[Secure-testing-commits] r25484 - data/CVE
Author: micah Date: 2014-02-02 20:59:59 + (Sun, 02 Feb 2014) New Revision: 25484 Modified: data/CVE/list Log: update fixed version of python-bcrypt Modified: data/CVE/list === --- data/CVE/list 2014-02-02 19:29:43 UTC (rev 25483) +++ data/CVE/list 2014-02-02 20:59:59 UTC (rev 25484) @@ -17642,7 +17642,7 @@ NOTE: Patch against 2.4 branch: http://svn.apache.org/viewvc?view=revisionrevision=1486461 CVE-2013-1895 [concurrency issue leading to auth bypass] RESERVED - - python-bcrypt removed (bug #704030) + - python-bcrypt 0.4-1 (bug #704030) [squeeze] - python-bcrypt not-affected (thread support only introduced after 0.1 release) NOTE: https://code.google.com/p/py-bcrypt/source/detail?r=b03cc5246ea21a839fd027da5616d8d470247558 CVE-2013-1894 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r25428 - data/CVE
Author: micah Date: 2014-01-30 17:45:17 + (Thu, 30 Jan 2014) New Revision: 25428 Modified: data/CVE/list Log: add upload version for horde3 Modified: data/CVE/list === --- data/CVE/list 2014-01-30 17:12:45 UTC (rev 25427) +++ data/CVE/list 2014-01-30 17:45:17 UTC (rev 25428) @@ -53,7 +53,8 @@ - openssh not-affected (J-PAKE not activated) CVE-2014-1691 [Possible remote code execution on horde3] RESERVED - - horde3 unfixed (bug #737149) + - horde3 (medium; bug #737149) +[squeeze] - horde3 3.3.8+debian0-3 - php-horde-util 2.3.0-1 NOTE: https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3 NOTE: https://github.com/horde/horde/commit/acf67ab4a633037849aca9e4a7592465b999ad93 is also required ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r22420 - data
Author: micah Date: 2013-05-31 02:22:32 + (Fri, 31 May 2013) New Revision: 22420 Modified: data/embedded-code-copies Log: add python-scrypt embed of scrypt; package in NEW Modified: data/embedded-code-copies === --- data/embedded-code-copies 2013-05-30 21:14:25 UTC (rev 22419) +++ data/embedded-code-copies 2013-05-31 02:22:32 UTC (rev 22420) @@ -2629,3 +2629,6 @@ python-pip - python-virtualenv unfixed +scrupt +- python-scrypt unfixed (embed; wontfix; package in NEW) +NOTE: upstream scrypt does not provide a shared library/API ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r22384 - data/CVE
Author: micah Date: 2013-05-28 17:15:35 + (Tue, 28 May 2013) New Revision: 22384 Modified: data/CVE/list Log: add versions and bugs to python-pip and python-virtualenv Modified: data/CVE/list === --- data/CVE/list 2013-05-28 12:05:12 UTC (rev 22383) +++ data/CVE/list 2013-05-28 17:15:35 UTC (rev 22384) @@ -5051,6 +5051,10 @@ RESERVED CVE-2013-1629 RESERVED +- python-pip unfixed (medium; bug #710163) +- python-virtualenv 1.9.1-1 (medium; bug #710164) +NOTE: this CVE is reserved, but it has been leaked in http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/ +NOTE: python-virtualenv embeds pip CVE-2013-1628 RESERVED CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in Indusoft ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r22385 - data
Author: micah Date: 2013-05-28 17:16:57 + (Tue, 28 May 2013) New Revision: 22385 Modified: data/embedded-code-copies Log: add python-virtualenv as embedding pip Modified: data/embedded-code-copies === --- data/embedded-code-copies 2013-05-28 17:15:35 UTC (rev 22384) +++ data/embedded-code-copies 2013-05-28 17:16:57 UTC (rev 22385) @@ -2625,3 +2625,7 @@ automysqlbackup - autopostgresqlbackup unfixed NOTE: fork + +python-pip + - python-virtualenv unfixed + ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r21440 - data/CVE
Author: micah Date: 2013-02-26 23:25:12 + (Tue, 26 Feb 2013) New Revision: 21440 Modified: data/CVE/list Log: update 2013-0871: code not present in squeeze/wheezy Modified: data/CVE/list === --- data/CVE/list 2013-02-26 22:35:56 UTC (rev 21439) +++ data/CVE/list 2013-02-26 23:25:12 UTC (rev 21440) @@ -3017,7 +3017,7 @@ CVE-2013-0871 (Race condition in the ptrace functionality in the Linux kernel before ...) {DSA-2632-1} - linux 3.2.39-1 - - linux-2.6 removed + - linux-2.6 not-affected (vulnerable code not present) CVE-2013-0870 RESERVED CVE-2013-0869 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19378 - data/CVE
Author: micah Date: 2012-05-30 18:54:38 + (Wed, 30 May 2012) New Revision: 19378 Modified: data/CVE/list Log: change 2012-2118 to not-affected as requested by jcristeau Modified: data/CVE/list === --- data/CVE/list 2012-05-30 14:15:53 UTC (rev 19377) +++ data/CVE/list 2012-05-30 18:54:38 UTC (rev 19378) @@ -2014,7 +2014,7 @@ - linux-2.6 unfixed CVE-2012-2118 (Format string vulnerability in the LogVHdrMessageVerb function in ...) - xorg-server 2:1.12.1.902-1 (bug #673148) - [squeeze] - xorg-server no-dsa (Minor issue) + [squeeze] - xorg-server not-affected (Minor issue) CVE-2012-2117 RESERVED NOT-FOR-US: Drupal plugin (Gigya - Social Optimization) not in Debian ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19252 - data/CVE
Author: micah Date: 2012-05-15 15:32:47 + (Tue, 15 May 2012) New Revision: 19252 Modified: data/CVE/list Log: add sympa bugnum Modified: data/CVE/list === --- data/CVE/list 2012-05-15 10:37:06 UTC (rev 19251) +++ data/CVE/list 2012-05-15 15:32:47 UTC (rev 19252) @@ -686,7 +686,7 @@ RESERVED CVE-2012-2352 RESERVED - - sympa unfixed + - sympa unfixed (bug #672893; high) NOTE: http://www.openwall.com/lists/oss-security/2012/05/12/8 CVE-2012-2351 [mahara SAML impersonation issue] RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r18441 - data/CVE
Author: micah Date: 2012-02-15 19:28:10 + (Wed, 15 Feb 2012) New Revision: 18441 Modified: data/CVE/list Log: add squeeze tags to -0909 and remove horde3 from 0791, it affects imp4 in squeeze not horde3 Modified: data/CVE/list === --- data/CVE/list 2012-02-15 14:45:13 UTC (rev 18440) +++ data/CVE/list 2012-02-15 19:28:10 UTC (rev 18441) @@ -339,7 +339,9 @@ RESERVED CVE-2012-0909 (Cross-site scripting (XSS) vulnerability in Horde_Form in Horde ...) - horde3 unfixed +[squeeze] - horde3 not-affected (affected files do not exist) - imp4 unfixed (bug #659392) +[squeeze] - imp4 not-affected (affected files do not exist) CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis NeoAxis ...) NOT-FOR-US: NeoAxis NeoAxis web player CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for deV!L'z ...) @@ -624,7 +626,6 @@ RESERVED - moodle unfixed CVE-2012-0791 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP ...) - - horde3 unfixed - imp4 unfixed (bug #659392) CVE-2012-0790 (Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping ...) - smokeping 2.6.7-1 (bug #659899) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17120 - data
Author: micah Date: 2011-08-24 12:10:44 + (Wed, 24 Aug 2011) New Revision: 17120 Modified: data/embedded-code-copies Log: removed unpackaged information for pdfrw, its in NEW now Modified: data/embedded-code-copies === --- data/embedded-code-copies 2011-08-24 10:21:01 UTC (rev 17119) +++ data/embedded-code-copies 2011-08-24 12:10:44 UTC (rev 17120) @@ -2472,5 +2472,5 @@ libsigsegv - gawk 3.1.8+dfsg-0.1 -pdfrw (not packaged in Debian: http://code.google.com/p/pdfrw/) +pdfrw - rst2pdf unfixed (embed; bug #638607) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17108 - data
Author: micah Date: 2011-08-22 13:44:00 + (Mon, 22 Aug 2011) New Revision: 17108 Modified: data/embedded-code-copies Log: rst2pdf embeds pdfrw, reported to list Modified: data/embedded-code-copies === --- data/embedded-code-copies 2011-08-22 12:41:05 UTC (rev 17107) +++ data/embedded-code-copies 2011-08-22 13:44:00 UTC (rev 17108) @@ -2471,3 +2471,6 @@ libsigsegv - gawk 3.1.8+dfsg-0.1 + +pdfrw (not packaged in Debian: http://code.google.com/p/pdfrw/) +- rst2pdf unfixed (embed; bug #638607) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r16761 - data
Author: micah Date: 2011-06-03 15:20:17 + (Fri, 03 Jun 2011) New Revision: 16761 Modified: data/embedded-code-copies Log: add bug number to jsonbot embedding jquery Modified: data/embedded-code-copies === --- data/embedded-code-copies 2011-06-03 08:20:57 UTC (rev 16760) +++ data/embedded-code-copies 2011-06-03 15:20:17 UTC (rev 16761) @@ -919,7 +919,7 @@ - magpierss 0.72-3 (embed; bug #431089) jquery -- jsonbot unfixed (embed) +- jsonbot unfixed (embed; bug #625524) - zekr unfixed (embed) - wordpress unknown (embed) - yocto-reader unfixed (embed) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r16754 - data
Author: micah Date: 2011-06-02 14:56:40 + (Thu, 02 Jun 2011) New Revision: 16754 Modified: data/embedded-code-copies Log: add jsonbot as embedding jquery Modified: data/embedded-code-copies === --- data/embedded-code-copies 2011-06-02 09:52:05 UTC (rev 16753) +++ data/embedded-code-copies 2011-06-02 14:56:40 UTC (rev 16754) @@ -919,6 +919,7 @@ - magpierss 0.72-3 (embed; bug #431089) jquery +- jsonbot unfixed (embed) - zekr unfixed (embed) - wordpress unknown (embed) - yocto-reader unfixed (embed) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r15524 - data/CVE
Author: micah Date: 2010-10-26 18:46:46 + (Tue, 26 Oct 2010) New Revision: 15524 Modified: data/CVE/list Log: CVE-2010-4096: monkeysphere Modified: data/CVE/list === --- data/CVE/list 2010-10-26 00:13:46 UTC (rev 15523) +++ data/CVE/list 2010-10-26 18:46:46 UTC (rev 15524) @@ -1,3 +1,6 @@ +CVE-2010-4096 + - monkeysphere 0.31-3 (bug #600304) + NOTE: micah requested this CVE from mitre, issue has been fixed in debian already CVE-2010-4067 RESERVED CVE-2010-4066 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r15171 - doc
Author: micah Date: 2010-08-19 16:11:32 + (Thu, 19 Aug 2010) New Revision: 15171 Modified: doc/narrative_introduction Log: fix language Modified: doc/narrative_introduction === --- doc/narrative_introduction 2010-08-19 14:10:10 UTC (rev 15170) +++ doc/narrative_introduction 2010-08-19 16:11:32 UTC (rev 15171) @@ -213,9 +213,9 @@ is a list of packages for which each CVE should be reported separately: - php5 -A special exception is made for kernel related issues. The kernel-sec -group will take care of them. If not necessary to file bugs in the BTS -for kernel security issues, it only causes overhead. +A special exception is made for kernel related issues. The kernel-sec group +will take care of them. It is not necessary to file bugs in the BTS for kernel +security issues, it only causes overhead. If you wan't to report a bug, bin/report-vuln might be helpful in creating the bug report. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r14144 - data
