Author: nion
Date: 2007-10-01 23:48:40 +0000 (Mon, 01 Oct 2007)
New Revision: 6759
Modified:
data/CVE/list
Log:
NFUs
new issue: CVE-2007-5162 (ruby1.8)
new issue: CVE-2007-5156 (knowledgeroot)
CVE-2007-5137 fixed in tcl8.4 8.4.16-1
removed notes for rejected entries because pre-commit hooks prevent them
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-10-01 21:14:07 UTC (rev 6758)
+++ data/CVE/list 2007-10-01 23:48:40 UTC (rev 6759)
@@ -1,98 +1,101 @@
CVE-2007-5169
RESERVED
CVE-2007-5168 (Multiple PHP remote file inclusion vulnerabilities in ClanLite
...)
- TODO: check
+ NOT-FOR-US: Clan lite
CVE-2007-5167 (PHP remote file inclusion vulnerability in
.systeme/fonctions.php in ...)
- TODO: check
+ NOT-FOR-US: phpLister
CVE-2007-5166 (Multiple PHP remote file inclusion vulnerabilities in SiteSys
1.0a ...)
- TODO: check
+ NOT-FOR-US: SiteSys
CVE-2007-5165 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: myIpacNG-stats
CVE-2007-5164 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: UniversiBO
CVE-2007-5163 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: nexty
CVE-2007-5162 (The connect method in lib/net/http.rb in the (1) Net::HTTP and
(2) ...)
- TODO: check
+ - ruby1.9 <not-affected> (Vulnerable code no longer present)
+ - ruby1.8 <unfixed> (low; bug #444929)
+ NOTE: fix for 1.8
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13504
CVE-2007-5161 (Cross-site scripting (XSS) vulnerability in the internal browser
in ...)
- TODO: check
+ NOT-FOR-US: Feedreader 3
+ NOTE: editor not included in native wordpress
CVE-2007-5160 (Multiple PHP remote file inclusion vulnerabilities in Thierry
Leriche ...)
- TODO: check
+ NOT-FOR-US: Thierry Leriche Restaurant Management System
CVE-2007-5159 (The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an
ntfs-3g ...)
- TODO: check
+ - ntfs-3g <not-affected> (/sbin/mount.ntfs-3g is installed for group
and user root)
CVE-2007-5158 (The focus handling for the onkeydown event in Microsoft Internet
...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-5157 (PHP remote file inclusion vulnerability in phfito-post.php in
Alex ...)
- TODO: check
+ NOT-FOR-US: PHP Fidonet Tosser
CVE-2007-5156 (Incomplete blacklist vulnerability in ...)
- TODO: check
+ - knowledgeroot <unfixed> (medium; bug #444928)
CVE-2007-5155 (IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect
...)
- TODO: check
+ NOT-FOR-US: ICEOWS
CVE-2007-5154 (Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and
...)
- TODO: check
+ NOT-FOR-US: Aipo
CVE-2007-5153 (Unspecified vulnerability in Sun Java System Access Manager 7.1,
when ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Access Manager
CVE-2007-5152 (Sun Java System Access Manager 7.1, when installed in a Sun Java
...)
- TODO: check
+ NOT-FOR-US: Sun Java System Access Manager
CVE-2007-5151 (SQL injection vulnerability in the abget_admin function in ...)
- TODO: check
+ NOT-FOR-US: NukeSentinel
CVE-2007-5150 (SQL injection vulnerability in the is_god function in ...)
- TODO: check
+ NOT-FOR-US: NukeSentinel
CVE-2007-5149 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: North Country Public Radio Public Media Manager
CVE-2007-5148 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: FrontAccounting
CVE-2007-5147 (Multiple PHP remote file inclusion vulnerabilities in Puzzle
Apps CMS ...)
- TODO: check
+ NOT-FOR-US: Puzzle Apps CMS
CVE-2007-5146 (Multiple PHP remote file inclusion vulnerabilities in dedi-group
Der ...)
- TODO: check
+ NOT-FOR-US: Der Dirigent
CVE-2007-5145 (Multiple buffer overflows in system DLL files in Microsoft
Windows XP, ...)
- TODO: check
+ NOT-FOR-US: Windows XP
CVE-2007-5144 (Buffer overflow in the GDI engine in Windows Live Messenger, as
used ...)
- TODO: check
+ NOT-FOR-US: Windows Live Messenger
CVE-2007-5143 (F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition
allows ...)
- TODO: check
+ NOT-FOR-US: Anti-Virus for Windows Servers
CVE-2007-5142 (Cross-site scripting (XSS) vulnerability in buscar.asp in
Solidweb ...)
- TODO: check
+ NOT-FOR-US: Solidweb Novus
CVE-2007-5141 (SQL injection vulnerability in search.php in SiteX CMS 0.7.3
Beta ...)
- TODO: check
+ NOT-FOR-US: SiteX
CVE-2007-5140 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: IntegraMOD Nederland
CVE-2007-5139 (PHP remote file inclusion vulnerability in
admin/include/header.php in ...)
