Secure testing commits - Jan 2011 - r15965 - data/CVE

Author: joeyh
Date: 2011-01-25 21:17:21 +0000 (Tue, 25 Jan 2011)
New Revision: 15965

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-01-25 20:26:50 UTC (rev 15964)
+++ data/CVE/list	2011-01-25 21:17:21 UTC (rev 15965)
@@ -1,3 +1,25 @@
+CVE-2011-0640 (The default configuration of udev on Linux does not warn the
user ...)
+	TODO: check
+CVE-2011-0639 (Apple Mac OS X does not properly warn the user before enabling
...)
+	TODO: check
+CVE-2011-0638 (Microsoft Windows does not properly warn the user before
enabling ...)
+	TODO: check
+CVE-2011-0637 (The FC SCSI protocol driver in IBM AIX 6.1 does not verify that
a ...)
+	TODO: check
+CVE-2011-0636 (The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the
NVIDIA ...)
+	TODO: check
+CVE-2011-0635 (Static code injection vulnerability in Simploo CMS 1.7.1 and
earlier ...)
+	TODO: check
+CVE-2010-4708 (The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier
reads the ...)
+	TODO: check
+CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in
...)
+	TODO: check
+CVE-2010-4706 (The pam_sm_close_session function in pam_xauth.c in the
pam_xauth ...)
+	TODO: check
+CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function
in ...)
+	TODO: check
+CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1
and ...)
+	TODO: check
 CVE-2011-XXXX [xmlTextWriterWriteAttribute heap disclosure]
 	- libxml2 <unfixed>
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=631551
@@ -357,7 +379,7 @@
 CVE-2011-0481 (Buffer overflow in Google Chrome before 8.0.552.237 and Chrome
OS ...)
 	- chromium-browser <not-affected> (Chrome PDF plugin)
 	- webkit <not-affected> (Chrome PDF plugin)
-CVE-2011-0480 (Multiple buffer overflows in the Vorbis decoder in Google Chrome
...)
+CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder
in ...)
 	- ffmpeg <unfixed> (bug #610550)
 	- ffmpeg-debian <removed>
 CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
@@ -531,8 +553,8 @@
 	RESERVED
 CVE-2011-0411
 	RESERVED
-CVE-2011-0410
-	RESERVED
+CVE-2011-0410 (CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for
...)
+	TODO: check
 CVE-2011-0409
 	RESERVED
 CVE-2011-0408 (pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers
to ...)
@@ -650,8 +672,8 @@
 	RESERVED
 CVE-2011-0353
 	RESERVED
-CVE-2011-0352
-	RESERVED
+CVE-2011-0352 (Buffer overflow in the web-based management interface on the
Cisco ...)
+	TODO: check
 CVE-2011-0351
 	RESERVED
 CVE-2011-0350
@@ -1054,10 +1076,10 @@
 	RESERVED
 CVE-2011-0275
 	RESERVED
-CVE-2011-0274
-	RESERVED
-CVE-2011-0273
-	RESERVED
+CVE-2011-0274 (Cross-site scripting (XSS) vulnerability in HP Business
Availability ...)
+	TODO: check
+CVE-2011-0273 (Unspecified vulnerability in HP OpenView Storage Data Protector
6.11 ...)
+	TODO: check
 CVE-2011-0272 (Unspecified vulnerability in HP LoadRunner 9.52 allows remote
...)
 	NOT-FOR-US: HP LoadRunner
 CVE-2011-0271 (The CGI scripts in HP OpenView Network Node Manager (OV NNM)
7.51 and ...)
@@ -1852,9 +1874,8 @@
 CVE-2011-0021 [VLC CDG]
 	RESERVED
 	- vlc 1.1.3-1squeeze2
-        NOTE:
http://git.videolan.org/?p=vlc.git;a=commit;h=f9b664eac0e1a7bceed9d7b5854fd9fc351b4aab
-CVE-2011-0020 [buffer overflow in pango_ft2_font_render_box_glyph]
-	RESERVED
+	NOTE:
http://git.videolan.org/?p=vlc.git;a=commit;h=f9b664eac0e1a7bceed9d7b5854fd9fc351b4aab
+CVE-2011-0020 (Heap-based buffer overflow in the
pango_ft2_font_render_box_glyph ...)