Author: micah Date: 2010-02-23 17:08:51 + (Tue, 23 Feb 2010) New Revision: 14144 Modified: data/embedded-code-copies Log: add cdrkit embed info from dkg Modified: data/embedded-code-copies === --- data/embedded-code-copies 2010-02-23 16:27:25 UTC (rev 14143) +++ data/embedded-code-copies 2010-02-23 17:08:51 UTC (rev 14144) @@ -1751,3 +1751,7 @@ creole - symfony unfixed (embed) + +hfsutils + - cdrkit (unfixed); bug (embed; #570187) + NOTE: embeds hfsutils code in genisoimage ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r14151 - data
Author: micah Date: 2010-02-23 23:57:45 + (Tue, 23 Feb 2010) New Revision: 14151 Modified: data/embedded-code-copies Log: grub2 embeds genisoimage bits from cdrkit Modified: data/embedded-code-copies === --- data/embedded-code-copies 2010-02-23 22:49:28 UTC (rev 14150) +++ data/embedded-code-copies 2010-02-23 23:57:45 UTC (rev 14151) @@ -1753,5 +1753,9 @@ - symfony unfixed (embed) hfsutils - - cdrkit (unfixed); bug (embed; #570187) + - cdrkit (unfixed); (embed; bug #570187) NOTE: embeds hfsutils code in genisoimage + +cdrkit + - grub2 (unfixed); (embed; bug #570156) + NOTE: genisoimage imported into grub-mkisofs ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5821 - data/CVE
Author: micah Date: 2007-05-11 17:17:31 + (Fri, 11 May 2007) New Revision: 5821 Modified: data/CVE/list Log: this is NOT a duplicate of CVE-2007-1861 -- 2007-1861 is a kernel issue, this is a Xorg issue. Modified: data/CVE/list === --- data/CVE/list 2007-05-11 15:24:18 UTC (rev 5820) +++ data/CVE/list 2007-05-11 17:17:31 UTC (rev 5821) @@ -317,7 +317,6 @@ NOTE: http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=71fc5b3e9309182978ead676965d65ca93a4e3b9 CVE-2007-2436 REJECTED - NOTE: Duplicate of CVE-2007-1861 CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...) - sun-java5 1.5.0-11-1 (medium; bug #423062) [etch] - sun-java5 no-dsa (Non-free not supported) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5822 - data/CVE
Author: micah Date: 2007-05-11 17:26:46 + (Fri, 11 May 2007) New Revision: 5822 Modified: data/CVE/list Log: i mistook 2007-2436 for 2007-2437, reverting previous commit Modified: data/CVE/list === --- data/CVE/list 2007-05-11 17:17:31 UTC (rev 5821) +++ data/CVE/list 2007-05-11 17:26:46 UTC (rev 5822) @@ -317,6 +317,7 @@ NOTE: http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=71fc5b3e9309182978ead676965d65ca93a4e3b9 CVE-2007-2436 REJECTED + NOTE: duplicate of CVE-2007-1861 CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...) - sun-java5 1.5.0-11-1 (medium; bug #423062) [etch] - sun-java5 no-dsa (Non-free not supported) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5809 - data/CVE
Author: micah Date: 2007-05-08 23:12:51 + (Tue, 08 May 2007) New Revision: 5809 Modified: data/CVE/list Log: bug number and git URL for xorg-server Xrender issue Modified: data/CVE/list === --- data/CVE/list 2007-05-08 21:59:17 UTC (rev 5808) +++ data/CVE/list 2007-05-08 23:12:51 UTC (rev 5809) @@ -93,7 +93,9 @@ - vim unfixed (medium) NOTE: Exploitable through modelines. CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, ...) - TODO: check +- xorg-server unfixed (medium; bug #422936) + NOTE: git url to fix the issue + NOTE: http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=71fc5b3e9309182978ead676965d65ca93a4e3b9 CVE-2007-2436 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...) NOTE: Duplicate of CVE-2007-1861 CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5810 - data/CVE
Author: micah Date: 2007-05-08 23:41:28 + (Tue, 08 May 2007) New Revision: 5810 Modified: data/CVE/list Log: targeted version for sid tomorrow for Xrender issue Modified: data/CVE/list === --- data/CVE/list 2007-05-08 23:12:51 UTC (rev 5809) +++ data/CVE/list 2007-05-08 23:41:28 UTC (rev 5810) @@ -93,7 +93,8 @@ - vim unfixed (medium) NOTE: Exploitable through modelines. CVE-2007-2437 (The X render (Xrender) extension in X.org X Window System 7.0, 7.1, ...) -- xorg-server unfixed (medium; bug #422936) +- xorg-server 2:1.3.0.0.dfsg-4 (medium; bug #422936) + NOTE: etch vulnerable (patch below applies) NOTE: git url to fix the issue NOTE: http://gitweb.freedesktop.org/?p=xorg/xserver.git;a=commitdiff;h=71fc5b3e9309182978ead676965d65ca93a4e3b9 CVE-2007-2436 (The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5626 - data/CVE
Author: micah Date: 2007-04-05 15:31:19 + (Thu, 05 Apr 2007) New Revision: 5626 Modified: data/CVE/list Log: merge CVE-2007- and CVE-2007-1667 Modified: data/CVE/list === --- data/CVE/list 2007-04-05 09:14:13 UTC (rev 5625) +++ data/CVE/list 2007-04-05 15:31:19 UTC (rev 5626) @@ -389,8 +389,6 @@ RESERVED CVE-2007-1668 RESERVED -CVE-2007-1667 (Multiple integer overflows in (1) the XGetPixel function in ImUtil.c ...) - - libx11 2:1.0.3-7 (bug #414045) CVE-2007-1666 (The processor_request function in the debugger server for DataRescue ...) NOT-FOR-US: IDA Pro CVE-2007-1665 @@ -2880,9 +2878,9 @@ {DSA-1260} - graphicsmagick 1.1.7-12 - imagemagick 7:6.2.4.5.dfsg1-0.14 (bug #410435) -CVE-2007- [Lack of input validation in XInitImage/XGetPixel, exposed by broken XWD file] +CVE-2007-1667 [Lack of input validation in XInitImage/XGetPixel, exposed by broken XWD file] - xfree86 removed (bug #414046; medium) - - libx11 unfixed (bug #414045; medium) + - libx11 2:1.0.3-7 (bug #414045; medium) NOTE: Discovered through CVE-2007-0770. NOTE: With certain mail user agents, this issue is likely exploitable NOTE: without much user interaction. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5585 - data/CVE
Author: micah Date: 2007-03-24 17:39:57 + (Sat, 24 Mar 2007) New Revision: 5585 Modified: data/CVE/list Log: removed xulrunner from being affected NOTE: xulrunner browsers may be affected Modified: data/CVE/list === --- data/CVE/list 2007-03-24 11:08:07 UTC (rev 5584) +++ data/CVE/list 2007-03-24 17:39:57 UTC (rev 5585) @@ -1253,7 +1253,8 @@ CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...) - iceweasel unfixed (medium) - iceape unfixed (medium) - - xulrunner unfixed (medium) + NOTE: xulrunner by itself is not affecte, but other browsers based on xulrunner may be affected + TODO: check epiphany, galeon and kazehakase CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX ...) NOT-FOR-US: ConfigChk ActiveX control CVE-2007-1082 (FTP Explorer 1.0.1 Build 047 allows remote servers to cause a denial ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5576 - data/CVE
Author: micah Date: 2007-03-23 22:31:16 + (Fri, 23 Mar 2007) New Revision: 5576 Modified: data/CVE/list Log: updates to mozilla products based on maintainer notes to list Modified: data/CVE/list === --- data/CVE/list 2007-03-22 22:07:56 UTC (rev 5575) +++ data/CVE/list 2007-03-23 22:31:16 UTC (rev 5576) @@ -1017,6 +1017,7 @@ CVE-2007-1116 (The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI ...) - iceweasel unfixed (medium) - iceape unfixed (medium) + - xulrunner unfixed (bug #415919; bug #415944; bug #415945; medium) NOTE: according to a blog comment at http://www.gnucitizen.org/projects/hscan-redux/, NOTE: older mozillas are not vulnerable TODO: this should be checked @@ -1088,6 +1089,8 @@ NOT-FOR-US: Google Desktop CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...) - iceweasel unfixed (medium) + - iceape unfixed (medium) + - xulrunner unfixed (medium) CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX ...) NOT-FOR-US: ConfigChk ActiveX control CVE-2007-1082 (FTP Explorer 1.0.1 Build 047 allows remote servers to cause a denial ...) @@ -1426,6 +1429,9 @@ NOT-FOR-US: eTrust Intrusion Detection CVE-2007-1004 (Mozilla Firefox mmight allow remote attackers to condut spoofing and ...) - iceweasel unfixed (low) + - iceape unfixed (low) + - xulrunner unfixed (low) + NOTE: maintainer notes that this may affect browsers based on xulrunner CVE-2007-1003 RESERVED CVE-2007-1002 @@ -2002,8 +2008,10 @@ CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...) - iceweasel unfixed (low) CVE-2007-0801 (The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox ...) - - iceweasel unfixed (low) + - iceweasel 2.0.0.2+dfsg-1 (low) - firefox removed (low) + - iceape 1.0.8-1 (low) + - xulrunner 1.8.0.10-1 (low) CVE-2007-0800 (Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked ...) NOTE: MFSA-2007-05 - iceweasel 2.0.0.2+dfsg-1 (medium) @@ -4910,12 +4918,12 @@ CVE-2006-6507 (Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass ...) NOTE: MFSA-2006-76 - iceweasel 2.0.0.1+dfsg-1 (high) - - xulrunner unfixed (high) - - iceape unfixed (high) + - xulrunner not-affected (maintainer reported) + - iceape not-affected (maintainer reported) CVE-2006-6506 (The quot;Feed Previewquot; feature in Mozilla Firefox 2.0 before 2.0.0.1 sends ...) NOTE: MFSA-2006-75 - iceweasel 2.0.0.1+dfsg-1 (low) - - iceape unfixed (low) + - iceape not-affected (maintainer reported) CVE-2006-6505 (Multiple heap-based buffer overflows in Mozilla Thunderbird before ...) {DSA-1265-1} NOTE: MFSA-2006-74 @@ -9252,7 +9260,7 @@ CVE-2006-4562 (** DISPUTED ** ...) NOT-FOR-US: Symantec CVE-2006-4561 (Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary ...) - - xulrunner unfixed (low) + - xulrunner 1.8.0.7-1 (low) - firefox 1.5.dfsg+1.5.0.7-1 (low) - mozilla unfixed (low) - mozilla-firefox removed (low) @@ -18891,6 +18899,8 @@ NOTE: mozilla-firefox is now a dummy package, so not vulnerable any more - mozilla-firefox 1.5.dfsg+1.5.0.3-2 (bug #349339) - mozilla unfixed + - iceape unfixed + - xulrunner unfixed CVE-2006-0495 (Cross-site scripting (XSS) vulnerability in the Add Thread to ...) NOT-FOR-US: MyBB CVE-2006-0494 (Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5509 - data/CVE
