thijs at alioth.debian.org
2008-Feb-17 11:36 UTC
[Secure-testing-commits] r8172 - data/CVE
Author: thijs
Date: 2008-02-17 11:36:20 +0000 (Sun, 17 Feb 2008)
New Revision: 8172
Modified:
data/CVE/list
Log:
incorporate versions from etch r3 release.
update sun-java5 entries to mark all issues fixed that were fixed upstream
between 1.5.0-10-3 as originally in etch and 1.5.0-14-1etch1 as in r3.
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-02-16 21:14:19 UTC (rev 8171)
+++ data/CVE/list 2008-02-17 11:36:20 UTC (rev 8172)
@@ -260,6 +260,7 @@
- sun-java6 6-02-1
- sun-java5 1.5.0-14-1
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2008-0656 (Unrestricted file upload vulnerability in dmclTrace.jsp in EMC
...)
NOT-FOR-US: Documentum Administrator and Webtop
CVE-2008-0655 (Multiple unspecified vulnerabilities in Adobe Reader and Acrobat
...)
@@ -2134,7 +2135,7 @@
CVE-2007-XXXX [unace unspecified security issue related to uninitialized
variable]
- unace-nonfree 2.5-3
[etch] - unace-nonfree <no-dsa> (non-free not supported)
- TODO: r3 release: [etch] - unace-nonfree 2.5-1etch1
+ [etch] - unace-nonfree 2.5-1etch1
CVE-2007-6507 (SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for
Windows, ...)
NOT-FOR-US: Trend Micro ServerProtect
CVE-2007-6506 (The HPRulesEngine.ContentCollection.1 ActiveX Control in ...)
@@ -2345,12 +2346,12 @@
- apache2 2.2.8-1 (low)
[etch] - apache2 <no-dsa> (minor issue)
[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
- TODO: r3 [etch] - apache2 2.2.3-4+etch4 (low)
+ [etch] - apache2 2.2.3-4+etch4 (low)
CVE-2007-6421 (Cross-site scripting (XSS) vulnerability in balancer-manager in
...)
- apache2 2.2.8-1 (low)
[etch] - apache2 <no-dsa> (minor issue)
[sarge] - apache2 <not-affected> (vulnerable code introduced in 2.2)
- TODO: r3 [etch] - apache2 2.2.3-4+etch4 (low)
+ [etch] - apache2 2.2.3-4+etch4 (low)
CVE-2007-6420 (Cross-site request forgery (CSRF) vulnerability in the ...)
- apache2 <unfixed> (low)
[etch] - apache2 <no-dsa> (minor issue)
@@ -2421,10 +2422,10 @@
- gnome-screensaver <unfixed> (low; bug #455484)
[etch] - gnome-screensaver <no-dsa> (Minor issue)
CVE-2007-6388 (Cross-site scripting (XSS) vulnerability in mod_status in the
Apache ...)
- - apache <unfixed> (low)
+ - apache <removed> (low)
- apache2 2.2.8-1 (low)
[etch] - apache <no-dsa> (scheduled for next point release)
- NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
+ [etch] - apache 1.3.34-4.1+etch1
CVE-2007-6358 (pdftops.pl before 1.20 in alternate pdftops filter allows local
users ...)
{DSA-1437-1}
- cupsys 1.3.5-1 (low; bug #456960)
@@ -2880,12 +2881,12 @@
- libxfont 1:1.3.1-2
CVE-2008-0005 (mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before
...)
- apache2 2.2.8-1 (low)
- - apache <unfixed> (low)
+ - apache <removed> (low)
[etch] - apache <no-dsa> (browser issue; low impact)
[sarge] - apache <no-dsa> (browser issue; low impact)
[sarge] - apache2 <no-dsa> (browser issue; low impact)
[etch] - apache2 <no-dsa> (browser issue; low impact)
- TODO: r3 [etch] - apache2 2.2.3-4+etch4 (low)
+ [etch] - apache2 2.2.3-4+etch4 (low)
CVE-2008-0004
RESERVED
CVE-2008-0003 (Stack-based buffer overflow in the
PAMBasicAuthenticator::PAMCallback ...)
