thr3ads.net - Secure testing commits - [Secure-testing-commits] r12702

If this information is useful, please help other people find it:
Share via:
Giuseppe Iuculano
2009-Aug-29 08:30 UTC
[Secure-testing-commits] r12702 - data/CVE

Author: derevko-guest
Date: 2009-08-29 08:30:49 +0000 (Sat, 29 Aug 2009)
New Revision: 12702

Modified:
   data/CVE/list
Log:
- NFU
- CVE-2009-2975 is unimportant
- CVE-2008-7068 no-dsa candidate
- CVE-2008-7002 is unimportant
- CVE-2009-272{1,2,3,4} fixed in sun-java5 1.5.0-20-1
- CVE-2009-271{16,17,18,19} and CVE-2009-2720 fixed in sun-java6 6-15-1
- CVE-2009-2409: gnutls13 is affected
- Added some notes in WebKit related issues


Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-08-29 06:13:31 UTC (rev 12701)
+++ data/CVE/list	2009-08-29 08:30:49 UTC (rev 12702)
@@ -47,7 +47,9 @@
 CVE-2009-2976 (Cisco Aironet Lightweight Access Point (AP) devices send the
contents ...)
 	NOT-FOR-US: Cisco
 CVE-2009-2975 (Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly
...)
-	TODO: check
+	- xulrunner <not-affected> (unimportant)
+	NOTE: browser crashes not treated as security issues
+	NOTE: not reproducible, probably only Firefox in Windows XP is affected
 CVE-2009-2974 (Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote
...)
 	- chromium-browser <itp> (bug #520324)
 CVE-2009-2973 (Google Chrome before 2.0.172.43 does not prevent SSL connections
to a ...)
@@ -173,7 +175,9 @@
 CVE-2008-7069 (All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive
information ...)
 	NOT-FOR-US: All Club CMS (ACCMS)
 CVE-2008-7068 (The dba_replace function in PHP 5.2.6 and 4.x allows
context-dependent ...)
-	TODO: check
+	- php5 5.2.6.dfsg.1-3 (low; bug #507101)
+	- php4 <removed> (low)
+	NOTE: no-dsa candidate, if a user has write access to a file he simply can use
fopen()
 CVE-2008-7067 (PHP remote file inclusion vulnerability in ...)
 	NOT-FOR-US: PageTree CMS 
 CVE-2008-7066 (OpenForum 0.66 Beta allows remote attackers to bypass
authentication ...)
@@ -329,7 +333,7 @@
 CVE-2008-7016 (tnftpd before 20080929 splits large command strings into
multiple ...)
 	NOT-FOR-US: tnftpd
 CVE-2003-1574 (TikiWiki 1.6.1 allows remote attackers to bypass authentication
by ...)
-	TODO: check
+	NOT-FOR-US: TikiWiki
 CVE-2009-XXXX [pidgin does not honour SSL/TLS]
 	- pidgin 2.6.1-1 (low; bug #542891)
 	[lenny] - pidgin <no-dsa> (Minor issue)
@@ -689,7 +693,8 @@
 CVE-2008-7003 (Multiple SQL injection vulnerabilities in login.php in The Rat
CMS ...)
 	NOT-FOR-US: The Rat CMS 
 CVE-2008-7002 (PHP 5.2.5 does not enforce (a) open_basedir and (b)
safe_mode_exec_dir ...)
-	TODO: check
+	- php5 (unimportant)
+	NOTE: safe-mode and basedir violations not treated as security issues
 CVE-2008-7001 (Unrestricted file upload vulnerability in the file manager in
Creative ...)
 	NOT-FOR-US: Creative Mind Creator CMS
 CVE-2008-7000 (PHP remote file inclusion vulnerability in index.php in
PHPAuction 3.2 ...)
@@ -968,23 +973,32 @@
 CVE-2009-2725
 	RESERVED
 CVE-2009-2724 (Race condition in the java.lang package in Sun Java SE 5.0
before ...)
-	TODO: check
+	- sun-java5 1.5.0-20-1 (unknown)
+	NOTE: unknown impact and attack vectors
 CVE-2009-2723 (Unspecified vulnerability in deserialization in the Provider
class in ...)
-	TODO: check
+	- sun-java5 1.5.0-20-1 (unknown)
+	NOTE: unknown impact and attack vectors
 CVE-2009-2722 (Multiple unspecified vulnerabilities in the Provider class in
