Author: stef-guest
Date: 2006-12-23 12:24:54 +0100 (Sat, 23 Dec 2006)
New Revision: 5162
Modified:
data/CVE/list
Log:
- new libflash issue (low)
- CVE-2006-6585: new firefox issue
- CVE-2006-6493: openldap not affected
- CVE-2006-669[23]: zabbix already fixed
- CVE-2006-6660: kdelibs already fixed
- CVE-2006-6598: torrentflux already fixed
- CVE-2004-2666, CVE-2006-6574: mantis issues already fixed
- some NFUs
- mark some old mplayer issues as fixed
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-12-23 11:21:43 UTC (rev 5161)
+++ data/CVE/list 2006-12-23 11:24:54 UTC (rev 5162)
@@ -1,3 +1,6 @@
+CVE-2006-XXXX [insecure rpath in libflash-mozplugin]
+ - libflash 0.4.13-9 (low; bug #399508)
+ [sarge] - libflash <no-dsa> (minor issue)
CVE-2006-6697 (CRLF injection vulnerability in webapp/jsp/calendar.jsp in
Oracle ...)
NOT-FOR-US: Oracle
CVE-2006-6696 (Double-free vulnerability in Microsoft Windows 2000, XP, 2003,
and ...)
@@ -7,9 +10,9 @@
CVE-2006-6694 (Directory traversal vulnerability in include/config.php in
E-Uploader ...)
NOT-FOR-US: E-Uploader
CVE-2006-6693 (Multiple buffer overflows in zabbix before 20061006 allow
attackers to ...)
- TODO: check
+ - zabbix 1:1.1.2-4 (medium; bug #391388)
CVE-2006-6692 (Multiple format string vulnerabilities in zabbix before 20061006
allow ...)
- TODO: check
+ - zabbix 1:1.1.2-4 (medium; bug #391388)
CVE-2006-6691 (Multiple PHP remote file inclusion vulnerabilities in Valdersoft
...)
NOT-FOR-US: Valdersoft Shopping Cart
CVE-2006-6690 (rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0
through ...)
@@ -38,7 +41,7 @@
CVE-2006-6679 (Pedro Lineu Orso chetcpasswd before 2.4 relies on the
X-Forwarded-For ...)
- chetcpasswd <unfixed> (medium)
CVE-2006-6678 (The edit_textarea function in form-file.c in Netrik 1.15.4 and
earlier ...)
- - netrik <unfixed> (medium; bug filed)
+ - netrik <unfixed> (medium; bug #404233)
CVE-2006-6677 (ESET NOD32 Antivirus before 1.1743 allows remote attackers to
cause a ...)
NOT-FOR-US: ESET NOD32 Antivirus
CVE-2006-6676 (Integer overflow in ESET NOD32 Antivirus before 1.1743 allows
remote ...)
@@ -56,7 +59,7 @@
CVE-2006-6670 (Unspecified vulnerability in Nortel CallPilot 4.x Server has
unknown ...)
NOT-FOR-US: Nortel CallPilot
CVE-2006-6669 (Cross-site scripting (XSS) vulnerability in export_handler.php
in ...)
- - webcalender <unfixed> (low; bug filed)
+ - webcalender <unfixed> (low; bug #404234)
CVE-2006-6668 (Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and
earlier ...)
NOT-FOR-US: VerliAdmin
CVE-2006-6667 (Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and
earlier ...)
@@ -74,7 +77,8 @@
CVE-2006-6661 (Variable overwrite vulnerability in blog.php in PHP-Update 2.7
and ...)
NOT-FOR-US: PHP-Update
CVE-2006-6660 (The nodeType function in KDE libkhtml 4.2.0 and earlier, as used
by ...)
- TODO: check
+ - kdelibs <not-affected> (at least it is fixed in 4:3.5.5a.dfsg.1-5)
+ NOTE: is DoS only, anyway
CVE-2002-2221 (Untrusted search path vulnerability in Pedro Lineu Orso
chetcpasswd ...)
TODO: check
CVE-2002-2220 (Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12,
when ...)
@@ -189,7 +193,7 @@
CVE-2006-6617 (projectserver/logon/pdsrequest.asp in Microsoft Project Server
2003 ...)