@@ -2912,7 +2913,7 @@
[etch] - apache2 <no-dsa> (minor issue)
- apache <not-affected> (vulnerable code not present)
NOTE: Might be exploitable with older flash plugins via HTTP Request Splitting
- NOTE: pending for 2.2.3-4+etch4 / etch r3
+ [etch] - apache2 2.2.3-4+etch4
CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local
users ...)
- claws-mail 3.1.0-2 (low; bug #454089)
CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs
"UserParameter" ...)
@@ -2924,7 +2925,7 @@
- sing 1.1-16 (low; bug #454167)
[etch] - sing <no-dsa> (Only exploitable in inherently broken setups)
[sarge] - sing <no-dsa> (Only exploitable in inherently broken setups)
- TODO: r3 [etch] - sing 1.1-13etch1
+ [etch] - sing 1.1-13etch1
TODO: r8 [sarge] - sing 1.1-9sarge1
CVE-2007-6209 (Util/difflog.pl in zsh 4.3.4 allows local users to overwrite
arbitrary ...)
- zsh 4.3.4-dev-3-2 (low; bug #454073)
@@ -3216,6 +3217,7 @@
CVE-2007-6062 (irc-channel.c in ngIRCd before 0.10.3 allows remote attackers to
cause ...)
- ngircd 0.10.3-1 (bug #451875)
[etch] - ngircd <no-dsa> (Minor issue)
+ [etch] - ngircd 0.10.0-2etch1
CVE-2007-6061 (Audacity 1.3.2 creates a temporary directory with a predictable
name ...)
- audacity 1.3.4-1.1 (bug #453283; low)
[etch] - audacity <no-dsa> (Minor issue)
@@ -4342,6 +4344,7 @@
- sun-java6 6-03-1 (medium)
- sun-java5 1.5.0-13-1 (medium)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the
...)
NOT-FOR-US: Multi Host Forum Pro
CVE-2007-5687 (Multiple buffer overflows in the rich text processing
functionality in ...)
@@ -5418,7 +5421,7 @@
CVE-2007-5448 (Madwifi 0.9.3.2 and earlier allows remote attackers to cause a
denial ...)
- madwifi 1:0.9.3.2-2 (medium; bug #446824)
[etch] - madwifi <no-dsa> (Non-free not supported)
- TODO: r3 release: [etch] - madwifi 1:0.9.2+r1842.20061207-2etch2
+ [etch] - madwifi 1:0.9.2+r1842.20061207-2etch2
CVE-2007-5447 (ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension
for PHP ...)
NOT-FOR-US: ionCube
CVE-2007-5446 (Absolute path traversal vulnerability in a certain ActiveX
control in ...)
@@ -5722,6 +5725,7 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5374 (cp_memberedit.php in LightBlog 8.4.1.1 does not check for ...)
NOT-FOR-US: LightBlog
CVE-2007-5373 (ldapscripts 1.4 and 1.7 sends a password as a command line
argument ...)
@@ -5966,10 +5970,12 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5273 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and
...)
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5272 (SQL injection vulnerability in kategori.asp in Furkan Tastan
Blog ...)
NOT-FOR-US: Furkan Tastan Blog
CVE-2007-5271 (Multiple PHP remote file inclusion vulnerabilities in Trionic
Cite CMS ...)
@@ -6087,22 +6093,25 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5239 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK
and JRE ...)
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5238 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK
and JRE ...)
- sun-java6 6-03-1 (unimportant)
- sun-java5 1.5.0-13-1 (unimportant)
+ [etch] - sun-java5 1.5.0-14-1etch1
NOTE: Leaked information hardly sensitive
CVE-2007-5237 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does
not ...)
- sun-java6 6-03-1 (medium)
- sun-java5 1.5.0-13-1 (medium)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5236 (Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and
SDK ...)
- sun-java6 <not-affected> (Windows only)
- sun-java5 <not-affected> (Windows only)
- [etch] - sun-java5 <no-dsa> (Non-free not supported)
CVE-2007-5235 (Cross-site scripting (XSS) vulnerability in index.php in
Uebimiau ...)
NOT-FOR-US: Uebimiau
CVE-2007-5234 (PHP remote file inclusion vulnerability in
upload/common/footer.php in ...)