Sun Java ...)
-	TODO: check
+	- sun-java5 1.5.0-20-1 (unknown)
+	NOTE: unknown impact and attack vectors
 CVE-2009-2721 (Multiple unspecified vulnerabilities in the Provider class in
Sun Java ...)
-	TODO: check
+	- sun-java5 1.5.0-20-1 (unknown)
+	NOTE: unknown impact and attack vectors
 CVE-2009-2720 (Unspecified vulnerability in the ...)
-	TODO: check
+	- sun-java6 6-15-1
+	TODO: check openjdk-6
 CVE-2009-2719 (The Java Web Start implementation in Sun Java SE 6 before Update
15 ...)
-	TODO: check
+	- sun-java6 6-15-1
+	TODO: check openjdk-6
 CVE-2009-2718 (The Abstract Window Toolkit (AWT) implementation in Sun Java SE
6 ...)
-	TODO: check
+	- sun-java6 6-15-1
+	TODO: check openjdk-6
 CVE-2009-2717 (The Abstract Window Toolkit (AWT) implementation in Sun Java SE
6 ...)
-	TODO: check
+	- sun-java6 6-15-1
+	TODO: check openjdk-6
 CVE-2009-2716 (The plugin functionality in Sun Java SE 6 before Update 15 does
not ...)
-	TODO: check
+	- sun-java6 6-15-1
+	TODO: check openjdk-6
 CVE-2008-6927 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: cPanel
 CVE-2008-6926 (Directory traversal vulnerability in ...)
@@ -1014,7 +1028,7 @@
 	- libxerces2-java <unfixed> (low; bug #540862)
 	[etch] - libxerces2-java <no-dsa> (minor issue)
 	[lenny] - libxerces2-java <no-dsa> (minor issue)
-	TODO: request cve it
+	TODO: request cve id
 CVE-2009-XXXX [gri: insecure temp file generation]
 	- gri 2.12.18-1 (low)
 CVE-2009-2715 (Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to
cause ...)
@@ -2020,7 +2034,7 @@
 	- nss 3.12.3-1 (low; bug #539895)
 	- openssl 0.9.8k-4 (low; bug #539899)
 	- gnutls26 2.4.2-5 (low; bug #539901)
-	TODO: check - gnutls13 <removed>
+	- gnutls13 <removed>
 CVE-2009-2407 (Heap-based buffer overflow in the parse_tag_3_packet function in
...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-5 (medium)
@@ -2494,7 +2508,6 @@
 	[lenny] - iceape <not-affected> (Only provides a stub for XPCOM)
 	[etch] - iceape <no-dsa> (Mozilla from Etch no longer covered by
security support)
 	- kompozer <not-affected> (mail suite not compiled)
-	TODO: check on the details once the Mozilla bug has been made public
 	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-33.html
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=495057
 CVE-2008-6839 (Multiple cross-site scripting (XSS) vulnerabilities in TGS
Content ...)
@@ -2595,6 +2608,8 @@
 CVE-2009-2200 (WebKit in Apple Safari before 4.0.3 does not properly restrict
the URL ...)
 	TODO: check
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=517273
+	NOTE: http://trac.webkit.org/changeset/44905
+	NOTE: http://trac.webkit.org/changeset/44909
 CVE-2009-2199 (Incomplete blacklist vulnerability in WebKit in Apple Safari
before ...)
 	NOT-FOR-US: Apple Safari
 CVE-2009-2198 (Apple GarageBand before 5.1 reconfigures Safari to accept all
cookies ...)
@@ -2606,6 +2621,7 @@
 CVE-2009-2195 (Buffer overflow in WebKit in Apple Safari before 4.0.3 allows
remote ...)
 	TODO: check
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=517273
+	NOTE: http://trac.webkit.org/changeset/45696
 CVE-2009-2194 (Apple Mac OS X 10.5 before 10.5.8 does not properly share file
...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2193 (Buffer overflow in the kernel in Apple Mac OS X 10.5 before
10.5.8 ...)
Secure testing commits - Aug 2009 - r12702 - data/CVE

[Secure-testing-commits] r12702 - data/CVE