Author: micah Date: 2007-03-04 21:48:07 + (Sun, 04 Mar 2007) New Revision: 5509 Modified: data/CVE/list Log: mediawiki fix and NFUs Modified: data/CVE/list === --- data/CVE/list 2007-03-04 20:14:16 UTC (rev 5508) +++ data/CVE/list 2007-03-04 21:48:07 UTC (rev 5509) @@ -219,9 +219,9 @@ CVE-2007-1056 (VMware Workstation 5.5.3 build 34685 does not provide per-user ...) NOT-FOR-US: VMware CVE-2007-1055 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...) - TODO: check + - mediawiki 1.7.1-9 (bug #406238; medium) CVE-2007-1054 (Cross-site scripting (XSS) vulnerability in the AJAX features in ...) - TODO: check + - mediawiki 1.7.1-9 (bug #406238; medium) CVE-2007-1053 (** DISPUTED ** ...) NOT-FOR-US: phpXmms CVE-2007-1052 (** DISPUTED ** ...) @@ -295,7 +295,7 @@ CVE-2006-7074 (admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass ...) NOT-FOR-US: SmartSiteCMS CVE-2006-7073 (Cross-site scripting (XSS) vulnerability in Opentools Attachment Mod ...) - TODO: check + NOT-FOR-US: Opentools Attachment Mod CVE-2006-7072 (Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise ...) NOT-FOR-US: GeoClassifieds Enterprise CVE-2006-7071 (SQL injection vulnerability in classes/class_session.php in Invision ...) @@ -399,7 +399,7 @@ CVE-2004-2678 (Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and ...) NOT-FOR-US: HP Tru64 UNIX CVE-2004-2677 (Format string vulnerability in qwik-smtpd.c in QwikMail SMTP ...) - TODO: check + NOT-FOR-US: QwikMail SMTP CVE-2003-1320 (SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a ...) NOT-FOR-US: SonicWALL CVE-2002-2225 (SafeNet VPN client allows remote attackers to cause a denial of ...) @@ -4075,7 +4075,7 @@ CVE-2006-6491 REJECTED CVE-2006-6490 (Multiple buffer overflows in the SupportSoft (1) SmartIssue ...) - TODO: check + NOT-FOR-US: SupportSoft ActiveX CVE-2006-6489 (The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for ...) NOT-FOR-US: SISCO OSI stack CVE-2006-6488 (Stack-based buffer overflow in the DoModal function in the Dialog Wrapper ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5511 - data/CVE
Author: micah Date: 2007-03-05 01:24:07 + (Mon, 05 Mar 2007) New Revision: 5511 Modified: data/CVE/list Log: armagetron fix (finally) Modified: data/CVE/list === --- data/CVE/list 2007-03-04 22:48:15 UTC (rev 5510) +++ data/CVE/list 2007-03-05 01:24:07 UTC (rev 5511) @@ -10405,11 +10405,11 @@ NOTE: mypasswordsafe and pwsafe might use code from Password Safe, NOTE: but the problematic functionality is not present CVE-2006-3674 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote ...) - - armagetron unfixed (bug #379062; low) + - armagetron 0.2.8.2.1-1 (bug #379062; low) [sarge] - armagetron no-dsa (Minor game DoS) [etch] - armagetron no-dsa (Minor game DoS) CVE-2006-3673 (nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote ...) - - armagetron unfixed (bug #379062; low) + - armagetron 0.2.8.2.1-1 (bug #379062; low) [sarge] - armagetron no-dsa (Minor game DoS) [etch] - armagetron no-dsa (Minor game DoS) CVE-2006-3672 (KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a ...) @@ -33827,7 +33827,7 @@ - gftp 2.0.18-1 NOTE: CVE entry claims that 2.0.18 is vulnerable, but this is wrong. CVE-2005-0371 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ...) - - armagetron unfixed (bug #296840; low) + - armagetron 0.2.8.2.1-1 (bug #296840; low) [sarge] - armagetron no-dsa (Remaining vulnerabilities are minor) [etch] - armagetron no-dsa (Remaining vulnerabilities are minor) CVE-2005-0370 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5461 - data/CVE
Author: micah Date: 2007-02-15 08:04:13 +0100 (Thu, 15 Feb 2007) New Revision: 5461 Modified: data/CVE/list Log: revised spamassassin fixed version to what was uploaded Modified: data/CVE/list === --- data/CVE/list 2007-02-15 01:51:05 UTC (rev 5460) +++ data/CVE/list 2007-02-15 07:04:13 UTC (rev 5461) @@ -34,7 +34,7 @@ - firefox-sage 1.3.10-1 CVE-2007-0451 RESERVED - - spamassassin 3.1.8 (bug #410843) + - spamassassin 3.1.7-2 (bug #410843) NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318 CVE-2007-0895 (Race condition in recursive directory deletion with the (1) -r or (2) ...) NOT-FOR-US: Sun Solaris ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5451 - data/CVE
Author: micah Date: 2007-02-13 20:57:58 +0100 (Tue, 13 Feb 2007) New Revision: 5451 Modified: data/CVE/list Log: Spamassassin DoS affecting all versions Modified: data/CVE/list === --- data/CVE/list 2007-02-13 18:07:27 UTC (rev 5450) +++ data/CVE/list 2007-02-13 19:57:58 UTC (rev 5451) @@ -1,3 +1,7 @@ +CVE-2007- (DoS in spamassassin URI parsing causes SA to enter loop eating all RAM) + - spamassassin 3.1.8 + NOTE: http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5318 + NOTE: CVE assignment being pursued by ASF procedure CVE-2007-0895 (Race condition in recursive directory deletion with the (1) -r or (2) ...) TODO: check CVE-2007-0894 (MediaWiki before 1.9.2 allows remote attackers to obtain sensitive ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5143 - data/CVE
Author: micah Date: 2006-12-18 00:45:34 +0100 (Mon, 18 Dec 2006) New Revision: 5143 Modified: data/CVE/list Log: fix for torrentflux coming in 2.1-7 Modified: data/CVE/list === --- data/CVE/list 2006-12-17 21:59:27 UTC (rev 5142) +++ data/CVE/list 2006-12-17 23:45:34 UTC (rev 5143) @@ -499,7 +499,7 @@ - madwifi 1:0.9.2+r1842.20061207-2 (high; bug #402836) [etch] - madwifi no-dsa (Non-free not supported) CVE-2006-6331 (metaInfo.php in TorrentFlux 2.2, when $cfg[quot;enable_file_priorityquot;] is ...) - - torrentflux unfixed (bug #400582; medium) + - torrentflux 2.1-7 (bug #400582; medium) CVE-2006-6330 (index.php for TorrentFlux 2.2 allows remote registered users to ...) - torrentflux 2.1-6 (bug #399169; medium) CVE-2006-6329 (index.php for TorrentFlux 2.2 allows remote attackers to delete files ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5116 - data/CVE
Author: micah Date: 2006-12-14 04:13:43 +0100 (Thu, 14 Dec 2006) New Revision: 5116 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2006-12-13 22:32:09 UTC (rev 5115) +++ data/CVE/list 2006-12-14 03:13:43 UTC (rev 5116) @@ -17,9 +17,9 @@ CVE-2006-6487 RESERVED CVE-2006-6486 (SQL injection vulnerability in EasyPage allows remote attackers to ...) - TODO: check + NOT-FOR-US: EasyPage CVE-2006-6485 (Multiple cross-site scripting (XSS) vulnerabilities in ShopSite 8.1 ...) - TODO: check + NOT-FOR-US: ShopSite CVE-2006-6484 (The IMAP service for MailEnable Professional and Enterprise Edition ...) NOT-FOR-US: MailEnable CVE-2006-6483 (Adobe ColdFusion MX7 does not properly filter HTML tags when ...) @@ -43,101 +43,101 @@ CVE-2006-6474 RESERVED CVE-2006-6473 (Multiple unspecified vulnerabilities in Xerox WorkCentre and ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2006-6472 (The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2006-6471 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2006-6470 (The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2006-6469 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2006-6468 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2006-6467 (Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before ...) - TODO: check + NOT-FOR-US: Xerox WorkCentre CVE-2006-6466 (Multiple cross-site scripting (XSS) vulnerabilities in WBmap.php in ...) - TODO: check + NOT-FOR-US: WikyBlog CVE-2006-6465 (** DISPUTED ** ...) TODO: check CVE-2006-6464 (viewcart in Midicart accepts negative numbers in the Qty (quantity) ...) - TODO: check + NOT-FOR-US: Midicart CVE-2006-6463 (Unrestricted file upload vulnerability in admin/add.php in Midicart ...) - TODO: check + NOT-FOR-US: Midicart CVE-2006-6462 (PHP remote file inclusion vulnerability in engine/oldnews.inc.php in ...) - TODO: check + NOT-FOR-US: CM68 News CVE-2006-6461 (tr1.php in Yourfreeworld Stylish Text Ads Script allows remote ...) - TODO: check + NOT-FOR-US: Yourfreeworld Stylish Text Ads Script CVE-2006-6460 (Yourfreeworld.com Short Url amp; Url Tracker Script allows remote ...) - TODO: check + NOT-FOR-US: Yourfreeworld.com Short Url Script CVE-2006-6459 (Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB ...) TODO: check CVE-2006-6458 (The Trend Micro scan engine before 8.320 for Windows and before 8.150 ...) - TODO: check + NOT-FOR-US: Trend Micro (Windows) CVE-2006-6457 (tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other ...) TODO: check CVE-2006-6456 (Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and ...) - TODO: check + NOT-FOR-US: Microsoft Word CVE-2006-6455 (Multiple SQL injection vulnerabilities in admin/default.asp in DUware ...) - TODO: check + NOT-FOR-US: DUware CVE-2006-6454 (execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows ...) - TODO: check + NOT-FOR-US: J-OWAMP Web Interface CVE-2006-6453 (PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in ...) - TODO: check + NOT-FOR-US: J-OWAMP Web Interface CVE-2006-6452 (Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles ...) - TODO: check + NOT-FOR-US: RunCMS CVE-2006-6451 (Multiple cross-site scripting (XSS) vulnerabilities in SWsoft Plesk ...) - TODO: check + NOT-FOR-US: Plesk CVE-2006-6450 (Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in ...) - TODO: check + NOT-FOR-US: Novell ZENworks Patch Management CVE-2006-6449 (Vt-Forum Lite 1.3 and earlier store sensitive information under the ...) - TODO: check + NOT-FOR-US: Vt-Forum Lite CVE-2006-6448 (Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and ...) - TODO: check + NOT-FOR-US: Vt-Forum CVE-2006-6447 (Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite ...) - TODO: check + NOT-FOR-US: Vt-Forum Lite CVE-2006-6446 (SQL injection vulnerability in index.php in iWare Professional 5.0.4, ...) - TODO: check + NOT-FOR-US: iWare Professional CVE-2006-6445 (Directory traversal vulnerability in error.php in Envolution 1.1.0 and ...) TODO: check CVE-2006-6444 (Stack-based buffer
[Secure-testing-commits] r5112 - data/CVE
Author: micah Date: 2006-12-13 00:54:47 +0100 (Wed, 13 Dec 2006) New Revision: 5112 Modified: data/CVE/list Log: added version to fix clamav, waiting for mitre to assign CVE-2006-6481 to add same version number to that issue Modified: data/CVE/list === --- data/CVE/list 2006-12-12 23:27:34 UTC (rev 5111) +++ data/CVE/list 2006-12-12 23:54:47 UTC (rev 5112) @@ -147,7 +147,7 @@ CVE-2006-6407 (F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote ...) TODO: check CVE-2006-6406 (ClamAV 0.88.6 allows remote attackers to bypass virus detection by ...) - TODO: check + - clamav 0.88.7-1 (medium) CVE-2006-6405 (BitDefender Mail Protection for SMB 2.0 allows remote attackers to ...) TODO: check CVE-2006-6404 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5089 - data/CVE