@@ -6113,6 +6122,7 @@
- sun-java6 6-03-1 (low)
- sun-java5 1.5.0-13-1 (low)
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-5231 (Unrestricted file upload vulnerability in admin/upload_files.php
in ...)
NOT-FOR-US: Zomplog
CVE-2007-5230 (admin/upload_files.php in Zomplog 3.8.1 and earlier does not
check for ...)
@@ -6127,7 +6137,7 @@
- dircproxy 1.0.5-5.1 (low; bug #445883)
[sarge] - dircproxy <no-dsa> (Minor issue)
[etch] - dircproxy <no-dsa> (Minor issue)
- TODO: r3 release [etch] - dircproxy 1.0.5-5etch1
+ [etch] - dircproxy 1.0.5-5etch1
CVE-2005-4871 (Certain XML functions in IBM DB2 8.1 run with the privileges of
DB2 ...)
NOT-FOR-US: IBM DB2
CVE-2005-4870 (Stack-based buffer overflows in the (1) xmlvarcharfromfile, (2)
...)
@@ -6759,8 +6769,8 @@
[etch] - apache <no-dsa> (minor issue)
- apache2 2.2.8-1 (low)
- apache <unfixed> (low)
- NOTE: pending for apache2 2.2.3-4+etch4 / etch r3
- NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
+ [etch] - apache2 2.2.3-4+etch4
+ [etch] - apache 1.3.34-4.1+etch1
CVE-2007-4999 (libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML
logging, ...)
- pidgin 2.2.2-1 (medium)
CVE-2007-4998 (cp, when running with an option to preserve symlinks on multiple
OSes, ...)
@@ -8057,8 +8067,8 @@
NOTE: This is really a browser bug, see CVE-2006-5152. But still unfixed in
MSIE.
NOTE: Etch''s default configuration not vulnerable due to
AddDefaultCharset,
NOTE: but many users change this.
- NOTE: pending for 2.2.3-4+etch4 / etch r3
NOTE: The apache2 fix is actually a workaround. It will not be applied to
apache 1.3.
+ [etch] - apache2 2.2.3-4+etch4
CVE-2007-4464 (CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for
Total ...)
NOT-FOR-US: Total Commander
CVE-2007-4463 (The Fileinfo 2.0.9 plugin for Total Commander allows
user-assisted ...)
@@ -9290,6 +9300,7 @@
CVE-2007-3922 (Unspecified vulnerability in the Java Runtime Environment (JRE)
Applet ...)
- sun-java5 1.5.0-12-2
[etch] - sun-java5 <no-dsa> (non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
- sun-java6 6-02-1
CVE-2007-3921 (gforge 3.1 and 4.5.14 allows local users to truncate arbitrary
files ...)
{DSA-1402-1}
@@ -9863,6 +9874,7 @@
- sun-java5 1.5.0-12-1
- sun-java6 6-02-1
[etch] - sun-java5 <no-dsa> (non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
CVE-2007-3697 (PHP remote file inclusion vulnerability in phpbb/sendmsg.php in
...)
NOT-FOR-US: FlashBB
CVE-2007-3696 (CA ERwin Data Model Validator (formerly AllFusion Data Model
...)
@@ -9958,6 +9970,7 @@
CVE-2007-3655 (Stack-based buffer overflow in javaws.exe in Sun Java Web Start
in JRE ...)
- sun-java5 1.5.0-12-1
[etch] - sun-java5 <no-dsa> (Non-free not supported)
+ [etch] - sun-java5 1.5.0-14-1etch1
- sun-java6 6-02-1
CVE-2007-3654 (The display driver allocattr functions in NetBSD 3.0 through
...)
NOT-FOR-US: NetBSD
@@ -10330,6 +10343,7 @@
NOTE: Sun Alert ID 102957 says issue is Windows only
CVE-2007-3503 (The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate
HTML ...)
[etch] - sun-java5 <no-dsa> (non-free)
+ [etch] - sun-java5 1.5.0-14-1etch1
- sun-java5 1.5.0-12-1
[etch] - sun-java6 <no-dsa> (non-free)
- sun-java6 6-01-1 (bug #432006)
@@ -10830,7 +10844,7 @@
[etch] - apache2 2.2.3-4+etch2
[sarge] - apache2 2.0.54-5sarge2 (low)
[etch] - apache <no-dsa> (scheduled for next point release)
- NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
+ [etch] - apache 1.3.34-4.1+etch1
CVE-2007-3303 (Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module,
allows ...)