NOT-FOR-US: Microsoft
CVE-2006-6616 (index.php in w00t Gallery 1.4.0 allows remote authenticated
users with ...)
- TODO: check
+ NOT-FOR-US: w00t Gallery
CVE-2006-6615 (PHP remote file inclusion vulnerability in
includes/act_constants.php ...)
NOT-FOR-US: Activity Games module for mxBB
CVE-2006-6614 (The save_log_local function in Fully Automatic Installation
(FAI) ...)
@@ -225,7 +229,7 @@
CVE-2006-6599 (maketorrent.php in TorrentFlux 2.2 allows remote authenticated
users ...)
TODO: check
CVE-2006-6598 (Directory traversal vulnerability in viewnfo.php in (1)
TorrentFlux ...)
- TODO: check
+ - torrentflux 2.1-6
CVE-2006-6597 (Argument injection vulnerability in HyperAccess 8.4 allows ...)
NOT-FOR-US: HyperAccess
CVE-2006-6596 (HyperAccess 8.4 allows user-assisted remote attackers to execute
...)
@@ -251,7 +255,9 @@
CVE-2006-6586 (Multiple PHP remote file inclusion vulnerabilities in Vortex
Blog ...)
NOT-FOR-US: Vortex Blog
CVE-2006-6585 (The Extensions manager in Mozilla Firefox 2.0 does not properly
...)
- TODO: check
+ - iceweasel <unfixed>
+ - firefox <removed>
+ TODO: check iceape, sarge''s firefox
CVE-2006-6584 (Multiple buffer overflows in italkplus (Italk+) before 0.92.1
allow ...)
NOT-FOR-US: italkplus (Italk+)
CVE-2006-6583 (ScriptMate User Manager 2.1 and earlier allow remote attackers
to ...)
@@ -269,17 +275,17 @@
CVE-2006-6577 (SQL injection vulnerability in polls.php in Neocrome Land Down
Under ...)
NOT-FOR-US: Neocrome Land Down Under
CVE-2006-6576 (Heap-based buffer overflow in Golden FTP Server (goldenftpd)
1.92 ...)
- TODO: check
+ NOT-FOR-US: Golden FTP Server
CVE-2006-6575 (PHP remote file inclusion vulnerability in ldap.php in Brian
Drawert ...)
- TODO: check
+ NOT-FOR-US: Yet Another PHP LDAP Admin Project (yaplap)
CVE-2006-6574 (Mantis before 1.1.0a2 does not implement per-item access control
for ...)
- TODO: check
+ - mantis 1.0.6+dfsg-3 (bug #402802)
CVE-2004-2666 (Mantis before 20041016 provides a complete Issue History (Bug
History) ...)
- TODO: check
+ - mantis 0.19.2-1
CVE-2003-1312 (siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places
a ...)
- TODO: check
+ NOT-FOR-US: Netegrity SiteMinder
CVE-2003-1311 (siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does
not ...)
- TODO: check
+ NOT-FOR-US: Netegrity SiteMinder
CVE-2006-XXXX [gaim crash when receiving an invalid UPnP response]
- gaim 1:2.0.0+beta5-9 (low)
[sarge] - gaim <no-dsa> (minor issue)
@@ -539,7 +545,8 @@
CVE-2006-6494 (Directory traversal vulnerability in ld.so.1 in Sun Solaris 8,
9, and ...)
NOT-FOR-US: Solaris
CVE-2006-6493 (Buffer overflow in the krbv4_ldap_auth function in ...)
- TODO: check
+ - openldap2.3 <not-affected> (kerberos support not enabled)
+ - openldap2 <not-affected> (kerberos support not enabled)
CVE-2006-6492
RESERVED
CVE-2006-6491
@@ -572,11 +579,11 @@
CVE-2006-6478 (Multiple SQL injection vulnerabilities in AnnonceScriptHP 2.0
allow ...)
NOT-FOR-US: AnnonceScriptHP
CVE-2006-6477 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when
run in ...)
- TODO: check
+ NOT-FOR-US: Mandiant First Response (MFR)
CVE-2006-6476 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when
run in ...)
- TODO: check
+ NOT-FOR-US: Mandiant First Response (MFR)
CVE-2006-6475 (FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when
run in ...)