Author: micah Date: 2006-12-08 17:27:39 +0100 (Fri, 08 Dec 2006) New Revision: 5089 Modified: data/CVE/list Log: CVE ID for l2tpns Modified: data/CVE/list === --- data/CVE/list 2006-12-08 06:21:53 UTC (rev 5088) +++ data/CVE/list 2006-12-08 16:27:39 UTC (rev 5089) @@ -188,7 +188,7 @@ - fail2ban unfixed (medium; bug filed) CVE-2006-6301 (DenyHosts 2.5 does not properly parse sshd logs file, which allows remote ...) - denyhosts unfixed (medium; bug filed) -CVE-2006- [l2tpns Heartbeat Packets Buffer Overflow Vulnerability] +CVE-2006-5873 [l2tpns Heartbeat Packets Buffer Overflow Vulnerability] NOTE: http://secunia.com/advisories/23230/ - l2tpns 2.1.21-1 (medium; bug #401742) CVE-2006- [DoS in ruby cgi.rb] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5076 - data/CVE
Author: micah Date: 2006-12-06 02:59:32 +0100 (Wed, 06 Dec 2006) New Revision: 5076 Modified: data/CVE/list Log: some NFUs Modified: data/CVE/list === --- data/CVE/list 2006-12-05 22:26:55 UTC (rev 5075) +++ data/CVE/list 2006-12-06 01:59:32 UTC (rev 5076) @@ -10,15 +10,15 @@ - ruby1.8 1.8.5-4 (low) TODO: check other ruby versions CVE-2006-6273 (sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Simple PHP Gallery CVE-2006-6272 (Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP ...) - TODO: check + NOT-FOR-US: Simple PHP Gallery CVE-2006-6271 (Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL 0.96 ...) - TODO: check + NOT-FOR-US: PHPOLL CVE-2006-6270 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...) - TODO: check + NOT-FOR-US: ASPMForum CVE-2006-6269 (Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM ...) - TODO: check + NOT-FOR-US: Infinitytechs Restaurants CM CVE-2006-6268 (SQL injection vulnerability in system/core/profile/profile.inc.php in ...) NOT-FOR-US: Neocrome Land Down Under CVE-2006-6267 (PostNuke 0.7.5.0, and certain minor versions, allows remote attackers ...) @@ -36,11 +36,11 @@ NOTE: Potential firewall bypass is inherent to tunneling software. NOTE: Not a bug. CVE-2006-6262 (Directory traversal vulnerability in mboard.php in PHPJunkYard (aka ...) - TODO: check + NOT-FOR-US: PHPJunkYard MBoard CVE-2006-6261 (Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows ...) - TODO: check + NOT-FOR-US: Quintessential Player CVE-2006-6260 (SQL injection vulnerability in login.asp in Redbinaria Sistema ...) - TODO: check + NOT-FOR-US: Redbinaria Sistema Integrado de Administracion de Portales (SIAP) CVE-2006-6259 (Multiple directory traversal vulnerabilities in (a) ...) NOT-FOR-US: AlternC CVE-2006-6258 (The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the ...) @@ -52,17 +52,17 @@ CVE-2006-6255 (Direct static code injection vulnerability in util.php in the NukeAI ...) NOT-FOR-US: NukeAI CVE-2006-6254 (administration/telecharger.php in Cahier de texte 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Cahier de texte CVE-2006-6253 (Cahier de texte 2.0 stores sensitive information under the web root, ...) - TODO: check + NOT-FOR-US: Cahier de texte CVE-2006-6252 (Microsoft Windows Live Messenger 8.0 and earlier, when gestual ...) - TODO: check + NOT-FOR-US: Microsoft Windows Live Messenger CVE-2006-6251 (Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote ...) - TODO: check + NOT-FOR-US: VUPlayer CVE-2006-6250 (Format string vulnerability in Songbird Media Player 0.2 and earlier ...) - TODO: check + NOT-FOR-US: Songbird Media Player CVE-2006-6249 (Cross-site scripting (XSS) vulnerability in Chama Cargo 4.36 and ...) - TODO: check + NOT-FOR-US: Chama Cargo CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain sensitive ...) TODO: check CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5077 - data/CVE
Author: micah Date: 2006-12-06 03:12:46 +0100 (Wed, 06 Dec 2006) New Revision: 5077 Modified: data/CVE/list Log: more NFUs Modified: data/CVE/list === --- data/CVE/list 2006-12-06 01:59:32 UTC (rev 5076) +++ data/CVE/list 2006-12-06 02:12:46 UTC (rev 5077) @@ -66,38 +66,38 @@ CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain sensitive ...) TODO: check CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery ...) - TODO: check + NOT-FOR-US: UPhotoGallery CVE-2006-6246 (Photo Organizer 2.32b and earlier does not properly check the ...) - TODO: check + NOT-FOR-US: Photo Organizer CVE-2006-6245 (Multiple SQL injection vulnerabilities in Photo Organizer (PO) 2.32b ...) - TODO: check + NOT-FOR-US: Photo Organizer CVE-2006-6244 (Coalescent Systems freePBX (formerly Asterisk Management Portal) ...) - TODO: check + NOT-FOR-US: Coalescent Systems freePBX CVE-2006-6243 (Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow ...) - TODO: check + NOT-FOR-US: FipsSHOP CVE-2006-6242 (Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and ...) - serendipity 1.0.4-1 (unimportant; bug #401614) NOTE: Only exploitable with register_globals CVE-2006-6241 (Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to ...) - TODO: check + NOT-FOR-US: Sorin Chitu Telnet-FTP Server CVE-2006-6240 (Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 ...) - TODO: check + NOT-FOR-US: Sorin Chitu Telnet-FTP Server CVE-2006-6239 (webadmin in MailEnable NetWebAdmin Profession 2.32 and Enterprise 2.32 ...) TODO: MailEnable NetWebAdmin CVE-2006-6238 (The AutoFill feature in Apple Safari 2.0.4 does not properly verify ...) - TODO: check + NOT-FOR-US: Apple Safari CVE-2006-6237 (SQL injection vulnerability in the decode_cookie function in ...) - TODO: check + NOT-FOR-US: Woltlab Burning Board Lite CVE-2006-6236 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote ...) TODO: check CVE-2006-6235 RESERVED CVE-2006-6234 (Multiple SQL injection vulnerabilities in the Content module in ...) - TODO: check + NOT-FOR-US: PHP-Nuke CVE-2006-6233 (SQL injection vulnerability in the Downloads module for unknown ...) - TODO: check + NOT-FOR-US: PostNuke CVE-2006-6232 (PHP remote file inclusion vulnerability in admin/index.php in ...) - TODO: check + NOT-FOR-US: DreamAccount CVE-2006-6231 (vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive ...) NOT-FOR-US: VuBB CVE-2006-6230 (SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote ...) @@ -111,9 +111,9 @@ CVE-2006-6226 (Multiple format string vulnerabilities in NeoEngine 0.8.2 and earlier, ...) NOT-FOR-US: NeoEngine CVE-2006-6225 (Multiple PHP remote file inclusion vulnerabilities in GeekLog 1.4 ...) - TODO: check + NOT-FOR-US: GeekLog CVE-2006-6224 (PHP remote file inclusion vulnerability in the installation scripts in ...) - TODO: check + NOT-FOR-US: Puntal CVE-2006-6223 (Cross-site scripting (XSS) vulnerability in Google Search Appliance ...) NOT-FOR-US: Google Search Appliance CVE-2006-6222 @@ -121,39 +121,39 @@ CVE-2006-6221 RESERVED CVE-2006-6220 (Multiple SQL injection vulnerabilities in Recipes Website (Recipes ...) - TODO: check + NOT-FOR-US: Recipes Complete Website CVE-2006-6219 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) - TODO: check + NOT-FOR-US: dev4u CMS CVE-2006-6218 (Multiple SQL injection vulnerabilities in index.php in dev4u CMS allow ...) - TODO: check + NOT-FOR-US: dev4u CMS CVE-2006-6217 (PHP remote file inclusion vulnerability in formdisp.php in the Mermaid ...) - TODO: check + NOT-FOR-US: Mermaid module for PHP-NUKE CVE-2006-6216 (SQL injection vulnerability in admin_hacks_list.php in the Nivisec ...) - TODO: check + NOT-FOR-US: Nivisec Hacks List CVE-2006-6215 (Multiple SQL injection vulnerabilities in Wallpaper Website (Wallpaper ...) - TODO: check + NOT-FOR-US: Wallpaper Complete Website CVE-2006-6214 (SQL injection vulnerability in wallpaper.php in Wallpaper Website ...) - TODO: check + NOT-FOR-US: Wallpaper Complete Website CVE-2006-6213 (index.php in PEGames uses the extract function to overwrite critical ...) - TODO: check + NOT-FOR-US: PEGames CVE-2006-6212 (PHP remote file inclusion vulnerability in centre.php in Site News ...) TODO: check CVE-2006-6211 (Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4.0 ...) - TODO: check + NOT-FOR-US: BirdBlog CVE-2006-6210 (SQL
[Secure-testing-commits] r5028 - data/CVE
Author: micah Date: 2006-11-30 17:36:11 +0100 (Thu, 30 Nov 2006) New Revision: 5028 Modified: data/CVE/list Log: some NFUs Modified: data/CVE/list === --- data/CVE/list 2006-11-30 12:32:33 UTC (rev 5027) +++ data/CVE/list 2006-11-30 16:36:11 UTC (rev 5028) @@ -29,9 +29,9 @@ CVE-2006-6154 (PHP remote file inclusion vulnerability in addcode.php in HIOX Star ...) TODO: check CVE-2006-6153 (Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net ...) - TODO: check + NOTE: NOT-FOR-US (vSpin.net) CVE-2006-6152 (Multiple SQL injection vulnerabilities in vSpin.net Classified System ...) - TODO: check + NOTE: NOT-FOR-US (vSpin.net) CVE-2006-6151 (PHP remote file inclusion vulnerability in centre.php in Messagerie ...) TODO: check CVE-2006-6150 (PHP remote file inclusion vulnerability in ...) @@ -55,27 +55,27 @@ CVE-2006-6141 (Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a ...) TODO: check CVE-2006-6140 (PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang ...) - TODO: check + NOTE: NOT-FOR-US (Sisfo Kampus) CVE-2006-6139 (Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus ...) - TODO: check + NOTE: NOT-FOR-US (Sisfo Kampus) CVE-2006-6138 (Directory traversal vulnerability in download.php in Sisfo Kampus 0.8 ...) - TODO: check + NOTE: NOT-FOR-US (Sisfo Kampus) CVE-2006-6137 (Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 ...) - TODO: check + NOTE: NOT-FOR-US (Sisfo Kampus) CVE-2006-6136 (IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) ...) - TODO: check + NOTE: NOT-FOR-US (IBM WebSphere) CVE-2006-6135 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...) - TODO: check + NOTE: NOT-FOR-US (IBM WebSphere) CVE-2006-6134 (Windows Media 10.00.00.4036 allows remote attackers to cause a denial ...) - TODO: check + NOTE: NOT-FOR-US (Windows Media) CVE-2006-6133 (Stack-based buffer overflow in Business Objects Crystal Reports XI ...) - TODO: check + NOTE: NOT-FOR-US (Business Objects Crystal Reports) CVE-2006-6132 (Multiple SQL injection vulnerabilities in Link Exchange Lite allow ...) TODO: check CVE-2006-6131 (Untrusted search path vulnerability in (1) WSAdminServer and (2) ...) TODO: check CVE-2006-6130 (Apple Mac OS X AppleTalk allows local users to cause a denial of ...) - TODO: check + NOTE: NOT-FOR-US (Apple Mac OS X) CVE-2006- [kronolith arbitrary file inclusion] - kronolith2 2.1.4-1 (bug #400899) TODO: check kronolith 1.x ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r5009 - data/CVE