- apache2 <unfixed> (unimportant)
NOTE: If you can execute arbitrary code, a DoS is not a problem.
@@ -12087,10 +12101,12 @@
NOT-FOR-US: VP-ASP Shopping Cart
CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before
...)
- sun-java5 1.5.0-11-1 (medium)
+ [etch] - sun-java5 1.5.0-14-1etch1
[etch] - sun-java5 <no-dsa> (Non-free not supported)
- sun-java6 6-01-1 (bug #422403)
CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun
Java ...)
- sun-java5 1.5.0-11-1 (medium)
+ [etch] - sun-java5 1.5.0-14-1etch1
[etch] - sun-java5 <no-dsa> (Non-free not supported)
- sun-java6 6-01-1 (bug #422403)
CVE-2007-2787 (Stack-based buffer overflow in the BrowseDir function in the (1)
...)
@@ -12908,6 +12924,7 @@
REJECTED
CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and
Java ...)
- sun-java5 1.5.0-11-1 (medium; bug #423062)
+ [etch] - sun-java5 1.5.0-14-1etch1
[etch] - sun-java5 <no-dsa> (Non-free not supported)
CVE-2007-2434 (Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows
...)
NOT-FOR-US: Aventail Connect
@@ -15516,7 +15533,7 @@
- libapache2-mod-perl2 2.0.2-5 (low; bug #433549)
[etch] - libapache2-mod-perl2 <no-dsa> (Minor issue)
[etch] - apache <no-dsa> (scheduled for stable point release)
- NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
+ [etch] - apache 1.3.34-4.1+etch1
CVE-2007-1348
RESERVED
CVE-2007-1347 (Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR,
and ...)
@@ -17083,7 +17100,7 @@
[sarge] - unrar-nonfree <no-dsa> (Non-free not supported)
[etch] - unrar-nonfree <no-dsa> (Non-free not supported)
TODO: r8 release [sarge] - unrar-nonfree 1:3.5.2-0.2
- TODO: r3 release [etch] - unrar-nonfree 1:3.5.4-1.1
+ [etch] - unrar-nonfree 1:3.5.4-1.1
NOTE: amavid-new automatically uses "rar -p-" or "unrar
-p-",
NOTE: which probably turns this into remote code execution
NOTE: clamav can also call unrar -p-, but AFAICS not in default configuration
@@ -21861,7 +21878,7 @@
[etch] - apache2 2.2.3-4+etch2
- apache <removed> (low)
[etch] - apache <no-dsa> (scheduled for stable point release)
- NOTE: pending for apache 1.3.34-4.1+etch1 / etch r3
+ [etch] - apache 1.3.34-4.1+etch1
CVE-2006-5751 (Integer overflow in the get_fdb_entries function in ...)
{DSA-1233}
- linux-2.6 2.6.18-8 (medium)
@@ -23076,7 +23093,6 @@
NOT-FOR-US: Linksys
CVE-2006-5201 (Multiple packages on Sun Solaris, including (1) NSS; (2) Java
JDK and ...)
- sun-java5 1.5.0-10-1 (bug #393042)
- [etch] - sun-java5 <no-dsa> (Non-free not supported)
NOTE: this is similar to CVE-2006-4339
CVE-2006-5200 (Unspecified vulnerability in Adobe Breeze 5 Licensed Server and
Breeze ...)
NOT-FOR-US: Adobe
@@ -29418,7 +29434,6 @@
- clamav <not-affected> (clamav-freshclam doesn''t ship
freshclam setuid or setgid)
CVE-2006-2426 (Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK
1.5.0_6 ...)
- sun-java5 1.5.0-10-1 (bug #384734)
- [etch] - sun-java5 <no-dsa> (Non-free not supported)
CVE-2006-2425 (Multiple cross-site scripting (XSS) vulnerabilities in PRV.php
in ...)
NOT-FOR-US: phpRemoteView
CVE-2006-2424 (PHP remote file inclusion vulnerability in ezUserManager 1.6 and
...)