- TODO: check
+ NOT-FOR-US: Chupix
CVE-2007-5138 (PHP remote file inclusion vulnerability in forum/forum.php in
...)
- TODO: check
+ NOT-FOR-US: lustig.cms
CVE-2007-5137 (Buffer overflow in the ReadImage function in generic/tkImgGIF.c
in Tcl ...)
- TODO: check
+ - tcl8.4 8.4.16-1
+ TODO: check tcl8.3
CVE-2007-5136 (Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and
earlier ...)
- TODO: check
+ NOT-FOR-US: DFD Cart
CVE-2007-5134 (Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP
...)
- TODO: check
+ NOT-FOR-US: Cisco firmware
CVE-2007-5133 (Microsoft Windows Explorer (explorer.exe) allows user-assisted
remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows Explorer
CVE-2007-5132 (Race condition in the kernel in Sun Solaris 8 through 10 allows
local ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2007-5131 (SQL injection vulnerability in index.php in Interspire ActiveKB
NX 2.x ...)
- TODO: check
+ NOT-FOR-US: ActiveKB
CVE-2007-5130 (SimpGB 1.46.02 allows remote attackers to obtain sensitive
information ...)
- TODO: check
+ NOT-FOR-US: SimpGB
CVE-2007-5129 (SimpGB 1.46.02 stores sensitive information under the web root
with ...)
- TODO: check
+ NOT-FOR-US: SimpGB
CVE-2007-5128 (SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used,
allows ...)
- TODO: check
+ NOT-FOR-US: SimpNews
CVE-2007-5127 (Multiple cross-site scripting (XSS) vulnerabilities in SimpGB
1.46.02 ...)
- TODO: check
+ NOT-FOR-US: SimpGB
CVE-2007-5126 (Unspecified vulnerability in the client in Symantec Veritas
Backup ...)
- TODO: check
+ NOT-FOR-US: Symantec Veritas Backup Exec
CVE-2007-5125
REJECTED
- TODO: check
CVE-2007-5124 (The embedded Internet Explorer server control in AOL Instant
Messenger ...)
- TODO: check
+ NOT-FOR-US: AOL Messenger
CVE-2007-5123 (SQL injection vulnerability in notas.asp in Novus 1.0 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Solidweb Novus
CVE-2007-5122 (SQL injection vulnerability in store_info.php in SoftBiz
Classifieds ...)
- TODO: check
+ NOT-FOR-US: SoftBiz Classifieds PLUS
CVE-2007-5121 (Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta
...)
TODO: check
CVE-2007-5120 (Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki
2.4.103 ...)
@@ -100,13 +103,13 @@
CVE-2007-5119 (JSPWiki 2.4.103 and 2.5.139-beta allows remote attackers to
obtain ...)
TODO: check
CVE-2007-5118 (Unspecified vulnerability in the HID (Human Interface Device)
class ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2007-5117 (Multiple PHP remote file inclusion vulnerabilities in
FrontAccounting ...)
- TODO: check
+ NOT-FOR-US: FrontAccounting
CVE-2007-5116
RESERVED
CVE-2003-1340 (Multiple SQL injection vulnerabilities in Francisco Burzi
PHP-Nuke 5.6 ...)
- TODO: check
+ NOT-FOR-US: Php-Nuke
CVE-2007-5135 (Off-by-one error in the SSL_get_shared_ciphers function in
OpenSSL ...)
- openssl 0.9.8e-9 (high; bug #444435)
NOTE: see https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/146269
@@ -249,21 +252,6 @@
NOT-FOR-US: Neuron News
CVE-2007-5049
REJECTED
- {DTSA-62-1}
- - poppler 0.5.4-6.2 (medium; bug #443903)
- - gpdf <removed>
- - xpdf 3.02-1.2 (medium; bug #443906)
- - kdegraphics 4:3.5.7-4 (medium; bug #444015)
- - koffice 1:1.6.3-3 (medium; bug #444014)
- - pdftohtml <removed>
- - tetex-bin 3.0-12
- NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed
- - cupsys <not-affected> (unimportant; bug #436099)
- NOTE: cups uses xpdf-utils
- - pdfkit.framework 0.8-4
- NOTE: links to poppler since 0.8-4, thus marking as fixed
- - libextractor 0.5.12-1
- NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as
fixed
CVE-2007-5048 (Heap-based buffer overflow in Lhaplus before 1.55 allows remote
...)
NOT-FOR-US: lhaplus
CVE-2007-5047 (Norton Internet Security 2008 15.0.0.60 does not properly
validate ...)
@@ -2518,7 +2506,6 @@
NOT-FOR-US: ADempiere Bazaar
CVE-2007-4049
REJECTED
- NOTE: Rediscovery / dupe of CVE-2000-1205
CVE-2007-4048 (Cross-site scripting (XSS) vulnerability in index.php in
phpSysInfo ...)
{DTSA-58-1}
- phpsysinfo 2.5.1-6.1 (low; bug #435935)
@@ -2532,8 +2519,6 @@
- cupsys <not-affected> (SuSE-specific regression)
CVE-2007-4044
REJECTED
- NOTE: samba <not-affected> (SuSE-specific regression)
- NOTE: I''ve contacted SuSE: It''s a functional regression in
SuSE, not a security problem
CVE-2007-4043 (file.cgi in Secure Computing SecurityReporter (aka Network
Security ...)