Author: micah Date: 2006-11-26 08:21:32 +0100 (Sun, 26 Nov 2006) New Revision: 5009 Modified: data/CVE/list Log: fix for torrentflux Modified: data/CVE/list === --- data/CVE/list 2006-11-25 00:22:23 UTC (rev 5008) +++ data/CVE/list 2006-11-26 07:21:32 UTC (rev 5009) @@ -184,7 +184,7 @@ CVE-2005-4815 (SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before ...) NOT-FOR-US: SAP CVE-2006- [TorrentFlux Arbitrary Command Execution and Directory Traversal] - - torrentflux unfixed (medium; bug #399169) + - torrentflux 2.1-6 (medium; bug #399169) CVE-2006- [Firefox Sage Extension Feed Script Insertion Vulnerability] - firefox-sage not-affected (medium; bug #399170) NOTE: Debian's version has HTML disabled ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4898 - data/CVE
Author: micah Date: 2006-10-30 18:05:21 +0100 (Mon, 30 Oct 2006) New Revision: 4898 Modified: data/CVE/list Log: fix for gdm Modified: data/CVE/list === --- data/CVE/list 2006-10-29 21:04:28 UTC (rev 4897) +++ data/CVE/list 2006-10-30 17:05:21 UTC (rev 4898) @@ -6884,7 +6884,7 @@ - dia 0.95.0-4 (bug #368202; medium) [sarge] - dia no-dsa (Hardly exploitable, would require obviously malformed file names) CVE-2006-2452 (GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the quot;face browserquot; feature ...) - - gdm unfixed (bug #375281; medium) + - gdm 2.16.1-1 (bug #375281; medium) [sarge] - gdm not-affected (Vulnerable code has only been introduced with 2.8) CVE-2006-2451 (The suid_dumpable support in Linux kernel 2.6.13 up to versions before ...) - linux-2.6 2.6.17-3 (high) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4827 - data
Author: micah Date: 2006-10-06 19:38:03 + (Fri, 06 Oct 2006) New Revision: 4827 Modified: data/embedded-code-copies Log: noted cacti's fix in etch, thanks seanius Modified: data/embedded-code-copies === --- data/embedded-code-copies 2006-10-06 15:55:48 UTC (rev 4826) +++ data/embedded-code-copies 2006-10-06 19:38:03 UTC (rev 4827) @@ -169,7 +169,7 @@ libphp-adodb: moodle -cacti (dependency exists, but internal version is used) +cacti (dependency exists, but internal version is used -- only in sarge, fixed in etch) libmms: xine-lib ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4774 - data/CVE
Author: micah Date: 2006-09-28 04:03:32 + (Thu, 28 Sep 2006) New Revision: 4774 Modified: data/CVE/list Log: fixed references to DSA-1181 Modified: data/CVE/list === --- data/CVE/list 2006-09-27 18:13:34 UTC (rev 4773) +++ data/CVE/list 2006-09-28 04:03:32 UTC (rev 4774) @@ -1458,19 +1458,19 @@ - openssl097 0.9.7i-2 (medium) - openssl096 removed CVE-2006-4338 (unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent ...) - {DSA-1781-1} + {DSA-1181-1} - gzip 1.3.5-15 (medium) CVE-2006-4337 (Buffer overflow in the make_table function in the LHZ component in ...) - {DSA-1781-1} + {DSA-1181-1} - gzip 1.3.5-15 (high) CVE-2006-4336 (Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows ...) - {DSA-1781-1} + {DSA-1181-1} - gzip 1.3.5-15 (high) CVE-2006-4335 (Array index error in the make_table function in unlzh.c in the LZH ...) - {DSA-1781-1} + {DSA-1181-1} - gzip 1.3.5-15 (high) CVE-2006-4334 (Unspecified vulnerability in gzip 1.3.5 allows context-dependent ...) - {DSA-1781-1} + {DSA-1181-1} - gzip 1.3.5-15 (high) CVE-2006-4333 (The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows ...) {DSA-1171} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4767 - data
Author: micah Date: 2006-09-26 04:57:36 + (Tue, 26 Sep 2006) New Revision: 4767 Modified: data/embedded-code-copies Log: added some gzip embedded code copies, note I checked CVE-2006-4338 CVE-2006-4337, CVE-2006-4336, CVE-2006-4335, CVE-2005-0988 and none affect Modified: data/embedded-code-copies === --- data/embedded-code-copies 2006-09-25 18:29:30 UTC (rev 4766) +++ data/embedded-code-copies 2006-09-26 04:57:36 UTC (rev 4767) @@ -184,15 +184,19 @@ knowledgeroot joomla (ITP) -scintilla +scintilla: scite qscintilla geany -libphp-adodb +libphp-adodb: gallery2 phppgadmin egroupware phpwiki moodle +gzip: +linux-kernel (lib/inflate.c) +klibc (based on linux-kernel gzip code) + ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4739 - data/CVE
Author: micah Date: 2006-09-18 00:22:08 + (Mon, 18 Sep 2006) New Revision: 4739 Modified: data/CVE/list Log: Add missing thunderbird entries Modified: data/CVE/list === --- data/CVE/list 2006-09-17 20:54:22 UTC (rev 4738) +++ data/CVE/list 2006-09-18 00:22:08 UTC (rev 4739) @@ -486,6 +486,7 @@ NOTE: MFSA-2006-62 - firefox unfixed (low) - xulrunner unfixed (low) + - thunderbird 1.5.0.7-1 [sarge] - mozilla-firefox unfixed (low) CVE-2006-4568 RESERVED @@ -493,6 +494,7 @@ - mozilla unfixed (low) - firefox unfixed (low) - xulrunner unfixed (low) +- thunderbird 1.5.0.7-1 [sarge] - mozilla-firefox unfixed (low) CVE-2006-4567 [Spoofing in internal auto update] RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4723 - data/CVE
Author: micah Date: 2006-09-12 23:10:34 + (Tue, 12 Sep 2006) New Revision: 4723 Modified: data/CVE/list Log: phpgroupware upload made to fix CVE-2006-4458 Modified: data/CVE/list === --- data/CVE/list 2006-09-12 16:46:26 UTC (rev 4722) +++ data/CVE/list 2006-09-12 23:10:34 UTC (rev 4723) @@ -366,7 +366,7 @@ CVE-2006-4459 (Integer overflow in AnywhereUSB/5 1.80.00 allows local users to cause ...) NOT-FOR-US: AnywhereUSB/5 CVE-2006-4458 (Directory traversal vulnerability in ...) - - phpgroupware unfixed (bug #386061; medium) + - phpgroupware 0.9.16.011-1 (bug #386061; medium) CVE-2006-4457 (PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 ...) NOT-FOR-US: phpECard CVE-2006-4456 (PHP remote file inclusion vulnerability in functions.php in phpECard ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4678 - data/CVE
Author: micah Date: 2006-09-04 22:30:39 + (Mon, 04 Sep 2006) New Revision: 4678 Modified: data/CVE/list Log: CVE-2006-4508 tor issue already resolved Modified: data/CVE/list === --- data/CVE/list 2006-09-04 22:12:44 UTC (rev 4677) +++ data/CVE/list 2006-09-04 22:30:39 UTC (rev 4678) @@ -25,7 +25,7 @@ CVE-2006-4509 RESERVED CVE-2006-4508 (Unspecified vulnerability in Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x ...) - TODO: check + - tor 0.1.1.23-1 CVE-2006-4507 (Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the ...) TODO: check CVE-2006-4506 (idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4679 - data/CVE
Author: micah Date: 2006-09-04 23:00:48 + (Mon, 04 Sep 2006) New Revision: 4679 Modified: data/CVE/list Log: NFU on xbiff2 and a bugnum for phpgroupware Modified: data/CVE/list === --- data/CVE/list 2006-09-04 22:30:39 UTC (rev 4678) +++ data/CVE/list 2006-09-04 23:00:48 UTC (rev 4679) @@ -55,7 +55,8 @@ CVE-2006-4494 (Microsoft Visual Studio 6.0 allows remote attackers to cause a denial ...) NOT-FOR-US: Microsoft CVE-2006-4493 (xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with ...) - TODO: check + NOT-FOR-US: xbiff2 + NOTE: xbase-clients contains xbiff, but it is not affected as it doesn't use a .xbiffrc CVE-2006-4492 (Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows ...) NOT-FOR-US: Cybozu Office CVE-2006-4491 (Directory traversal vulnerability in Cybozu Collaborex, AG before ...) @@ -131,7 +132,7 @@ CVE-2006-4459 RESERVED CVE-2006-4458 (Directory traversal vulnerability in ...) - TODO: check + - phpgroupware unfixed (bug #386061; medium) CVE-2006-4457 (PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 ...) NOT-FOR-US: phpECard CVE-2006-4456 (PHP remote file inclusion vulnerability in functions.php in phpECard ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4561 - data
Author: micah Date: 2006-08-13 13:22:29 + (Sun, 13 Aug 2006) New Revision: 4561 Modified: data/embedded-code-copies Log: Added some scite, qscintilla and geany as embedding scintilla code Modified: data/embedded-code-copies === --- data/embedded-code-copies 2006-08-12 22:06:47 UTC (rev 4560) +++ data/embedded-code-copies 2006-08-13 13:22:29 UTC (rev 4561) @@ -184,3 +184,7 @@ knowledgeroot joomla (ITP) +scintilla +scite +qscintilla +geany ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4417 - data/CVE
Author: micah Date: 2006-07-20 01:40:52 + (Thu, 20 Jul 2006) New Revision: 4417 Modified: data/CVE/list Log: A whole lot of Oracle NFUs Modified: data/CVE/list === --- data/CVE/list 2006-07-19 23:22:44 UTC (rev 4416) +++ data/CVE/list 2006-07-20 01:40:52 UTC (rev 4417) @@ -1,57 +1,57 @@ CVE-2006-3724 (Unspecified vulnerability in JD Edwards HTML Server for Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3723 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3722 (Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3721 (Multiple unspecified vulnerabilities in Oracle Management Service for ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3720 (Unspecified vulnerability in Enterprise Config Management for Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3719 (Unspecified vulnerability in CORE: Repository for Oracle Enterprise ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3718 (Multiple unspecified vulnerabilities in Oracle Exchange for Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3717 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3716 (Multiple unspecified vulnerabilities in Oracle E-Business Suite and ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3715 (Unspecified vulnerability in Calendar for Oracle Collaboration Suite ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3714 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3713 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3712 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3711 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3710 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3709 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3708 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3707 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3706 (Unspecified vulnerability in OC4J for Oracle Application Server ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3705 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3704 (Unspecified vulnerability in the Oracle ODBC Driver for Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3703 (Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3702 (Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3701 (Unspecified vulnerability in the Dictionary component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3700 (Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3699 (Unspecified vulnerability in the Core RDBMS component in Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3698 (Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have ...) - TODO: check + NOT-FOR-US: Oracle CVE-2006-3697 (Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft ...) TODO: check CVE-2006-3696 (filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4422 - data/CVE