 	- pango1.0 1.28.3-1+squeeze1 (bug #610792)
 CVE-2011-0019
 	RESERVED
@@ -1905,8 +1926,7 @@
 	{DTSA-207-1}
 	- mediawiki <unfixed>
 	[lenny] - mediawiki 1:1.12.0-2lenny7
-CVE-2011-0002 [libuser creates LDAP users with a default password]
-	RESERVED
+CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or
(2) x ...)
 	- libuser <unfixed> (bug #610034)
 CVE-2011-0001
 	RESERVED
@@ -2297,8 +2317,7 @@
 	NOTE: too late to fix in squeeze release cycle, but this should be fixed for
wheezy
 CVE-2010-4354 (The remote-access IPSec VPN implementation on Cisco Adaptive
Security ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2010-4353
-	RESERVED
+CVE-2010-4353 (Unrestricted file upload vulnerability in ...)
 	- gallery3 <itp> (bug #511715)
 CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1
...)
 	{DSA-2149-1}
@@ -2325,8 +2344,7 @@
 	[lenny] - linux-2.6 <not-affected> (Driver introduced in 2.6.32)
 CVE-2010-4342 (The aun_incoming function in net/econet/af_econet.c in the Linux
...)
 	- linux-2.6 2.6.32-30
-CVE-2010-4341 [DoS in sssd PAM responder can prevent logins]
-	RESERVED
+CVE-2010-4341 (The pam_parse_in_data_v2 function in
src/responder/pam/pamsrv_cmd.c in ...)
 	- sssd <unfixed> (bug #610032)
 CVE-2010-4333 (Pointter PHP Micro-Blogging Social Network 1.8 allows remote
attackers ...)
 	NOT-FOR-US: Pointter PHP Micro-Blogging Social Network
@@ -2534,8 +2552,7 @@
 CVE-2010-4256 [linux: pipe_fcntl local DoS]
 	RESERVED
 	- linux-2.6 <unfixed>
-CVE-2010-4255 [linux: Xen direct pv guest access crash]
-	RESERVED
+CVE-2010-4255 (The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1
and ...)
 	- xen 4.0.1-2 (bug #609531)
 CVE-2010-4254 (Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10
is ...)
 	- moon <not-affected> (Debian''s version of Moonlight is not
affected, see #608288)
@@ -2564,8 +2581,7 @@
 	[lenny] - pootle <not-affected> (Vulnerable code not present)
 CVE-2010-4244
 	RESERVED
-CVE-2010-4243 [linux: mem allocated invisible to oom_kill() when not attached
to any threads]
-	RESERVED
+CVE-2010-4243 (fs/exec.c in the Linux kernel before 2.6.37 does not enable the
OOM ...)
 	- linux-2.6 2.6.32-30
 CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver ...)
 	- linux-2.6 2.6.32-28 
@@ -2578,8 +2594,7 @@
 CVE-2010-4239
 	RESERVED
 	NOT-FOR-US: TikiWiki
-CVE-2010-4238 [linux: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV]
-	RESERVED
+CVE-2010-4238 (The vbd_create function in Xen 3.1.2, when the Linux kernel
2.6.18 on ...)
 	- linux-2.6 <unfixed>
 	TODO: check
 CVE-2010-4236 (Untrusted search path vulnerability in estaskwrapper in IBM
OmniFind ...)
@@ -3332,8 +3347,8 @@
 	RESERVED
 CVE-2010-3928 (Ruby Version Manager (RVM) before 1.2.1 writes file contents to
a ...)
 	NOT-FOR-US: Ruby Version Manager
-CVE-2010-3927
-	RESERVED
+CVE-2010-3927 (Untrusted search path vulnerability in Lunascape before 6.4.0
allows ...)