NOT-FOR-US: Secure Computing SecurityReporter
CVE-2007-4042 (Multiple argument injection vulnerabilities in Netscape
Navigator 9 ...)
@@ -2593,7 +2578,6 @@
REJECTED
CVE-2007-5645
REJECTED
- NOTE: duplicate of CVE-2006-5645
CVE-2007-4018 (Citrix Access Gateway Advanced Edition before firmware 4.5.5
allows ...)
NOT-FOR-US: Citrix
CVE-2007-4017 (Cross-site request forgery (CSRF) vulnerability in the web-based
...)
Florian Weimer
2007-Oct-02 07:10 UTC
[Secure-testing-team] [Secure-testing-commits] r6759 - data/CVE
> CVE-2007-5049 > REJECTED > - {DTSA-62-1} > - - poppler 0.5.4-6.2 (medium; bug #443903) > - - gpdf <removed> > - - xpdf 3.02-1.2 (medium; bug #443906) > - - kdegraphics 4:3.5.7-4 (medium; bug #444015) > - - koffice 1:1.6.3-3 (medium; bug #444014) > - - pdftohtml <removed> > - - tetex-bin 3.0-12 > - NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed > - - cupsys <not-affected> (unimportant; bug #436099) > - NOTE: cups uses xpdf-utils > - - pdfkit.framework 0.8-4 > - NOTE: links to poppler since 0.8-4, thus marking as fixed > - - libextractor 0.5.12-1 > - NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixedWhy does this entry feature different version information than CVE-2007-3387, when it''s allegedly a duplicate?
Nico Golde
2007-Oct-02 10:12 UTC
[Secure-testing-team] [Secure-testing-commits] r6759 - data/CVE
Hi, * Florian Weimer <fw at deneb.enyo.de> [2007-10-02 09:13]:> > CVE-2007-5049 > > REJECTED > > - {DTSA-62-1} > > - - poppler 0.5.4-6.2 (medium; bug #443903) > > - - gpdf <removed> > > - - xpdf 3.02-1.2 (medium; bug #443906) > > - - kdegraphics 4:3.5.7-4 (medium; bug #444015) > > - - koffice 1:1.6.3-3 (medium; bug #444014) > > - - pdftohtml <removed> > > - - tetex-bin 3.0-12 > > - NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed > > - - cupsys <not-affected> (unimportant; bug #436099) > > - NOTE: cups uses xpdf-utils > > - - pdfkit.framework 0.8-4 > > - NOTE: links to poppler since 0.8-4, thus marking as fixed > > - - libextractor 0.5.12-1 > > - NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed > > Why does this entry feature different version information than > CVE-2007-3387, when it''s allegedly a duplicate?The reason is that we are not really sure about this. Before mitre said it is a duplicate they ecplicitly state that it is different to CVE-2007-3387. The patches for this issue are also. The first patch published was: ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.7-kdegraphics-CVE-2007-3387.diff The second patch: http://cgit.freedesktop.org/poppler/poppler/diff/?id=c240daefe660ac3456dc0c5f5dc82aa53ebc3313&id2=1ba884b6b98ac8d755c9adc9f23a7a68d8b17b54 I asked the poppler guys what''s up with the other CVE and they said noone told it to them but it looks plausible. I then mailed mitre about the exact difference and this ended up marking it as a duplicate. Noone really knows if it is, confusing is the different patches and we decided a fix using the second patch does not hurt here. Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071002/a66a1656/attachment.pgp
Nico Golde
2007-Oct-02 10:17 UTC
[Secure-testing-team] [Secure-testing-commits] r6759 - data/CVE
* Nico Golde <debian-secure-testing+ml at ngolde.de> [2007-10-02 12:16]:> Hi, > * Florian Weimer <fw at deneb.enyo.de> [2007-10-02 09:13]: > > > CVE-2007-5049 > > > REJECTED > > > - {DTSA-62-1} > > > - - poppler 0.5.4-6.2 (medium; bug #443903) > > > - - gpdf <removed> > > > - - xpdf 3.02-1.2 (medium; bug #443906) > > > - - kdegraphics 4:3.5.7-4 (medium; bug #444015) > > > - - koffice 1:1.6.3-3 (medium; bug #444014) > > > - - pdftohtml <removed> > > > - - tetex-bin 3.0-12 > > > - NOTE: pdftex links to poppler since 3.0-12, thus marking as fixed > > > - - cupsys <not-affected> (unimportant; bug #436099) > > > - NOTE: cups uses xpdf-utils > > > - - pdfkit.framework 0.8-4 > > > - NOTE: links to poppler since 0.8-4, thus marking as fixed > > > - - libextractor 0.5.12-1 > > > - NOTE: libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed > > > > Why does this entry feature different version information than > > CVE-2007-3387, when it''s allegedly a duplicate?[...] I also have to add that this was made before it was marked as a duplicate... Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071002/fdeb462f/attachment.pgp