Author: micah Date: 2006-07-20 02:09:54 + (Thu, 20 Jul 2006) New Revision: 4422 Modified: data/CVE/list Log: More NFUs Modified: data/CVE/list === --- data/CVE/list 2006-07-20 02:07:11 UTC (rev 4421) +++ data/CVE/list 2006-07-20 02:09:54 UTC (rev 4422) @@ -235,7 +235,7 @@ CVE-2006-3606 (Unspecified vulnerability in Sun Solaris X Inter Client Exchange ...) TODO: check CVE-2006-3605 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2006-3604 (Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and ...) TODO: check CVE-2006-3603 (Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH ...) @@ -253,17 +253,17 @@ CVE-2006-3597 (passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password ...) TODO: check CVE-2006-3596 (The device driver for Intel-based gigabit network adapters in Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-3595 (The default configuration of IOS HTTP server in Cisco Router Web Setup ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-3594 (Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-3593 (The command line interface (CLI) in Cisco Unified CallManager (CUCM) ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-3592 (Unspecified vulnerability in the command line interface (CLI) in Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-3591 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2006-3626 (Race condition in Linux kernel 2.6.17.4 and earlier allows local users ...) {DSA-} - linux-2.6.16 2.6.16-17 (high) @@ -507,11 +507,11 @@ CVE-2006-3473 (CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 ...) TODO: check CVE-2006-3472 (Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2006-3471 (Microsoft Internet Explorer 6 on Windows XP allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2006-3470 (The Dell Openmanage CD launches X11 and SSH daemons that do not ...) - TODO: check + NOT-FOR-US: Dell Openmanage CD CVE-2006-3469 (Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...) TODO: check CVE-2006-3468 (Linux kernel 2.6.x, when using both NFS and EXT3, allows remote ...) @@ -745,13 +745,13 @@ CVE-2006-3355 (Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll ...) TODO: check CVE-2006-3354 (Microsoft Internet Explorer 6 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Microsoft Internet Explorer CVE-2006-3353 (Opera 9 allows remote attackers to cause a denial of service (crash) ...) - TODO: check + NOT-FOR-US: Opera CVE-2006-3352 (** DISPUTED ** ...) TODO: check CVE-2006-3351 (Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and ...) - TODO: check + NOT-FOR-US: Windows Explorer CVE-2006- [trac: reStructuredText breach of privacy and denial of service] - trac 0.9.6-1 CVE-2006-3458 (Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4350 - data/CVE
Author: micah Date: 2006-07-08 02:13:00 + (Sat, 08 Jul 2006) New Revision: 4350 Modified: data/CVE/list Log: added zope CVE ID Modified: data/CVE/list === --- data/CVE/list 2006-07-08 02:06:57 UTC (rev 4349) +++ data/CVE/list 2006-07-08 02:13:00 UTC (rev 4350) @@ -1,4 +1,4 @@ -CVE-2006- [information disclosure vulnerability in Zope2] +CVE-2006-3458 [information disclosure vulnerability in Zope2] - zope2.8 unfixed (bug #377277; medium) CVE-2006-3404 [gimp: Buffer overrun in XCF reading code] - gimp unfixed (bug #377049; medium) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4341 - data/CVE
Author: micah Date: 2006-07-06 20:10:34 + (Thu, 06 Jul 2006) New Revision: 4341 Modified: data/CVE/list Log: CVE obtained for gimp issue Modified: data/CVE/list === --- data/CVE/list 2006-07-06 19:11:00 UTC (rev 4340) +++ data/CVE/list 2006-07-06 20:10:34 UTC (rev 4341) @@ -1,4 +1,4 @@ -CVE-2006- [gimp: Buffer overrun in XCF reading code] +CVE-2006-3404 [gimp: Buffer overrun in XCF reading code] - gimp unfixed (bug #377049; medium) CVE-2006-3350 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4342 - data
Author: micah Date: 2006-07-06 20:12:17 + (Thu, 06 Jul 2006) New Revision: 4342 Modified: data/ID_pending Log: oops forgot to remove gimp issue from ID_pending Modified: data/ID_pending === --- data/ID_pending 2006-07-06 20:10:34 UTC (rev 4341) +++ data/ID_pending 2006-07-06 20:12:17 UTC (rev 4342) @@ -1,5 +1,3 @@ -CVE-2006- [gimp: Buffer overrun in XCF reading code] - - gimp unfixed (bug #377049; medium) CVE-2006- [kphone creates world-readable config file with passwords] - kphone unfixed (bug #337830; low) NOTE: Requested by Micah March 26, 2006 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4298 - data/CVE
Author: micah Date: 2006-06-24 22:25:41 + (Sat, 24 Jun 2006) New Revision: 4298 Modified: data/CVE/list Log: Added gdm issue, and some NFUs Modified: data/CVE/list === --- data/CVE/list 2006-06-24 22:05:14 UTC (rev 4297) +++ data/CVE/list 2006-06-24 22:25:41 UTC (rev 4298) @@ -11,7 +11,7 @@ CVE-2006-3128 (choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does ...) NOT-FOR-US: easy-CMS CVE-2006-3127 (Memory leak in Network Security Services (NSS) 3.11, as used in Sun ...) - TODO: check + NOT-FOR-US: Sun Java Enterprise System CVE-2006-3126 RESERVED CVE-2006-3125 @@ -260,7 +260,7 @@ CVE-2002-2214 (The php_if_imap_mime_header_decode function in the IMAP functionality ...) TODO: check CVE-1999-1589 (Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users ...) - TODO: check + NOT-FOR-US: IBM AIX CVE-2006- [snarf: crash on invalid response to the PASV command] - snarf 7.0-5 CVE-2006-3010 (Multiple SQL injection vulnerabilities in Open Business Management ...) @@ -1079,7 +1079,7 @@ CVE-2006-2657 RESERVED CVE-2006-2655 (The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally ...) - TODO: check + NOT-FOR-US: FreeBSD CVE-2006-2654 (Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to ...) NOT-FOR-US: FreeBSD-specific (see CVE-2006-1864 for Linux-specific CVE) CVE-2006-2653 (Cross-site scripting (XSS) vulnerability in login_error.shtml for ...) @@ -1548,7 +1548,7 @@ CVE-2006-2453 (Multiple unspecified format string vulnerabilities in Dia have ...) - dia 0.95.0-4 (bug #368202; medium) CVE-2006-2452 (GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the quot;face browserquot; feature ...) - TODO: check + - gdm unfixed (bug #375281; medium) CVE-2006-2451 RESERVED CVE-2006-2450 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4221 - data/CVE
Author: micah Date: 2006-06-15 01:54:31 + (Thu, 15 Jun 2006) New Revision: 4221 Modified: data/CVE/list Log: Added bugnum for abc2ps, added fixed versions for asterisk and bacula Modified: data/CVE/list === --- data/CVE/list 2006-06-15 01:47:22 UTC (rev 4220) +++ data/CVE/list 2006-06-15 01:54:31 UTC (rev 4221) @@ -3620,8 +3620,9 @@ [sarge] - abcmidi 20050101-1sarge1 CVE-2006-1513 (Multiple buffer overflows in abc2ps before 1.3.3 allow user-complicit ...) {DSA-1041-1} - - abc2ps 1.3.3-3sarge1 + - abc2ps unfixed (bug #373685; low) [woody] - abc2ps 1.3.3-2woody1 + [sarge] - abc2ps 1.3.3-3sarge1 CVE-2006-1512 REJECTED CVE-2006-1511 (Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and ...) @@ -9852,7 +9853,7 @@ NOT-FOR-US: Zone Labs CVE-2005-3559 (Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 ...) {DSA-1048-1} - - asterisk unfixed (bug #338116; medium) + - asterisk 1.2.7.1.dfsg (bug #338116; medium) [sarge] - asterisk 1:1.0.7.dfsg.1-2sarge2 (bug #338116; medium) [woody] - asterisk 0.1.11-3woody1 (bug #338116; medium) CVE-2005-3558 (PHP file inclusion vulnerability in index.php in OSTE 1.0 allows ...) @@ -11786,7 +11787,7 @@ CVE-2005-2996 (Multiple heap-based and stack-based buffer overflows in certain DCOM ...) NOT-FOR-US: VERITAS storage solutions CVE-2005-2995 (bacula 1.36.3 and earlier allows local users to modify or read ...) - - bacula (bug #329271; low) + - bacula 1.38.9-1 (bug #329271; low) NOTE: Sarge affected, didn't exist in Woody CVE-2005-2994 (Unspecified vulnerability in the web client for IBM Rational ...) NOT-FOR-US: IBM Rational ClearQuest ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4222 - in data: CVE DSA
Author: micah Date: 2006-06-15 02:05:46 + (Thu, 15 Jun 2006) New Revision: 4222 Modified: data/CVE/list data/DSA/list Log: Added DSA-1098-1 and DSA-1097-1 Added docuwiki fixed version number Modified: data/CVE/list === --- data/CVE/list 2006-06-15 01:54:31 UTC (rev 4221) +++ data/CVE/list 2006-06-15 02:05:46 UTC (rev 4222) @@ -271,7 +271,7 @@ CVE-2006-2879 (SQL injection vulnerability in newscomments.php in Alex News-Engine ...) NOT-FOR-US: Alex News-Engine CVE-2006-2878 (The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier ...) - - dokuwiki unfixed (bug #370369; high) + - dokuwiki 0.0.20060309-4 (bug #370369; high) CVE-2006-2877 (PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and ...) NOT-FOR-US: Bookmark4U CVE-2006-2876 (Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish ...) Modified: data/DSA/list === --- data/DSA/list 2006-06-15 01:54:31 UTC (rev 4221) +++ data/DSA/list 2006-06-15 02:05:46 UTC (rev 4222) @@ -1,3 +1,9 @@ +[14 Jun 2006] DSA-1098-1 - horde3 - missing input sanitising + {CVE-2006-2195} + [sarge] - horde3 3.0.4-4sarge4 +[14 Jun 2006] DSA-1097-1 kernel-source-2.4.27 - several vulnerabilities + {CVE-2006-0038 CVE-2006-0039 CVE-2006-0741 CVE-2006-0742 CVE-2006-1056 CVE-2006-1242 CVE-2006-1343 CVE-2006-1368 CVE-2006-1524 CVE-2006-1525 CVE-2006-1857 CVE-2006-1858 CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274} + [sarge] - kernel-source-2.4.27 2.4.27-10sarge3 [13 Jun 2006] DSA-1096-1 webcalendar - uninitialised variable {CVE-2006-2762} [sarge] - webcalendar 0.9.45-4sarge5 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4224 - data/DSA
Author: micah Date: 2006-06-15 02:10:24 + (Thu, 15 Jun 2006) New Revision: 4224 Modified: data/DSA/list Log: added DSA-1099-1 (horde2) Modified: data/DSA/list === --- data/DSA/list 2006-06-15 02:07:37 UTC (rev 4223) +++ data/DSA/list 2006-06-15 02:10:24 UTC (rev 4224) @@ -1,3 +1,6 @@ +[14 Jun 2006] DSA-1099-1 - horde2 - missing input sanitising + {CVE-2006-2195} + [sarge] - horde2 2.2.8-1sarge3. [14 Jun 2006] DSA-1098-1 - horde3 - missing input sanitising {CVE-2006-2195} [sarge] - horde3 3.0.4-4sarge4 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4145 - data/CVE