- TODO: check
+ NOT-FOR-US: Mandiant First Response (MFR)
CVE-2006-6474 (Untrusted search path vulnerability in McAfee VirusScan for
Linux ...)
NOT-FOR-US: McAfee
CVE-2006-6473 (Multiple unspecified vulnerabilities in Xerox WorkCentre and
...)
@@ -840,9 +847,9 @@
CVE-2006-6347 (Unrestricted file upload vulnerability in TFT-Gallery allows
remote ...)
NOT-FOR-US: TFT-Gallery
CVE-2006-6346 (Unspecified vulnerability in SAP Internet Graphics Service (IGS)
6.40 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-6345 (Directory traversal vulnerability in SAP Internet Graphics
Service ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2006-6344 (Multiple unspecified vulnerabilities in Neocrome Seditio 1.10
and ...)
NOT-FOR-US: Neocrome Seditio
CVE-2006-6343 (SQL injection vulnerability in polls.php in Neocrome Seditio
1.10 and ...)
@@ -1358,7 +1365,7 @@
- gdm 2.16.4-1 (medium; bug #403219)
[sarge] - gdm <not-affected> (Vulnerable code not present)
CVE-2006-6104 (The System.Web class in the XSP for ASP.NET server 1.1 through
2.0 in ...)
- TODO: check
+ NOT-FOR-US: System.Web class in the XSP for ASP.NET server
CVE-2006-6103
RESERVED
CVE-2006-6102
@@ -6258,7 +6265,7 @@
CVE-2006-3897 (Stack overflow in Microsoft Internet Explorer 6 on Windows 2000
allows ...)
NOT-FOR-US: Microsoft
CVE-2006-3896 (The NeoScale Systems CryptoStor 700 series appliance before 2.6
relies ...)
- TODO: check
+ NOT-FOR-US: NeoScale Systems CryptoStor
CVE-2006-3895
RESERVED
CVE-2006-3894
@@ -31581,11 +31588,11 @@
CVE-2004-1312 (A bug in the HTML parser in a certain Microsoft HTML library, as
used ...)
NOT-FOR-US: Microsoft
CVE-2004-1311 (Integer overflow in the real_setup_and_get_header function in
real.c ...)
- TODO: check mplayer
+ - mplayer 1.0pre6a-1
CVE-2004-1310 (Stack-based buffer overflow in the asf_mmst_streaming.c
functionality ...)
- TODO: check mplayer
+ NOT-FOR-US: - mplayer 1.0pre6a-1 mplayer
CVE-2004-1309 (Heap-based buffer overflow in the demux_open_bmp function in
...)
- TODO: check mplayer
+ NOT-FOR-US: - mplayer 1.0pre6a-1 mplayer
CVE-2004-1308 (Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for
libtiff ...)
{DSA-617-1}
- tiff 3.6.1-4
@@ -33763,7 +33770,7 @@
{DSA-504}
- heimdal 0.6.2-1
CVE-2004-0433 (Multiple buffer overflows in the Real-Time Streaming Protocol
(RTSP) ...)
- TODO: check mplayer
+ - mplayer 1.0pre6a-1
- xine-lib 1-rc4
CVE-2004-0432 (ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR
based ACL ...)
- proftpd 1.2.9-4
@@ -33893,7 +33900,7 @@
CVE-2004-0387 (Stack-based buffer overflow in the RT3 plugin, as used in
RealPlayer ...)
NOT-FOR-US: RealPlayer plugin
CVE-2004-0386 (Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and
earlier, ...)
- TODO: check mplayer
+ - mplayer 1.0pre6a-1
CVE-2004-0385 (Heap-based buffer overflow in Oracle 9i Application Server Web
Cache ...)
NOT-FOR-US: Oracle 9i Application Server Web Cache
CVE-2004-0384
Florian Weimer
2006-Dec-24 21:17 UTC
[Secure-testing-team] Re: [Secure-testing-commits] r5162 - data/CVE
* Stefan Fritsch:> CVE-2006-6104 (The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in ...) > - TODO: check > + NOT-FOR-US: System.Web class in the XSP for ASP.NET server*ahem* We''ve got ASP.NET these days. This is a bug which affects Mono.