+	TODO: check
 CVE-2010-3926 (Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi
in ...)
 	NOT-FOR-US: SGX-SP Final
 CVE-2010-3925 (Contents-Mall before 15 does not properly handle passwords,
which ...)
@@ -3438,8 +3453,7 @@
 CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does
not ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
-CVE-2010-3879 [fuse: unprivileged user can unmount arbitrary locations via
symlink attack]
-	RESERVED
+CVE-2010-3879 (FUSE, possibly 2.8.5 and earlier, allows local users to create
mtab ...)
 	- fuse <unfixed> (bug #602333)
 CVE-2010-3878 (Cross-site request forgery (CSRF) vulnerability in the JMX
Console in ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
@@ -3506,8 +3520,7 @@
 	- freetype 2.4.2-2.1 (bug #602221)
 CVE-2010-3854
 	RESERVED
-CVE-2010-3853 [pam_namespace executes script with inherited environment]
-	RESERVED
+CVE-2010-3853 (pam_namespace.c in the pam_namespace module in Linux-PAM (aka
pam) ...)
 	- pam <unfixed> (low; bug #608273)
 CVE-2010-3852 (The default configuration of Luci 0.22.4 and earlier in Red Hat
Conga ...)
 	NOT-FOR-US: Red Hat Conga
@@ -4692,8 +4705,7 @@
 CVE-2010-3436 (fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote
...)
 	- php5 5.3.3-4 (unimportant)
 	NOTE: http://svn.php.net/viewvc?view=revision&revision=303824
-CVE-2010-3435
-	RESERVED
+CVE-2010-3435 (The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam)
before ...)
 	- pam <unfixed> (low; bug #599832)
 	[squeeze] - pam <no-dsa> (Minor issue)
 	[lenny] - pam <no-dsa> (Minor issue)
@@ -4710,12 +4722,10 @@
 CVE-2010-3432 (The sctp_packet_config function in net/sctp/output.c in the
Linux ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-24
-CVE-2010-3431
-	RESERVED
+CVE-2010-3431 (The privilege-dropping implementation in the (1) pam_env and (2)
...)
 	- pam <not-affected> (Affected functionality introduced in 1.1.2, see
#599832)
 	NOTE: 20100924164823.GA21584 at openwall.com
-CVE-2010-3430
-	RESERVED
+CVE-2010-3430 (The privilege-dropping implementation in the (1) pam_env and (2)
...)
 	- pam <not-affected> (Affected functionality introduced in 1.1.2, see
#599832)
 	NOTE: 20100924164823.GA21584 at openwall.com
 CVE-2010-3429 (flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in
...)
@@ -5000,8 +5010,7 @@
 	NOT-FOR-US: IBM Records Manager
 CVE-2010-3317 (Cross-site scripting (XSS) vulnerability in IBM Records Manager
(RM) ...)
 	NOT-FOR-US: IBM Records Manager
-CVE-2010-3316
-	RESERVED
+CVE-2010-3316 (The run_coprocess function in pam_xauth.c in the pam_xauth
module in ...)
 	- pam <unfixed> (unimportant; bug #599832)
 	NOTE: partial fix
http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commitdiff;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
 	NOTE: Not exploitable with current kernels
@@ -36290,7 +36299,7 @@
 	NOT-FOR-US: Unreal Tournament
 CVE-2008-3409 (Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier
allows ...)
 	NOT-FOR-US: Unreal Tournament
-CVE-2008-3408 (Stack-based buffer overflow in CoolPlayer allows user-assisted
remote ...)
+CVE-2008-3408 (Stack-based buffer overflow in CoolPlayer 2.18, and possibly
other ...)
 	NOT-FOR-US: CoolPlayer
 CVE-2008-3407 (phpLinkat 0.1 allows remote attackers to bypass authentication
and ...)
 	NOT-FOR-US: phpLinkat