Author: micah Date: 2006-06-05 11:39:47 + (Mon, 05 Jun 2006) New Revision: 4145 Modified: data/CVE/list Log: Adjusted debian package number for gdm (CVE-2006-1057) Modified: data/CVE/list === --- data/CVE/list 2006-06-05 09:56:43 UTC (rev 4144) +++ data/CVE/list 2006-06-05 11:39:47 UTC (rev 4145) @@ -4127,7 +4127,7 @@ - busybox unfixed (low; bug #360578) CVE-2006-1057 (Race condition in daemon/slave.c in gdm before 2.14.1 allows local ...) {DSA-1040-1} - - gdm 2.14.1-1 + - gdm 2.14.4-1 CVE-2006-1056 (The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running ...) - linux-2.6 2.6.16-9 - kfreebsd-source-5.4 5.4-17 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4150 - data/CVE
Author: micah Date: 2006-06-05 22:21:37 + (Mon, 05 Jun 2006) New Revision: 4150 Modified: data/CVE/list Log: Re-contacting mitre about duplicate backup manager CVEs, no response yet Modified: data/CVE/list === --- data/CVE/list 2006-06-05 15:10:05 UTC (rev 4149) +++ data/CVE/list 2006-06-05 22:21:37 UTC (rev 4150) @@ -14233,9 +14233,11 @@ CVE-2005-2212 (Backup Manager 0.5.8a creates an archive repository with world ...) NOTE: duplicate of CVE-2005-1856 NOTE: Mitre contacted - micah April 20, 2006 + NOTE: Mitre re-contacted - micah June 5, 2006 CVE-2005-2211 (Backup Manager 0.5.8a creates temporary files insecurely, which allows ...) NOTE: duplicate of CVE-2005-1855 NOTE: Mitre contacted - micah April 20, 2006 + NOTE: Mitre re-contacted - micah June 5, 2006 CVE-2005-2210 (Stack-based buffer overflow in Internet Download Manager 4.05 allows ...) NOT-FOR-US: Internet Download Manager CVE-2005-2209 (Capturix ScanShare 1.06 build 50 stores sensitive information such as ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r4127 - data/CVE
Author: micah Date: 2006-06-03 17:51:43 + (Sat, 03 Jun 2006) New Revision: 4127 Modified: data/CVE/list Log: Woody not affected by mantis CVE-2006-1577 Modified: data/CVE/list === --- data/CVE/list 2006-06-03 17:40:20 UTC (rev 4126) +++ data/CVE/list 2006-06-03 17:51:43 UTC (rev 4127) @@ -2551,6 +2551,7 @@ CVE-2006-1578 (Multiple SQL injection vulnerabilities in Keystone Digital Library ...) NOT-FOR-US: Keystone Digital Library Suite CVE-2006-1577 (Multiple cross-site scripting (XSS) vulnerabilities in ...) +[woody] - mantis not-affected (Vulnerable code not present) - mantis unfixed (bug #361138) CVE-2006-1576 (Direct static code injection vulnerability in QLnews 1.2 allows remote ...) NOT-FOR-US: QLnews ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3964 - in data: . CVE
Author: micah Date: 2006-05-18 15:48:10 + (Thu, 18 May 2006) New Revision: 3964 Modified: data/CVE/list data/ID_pending Log: Some NFUs, and a handful of pending IDs obtained from Mitre Modified: data/CVE/list === --- data/CVE/list 2006-05-17 19:27:50 UTC (rev 3963) +++ data/CVE/list 2006-05-18 15:48:10 UTC (rev 3964) @@ -3,39 +3,40 @@ NOTE: mail to bugtraq implies 4.0 is not vulnerable TODO: sarge needs to be checked CVE-2006-2358 (Multiple cross-site scripting (XSS) vulnerabilities in various scripts ...) - TODO: check + NOT-FOR-US: Web Labs CMS CVE-2006-2357 (Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp CVE-2006-2356 (NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp CVE-2006-2355 (Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp CVE-2006-2354 (NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp CVE-2006-2353 (NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp CVE-2006-2352 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp CVE-2006-2351 (Multiple cross-site scripting (XSS) vulnerabilities in IPswitch ...) - TODO: check + NOT-FOR-US: Ipswitch WhatsUp CVE-2006-2350 (SQL injection vulnerability in the inc/elementz.php script in AliPAGER ...) - TODO: check + NOT-FOR-US: AliPAGER CVE-2006-2349 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: E-Business Designer CVE-2006-2348 (Cross-site scripting (XSS) vulnerability in form_grupo.html in ...) - TODO: check + NOT-FOR-US: E-Business Designer CVE-2006-2347 (E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to ...) - TODO: check + NOT-FOR-US: E-Business Designer CVE-2006-2346 (vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows ...) - TODO: check + NOTE: Unable to reach CVS to determine if prior versions are affected + NOTE: Micah will return to this one CVE-2006-2345 (Cross-site scripting (XSS) vulnerability in inc/elementz.php in ...) - TODO: check + NOT-FOR-US: AliPAGER CVE-2006-2344 (SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with ...) - TODO: check + NOT-FOR-US: AliPAGER CVE-2006-2343 (Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine ...) - TODO: check + NOT-FOR-US: ManageEngine OpManager CVE-2006-2342 (IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote ...) - TODO: check + NOT-FOR-US: IBM WebSphere Application Server CVE-2006- [dovecot information disclosure: list .. directory] - dovecot 1.0.beta8-1 (low) [sarge] - dovecot not-affected (vulnerability introduced in 1.0) @@ -3840,7 +3841,7 @@ NOT-FOR-US: Geeklog CVE-2005-4724 (SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows ...) NOT-FOR-US: PhpTagCool -CVE-2006- [imagemagick: array index overflow in DisplayImageCommand] +CVE-2006-2440 [imagemagick: array index overflow in DisplayImageCommand] - imagemagick 6:6.2.4.5-0.6 (bug #345595) CVE-2006-0735 (Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom ...) NOT-FOR-US: My Blog @@ -4069,7 +4070,7 @@ CVE-2006- [dpkg-sig: insecure temp file bug] - dpkg-sig 0.13 (bug #352723; low) [sarge] - dpkg-sig no-dsa (Only affected in debug mode) -CVE-2006- [pioneers meta-server DoS] +CVE-2006-2441 [pioneers meta-server DoS] - pioneers 0.9.55-1 (bug #351986; medium) [sarge] - gnocatan not-affected (Not exploitable in Sarge per maintainer) CVE-2006-0644 (Multiple directory traversal vulnerabilities in install.php in ...) @@ -5248,7 +5249,7 @@ NOT-FOR-US: Illustrate dBpowerAMP Music Converter CVE-2003-1290 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI ...) NOT-FOR-US: BEA WebLogic Server -CVE-2006- [knowledgetree information disclosure] +CVE-2006-2443 [knowledgetree information disclosure] - knowledgetree unfixed (bug #348306; medium) CVE-2006- [php5 response splitting] - php5 5.1.2-1 (bug #347894) Modified: data/ID_pending === --- data/ID_pending 2006-05-17 19:27:50 UTC (rev 3963) +++ data/ID_pending 2006-05-18 15:48:10 UTC (rev 3964) @@ -1,16 +1,7 @@ -CVE-2006- [imagemagick: array index overflow in
[Secure-testing-commits] r3972 - data/CVE
Author: micah Date: 2006-05-18 23:33:25 + (Thu, 18 May 2006) New Revision: 3972 Modified: data/CVE/list Log: Replaced duplicate kphone ID allocated by security team with the published one from Mitre after consultation with Mortiz Modified: data/CVE/list === --- data/CVE/list 2006-05-18 23:13:26 UTC (rev 3971) +++ data/CVE/list 2006-05-18 23:33:25 UTC (rev 3972) @@ -1277,9 +1277,6 @@ - thunderbird 1.5.0.2-1 CVE-2005-4785 (Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and ...) NOT-FOR-US: QuickBlogger -CVE-2006-2192 [kphone stores SIP passwords in world readable files] - RESERVED - - kphone 1:4.2-3 (bug #337830; low) CVE-2006- [resmgr access restriction bypass] - resmgr 1.0-4 (low) CVE-2006-1789 (Directory traversal vulnerability in pajax_call_dispatcher.php in ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3906 - in data: . CVE
Author: micah Date: 2006-05-02 16:52:58 + (Tue, 02 May 2006) New Revision: 3906 Modified: data/CVE/list data/ID_pending Log: CGIIRC vulnerability, CVE requested Modified: data/CVE/list === --- data/CVE/list 2006-05-02 09:14:20 UTC (rev 3905) +++ data/CVE/list 2006-05-02 16:52:58 UTC (rev 3906) @@ -1,3 +1,6 @@ +CVE-2006- [librsvg2 crash on certain svg files] +- cgiirc unfixed (bug #365680; medium) +[sarge] - cgiirc unfixed (bug #365680; medium) CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...) TODO: check CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified allows ...) Modified: data/ID_pending === --- data/ID_pending 2006-05-02 09:14:20 UTC (rev 3905) +++ data/ID_pending 2006-05-02 16:52:58 UTC (rev 3906) @@ -1,3 +1,7 @@ +CVE-2006- [librsvg2 crash on certain svg files] +- cgiirc unfixed (bug #365680; medium) +[sarge] - cgiirc unfixed (bug #365680; medium) + NOTE: Requested by Micah May 2, 2006 CVE-2006- [imagemagick: array index overflow in DisplayImageCommand] - imagemagick 6:6.2.4.5-0.6 (bug #345595) NOTE: Requested by Micah March 26, 2006 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3912 - in data: . CVE
Author: micah Date: 2006-05-02 21:24:19 + (Tue, 02 May 2006) New Revision: 3912 Modified: data/CVE/list data/ID_pending Log: CVE-2006-2148 obtained for cgiirc Modified: data/CVE/list === --- data/CVE/list 2006-05-02 21:14:25 UTC (rev 3911) +++ data/CVE/list 2006-05-02 21:24:19 UTC (rev 3912) @@ -1,4 +1,4 @@ -CVE-2006- [librsvg2 crash on certain svg files] +CVE-2006-2148 [librsvg2 crash on certain svg files] - cgiirc unfixed (bug #365680; medium) [sarge] - cgiirc unfixed (bug #365680; medium) CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...) Modified: data/ID_pending === --- data/ID_pending 2006-05-02 21:14:25 UTC (rev 3911) +++ data/ID_pending 2006-05-02 21:24:19 UTC (rev 3912) @@ -1,7 +1,3 @@ -CVE-2006- [librsvg2 crash on certain svg files] -- cgiirc unfixed (bug #365680; medium) -[sarge] - cgiirc unfixed (bug #365680; medium) - NOTE: Requested by Micah May 2, 2006 CVE-2006- [imagemagick: array index overflow in DisplayImageCommand] - imagemagick 6:6.2.4.5-0.6 (bug #345595) NOTE: Requested by Micah March 26, 2006 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3873 - data/CVE
Author: micah Date: 2006-04-25 17:41:25 + (Tue, 25 Apr 2006) New Revision: 3873 Modified: data/CVE/list Log: Update mambo bug number Modified: data/CVE/list === --- data/CVE/list 2006-04-25 10:54:16 UTC (rev 3872) +++ data/CVE/list 2006-04-25 17:41:25 UTC (rev 3873) @@ -44,10 +44,10 @@ CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...) NOT-FOR-US: WWWThreads CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) - - mambo unfixed (bug #233014; medium) + - mambo unfixed (bug #364769; medium) - joomla itp (bug #326398) CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) - - mambo unfixed (bug #233014; medium) + - mambo unfixed (bug #364769; medium) - joomla itp (bug #326398) CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...) NOT-FOR-US: RechnungsZentrale ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3860 - data/CVE
