ...) - TODO: check + - ezpublish <unfixed> (bug #424790) CVE-2005-4853 (The default configuration of the forum package in eZ publish 3.5 ...) - TODO: check + - ezpublish <unfixed> (bug #424790) CVE-2005-4852 (The siteaccess URIMatching implementation in eZ publish 3.5 through ...) - TODO: check + - ezpublish <unfixed> (bug #424790) CVE-2005-4851 (eZ publish 3.4.4 through 3.7 before 20050722 applies certain ...) - TODO: check + - ezpublish <unfixed> (bug #424790) CVE-2005-4850 (eZ publish 3.5 through 3.7 before 20050608 requires both edit and ...) - TODO: check + - ezpublish <unfixed> (bug #424790) CVE-2005-4849 (Apache Derby before 10.1.2.1 exposes the (1) user and (2) password ...) NOT-FOR-US: Apache Derby CVE-2004-2682 (PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which ...) @@ -11119,7 +11122,7 @@ CVE-2007-0348 (Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in ...) NOT-FOR-US: ActiveX control in InterActual Player CVE-2007-0347 (The is_eow function in format.c in CVSTrac before 2.0.1 does not ...) - TODO: check + - cvstrac 2.0.1-1 NOTE: it is unclear if 1.1.5 is vulnerable (is_repository_file is not in 1.1.5 source) NOTE: the vulnerable code can''t be found on other places in 1.1.5 and also similar things NOTE: are done like using %q instead of %s for user supplied data