Author: micah Date: 2006-04-23 14:13:41 + (Sun, 23 Apr 2006) New Revision: 3860 Modified: data/CVE/list Log: NFUs and two issues in Mambo Modified: data/CVE/list === --- data/CVE/list 2006-04-23 13:24:05 UTC (rev 3859) +++ data/CVE/list 2006-04-23 14:13:41 UTC (rev 3860) @@ -1,51 +1,51 @@ CVE-2006- [moinmoin XSS] - moin 1.5.3-1 CVE-2006-1976 (Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer ...) - TODO: check + NOT-FOR-US: Prayer Request Board CVE-2006-1975 (Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in ...) - TODO: check + NOT-FOR-US: PHP-Gastebuch CVE-2006-1974 (SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) ...) - TODO: check + NOT-FOR-US: MyBB CVE-2006-1973 (Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router ...) - TODO: check + NOT-FOR-US: Linksys router CVE-2006-1972 (Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut ...) - TODO: check + NOT-FOR-US: EasyGallery CVE-2006-1971 (Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ...) - TODO: check + NOT-FOR-US: KRANKIKOM ContentBoxX CVE-2006-1970 (Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in ...) - TODO: check + NOT-FOR-US: KCScripts Classifieds CVE-2006-1969 (Cross-site scripting (XSS) vulnerability in search/search.cgi in an ...) - TODO: check + NOT-FOR-US: KCScripts CVE-2006-1968 (Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in ...) - TODO: check + NOT-FOR-US: KCScripts CVE-2006-1967 (Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in ...) - TODO: check + NOT-FOR-US: KCScripts CVE-2006-1966 (An unspecified Fortinet product, possibly Fortinet28, allows remote ...) - TODO: check + NOT-FOR-US: Fortinet CVE-2006-1965 (Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net ...) - TODO: check + NOT-FOR-US: Net Clubs Pro CVE-2006-1964 (SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and ...) - TODO: check + NOT-FOR-US: ASPSitem CVE-2006-1963 (Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and ...) - TODO: check + NOT-FOR-US: PCPIN Chat CVE-2006-1962 (SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows ...) - TODO: check + NOT-FOR-US: PCPIN Chat CVE-2006-1961 (Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-1960 (Cross-site scripting (XSS) vulnerability in the appliance web user ...) - TODO: check + NOT-FOR-US: Cisco CVE-2006-1959 (PHP remote file inclusion vulnerability in direct.php in ActualScripts ...) - TODO: check + NOT-FOR-US: ActualScripts ActualAnalyzer Lite CVE-2006-1958 (Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote ...) - TODO: check + NOT-FOR-US: WWWThreads CVE-2006-1957 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) - TODO: check +- mambo unfixed (bug #233014; medium) CVE-2006-1956 (The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows ...) - TODO: check + - mambo unfixed (bug #233014; medium) CVE-2006-1955 (PHP remote file inclusion vulnerability in authent.php4 in Nicolas ...) - TODO: check + NOT-FOR-US: RechnungsZentrale CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka ...) - TODO: check + NOT-FOR-US: RechnungsZentrale CVE-2006-1953 RESERVED CVE-2006-1952 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3863 - data/CVE
Author: micah Date: 2006-04-23 14:57:12 + (Sun, 23 Apr 2006) New Revision: 3863 Modified: data/CVE/list Log: awstats issue, some NFUs Modified: data/CVE/list === --- data/CVE/list 2006-04-23 14:21:01 UTC (rev 3862) +++ data/CVE/list 2006-04-23 14:57:12 UTC (rev 3863) @@ -58,25 +58,28 @@ RESERVED NOT-FOR-US: SolarWinds TFTP Server CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in ...) - TODO: check + NOT-FOR-US: PerlCoders BannerFarm CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and ...) - TODO: check + NOT-FOR-US: NicPlex PlexCart CVE-2006-1948 (The quot;Add Sender to Address Bookquot; operation ...) - TODO: check + NOT-FOR-US: Lotus Notes CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum ...) - TODO: check + NOT-FOR-US: NicPlex PlexCart CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and ...) - TODO: check + NOT-FOR-US: Visale CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 ...) - TODO: check + - awstats unfixed (bug #364443; medium) + NOTE: this might be the same core issue as CVE-2005-2732 CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft ...) - TODO: check + NOT-FOR-US: SibSoft CommuniMail CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts ...) - TODO: check + NOT-FOR-US: Smarter Scripts IntelliLink Pro CVE-2006-1942 (Mozilla Firefox 1.5.0.2 allows user-complicit remote attackers to open ...) TODO: check + NOTE: pkg-mozilla-maintainers are preparing a big security release, I've pinged them + NOTE: to ask about this issue CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Neon Responder CVE-2006-1940 RESERVED CVE-2006-1939 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3843 - data/CVE
Author: micah Date: 2006-04-21 23:35:44 + (Fri, 21 Apr 2006) New Revision: 3843 Modified: data/CVE/list Log: libpam-mysql fix uploaded Modified: data/CVE/list === --- data/CVE/list 2006-04-21 21:14:40 UTC (rev 3842) +++ data/CVE/list 2006-04-21 23:35:44 UTC (rev 3843) @@ -3105,7 +3105,7 @@ CVE-2005-4714 (Format string vulnerability in the vmps_log function in OpenVMPS (VLAN ...) NOT-FOR-US: OpenVMPS CVE-2005-4713 (Unspecified vulnerability in the SQL logging facility in PAM-MySQL ...) - - libpam-mysql unfixed (bug #353589; high) + - libpam-mysql 0.6.2-1 (bug #353589; high) CVE-2005-4712 (CRLF injection vulnerability in process_signup.php in PHP Handicapper ...) NOT-FOR-US: Handicapper CVE-2006- [dpkg-sig: insecure temp file bug] @@ -4679,7 +4679,7 @@ CVE-2006-0057 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers ...) NOT-FOR-US: Windows CVE-2006-0056 (Double-free vulnerability in the authentication and authentication ...) - - libpam-mysql unfixed (bug #353589; high) + - libpam-mysql 0.6.2-1 (bug #353589; high) CVE-2006-0055 (The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable ...) - ee unfixed (bug #348322) NOTE: Sarge and Woody are affected ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3776 - data/DSA
Author: micah Date: 2006-04-08 18:27:57 + (Sat, 08 Apr 2006) New Revision: 3776 Modified: data/DSA/list Log: Added DSA-1031-1 cacti Added DSA-1030-1 moodle Added DSA-1029-1 libphp-adodb Fixed incorrect dates on DSAs Updated sudo DSA to -2 Modified: data/DSA/list === --- data/DSA/list 2006-04-08 18:19:30 UTC (rev 3775) +++ data/DSA/list 2006-04-08 18:27:57 UTC (rev 3776) @@ -1,19 +1,29 @@ -[07 Mar 2006] DSA-1028-1 libimager-perl - denial of service +[08 Apr 2006] DSA-1031-1 cacti - several + {CVE-2006-0146 CVE-2006-0147 CVE-2006-0410 CVE-2006-0806} + [sarge] - cacti 0.8.6c-7sarge3 +[08 Apr 2006] DSA-1030-1 moodle - several + {CVE-2006-0146 CVE-2006-0147 CVE-2006-0410 CVE-2006-0806} + [sarge] - moodle - 1.4.4.dfsg.1-3sarge1 +[08 Apr 2006] DSA-1029-1 libphp-adodb - several + {CVE-2006-0146 CVE-2006-0147 CVE-2006-0410 CVE-2006-0806} + [woody] - libphp-adodb 1.51-1.2 + [sarge] - libphp-adodb 4.52-1sarge1 +[07 Apr 2006] DSA-1028-1 libimager-perl - denial of service {CVE-2006-0053} [sarge] - libimager-perl 0.44-1sarge1 -[06 Jan 2006] DSA-1027-1 mailman - programming error +[06 Apr 2006] DSA-1027-1 mailman - programming error {CVE-2006-0052} [woody] - mailman not-affected (Vulnerable code not present) [sarge] - mailman 2.1.5-8sarge2 -[06 Jan 2006] DSA-1026-1 sash - buffer overflows +[06 Apr 2006] DSA-1026-1 sash - buffer overflows {CVE-2005-1849 CVE-2005-2096} [woody] - sash not-affected (Older zlib not vulnerable) [sarge] - sash 3.7-5sarge1 -[06 Jan 2006] DSA-1025-1 dia - programming error +[06 Apr 2006] DSA-1025-1 dia - programming error {CVE-2006-1550} [woody] - dia 0.88.1-3woody1 [sarge] - dia 0.94.0-7sarge3 -[05 Jan 2006] DSA-1024-1 clamav - heap overflow +[05 Apr 2006] DSA-1024-1 clamav - heap overflow {CVE-2006-1614 CVE-2006-1615 CVE-2006-1630} [sarge] - clamav 0.84-2.sarge.8 [05 Apr 2006] DSA-1023-1 kaffeine - buffer overflow @@ -346,10 +356,10 @@ {CVE-2006-0162 CVE-2005-3587} [sarge] - clamav 0.84-2.sarge.7 NOTE: fixed in testing at time of DSA -[20 Jan 2006] DSA-946-1 sudo - missing input sanitising +[08 Apr 2006] DSA-946-2 sudo - missing input sanitising {CVE-2005-4158 CVE-2006-0151} - [woody] - sudo 1.6.6-1.5 - [sarge] - sudo 1.6.8p7-1.3 + [woody] - sudo 1.6.6-1.6 + [sarge] - sudo 1.6.8p7-1.4 NOTE: fixed in testing at time of DSA NOTE: The fix for stable and oldstable switched from a black list NOTE: of dangerous env vars to a white list of known-to-be-safe env vars ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3777 - data
Author: micah Date: 2006-04-08 18:30:08 + (Sat, 08 Apr 2006) New Revision: 3777 Modified: data/embedded-code-copies Log: Added cacti as embedding libphp-adodb Modified: data/embedded-code-copies === --- data/embedded-code-copies 2006-04-08 18:27:57 UTC (rev 3776) +++ data/embedded-code-copies 2006-04-08 18:30:08 UTC (rev 3777) @@ -168,4 +168,5 @@ synfig libphp-adodb: -moodle \ No newline at end of file +moodle +cacti (dependency exists, but internal version is used) \ No newline at end of file ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3729 - data data/CVE doc
Author: micah Date: 2006-04-01 22:59:42 + (Sat, 01 Apr 2006) New Revision: 3729 Added: doc/buildds Modified: data/CVE/list data/embedded-code-copies Log: Added info on who runs what buildd arch, added libphp-adodb info to embedded copies list and bug numbers for moodle security issues Modified: data/CVE/list === --- data/CVE/list 2006-04-01 12:29:04 UTC (rev 3728) +++ data/CVE/list 2006-04-01 22:59:42 UTC (rev 3729) @@ -1620,6 +1620,7 @@ NOT-FOR-US: NJStar CVE-2006-0806 (Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71 ...) - libphp-adodb 4.72-0.1 (bug #358872; medium) + - moodle unfixed (bug #360396; medium) CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed ...) NOT-FOR-US: php-Nuke CVE-2006-0804 (Off-by-one error in TIN 1.8.0 and earlier might allow attackers to ...) @@ -2614,7 +2615,8 @@ CVE-2006-0411 (claro_init_local.inc.php in Claroline 1.7.2 uses guessable session ...) NOT-FOR-US: Claroline CVE-2006-0410 (SQL injection vulnerability in ADOdb before 4.71, when using ...) - - libphp-adodb 4.72-0.1 (medium; bug #349985) + - libphp-adodb 4.72-0.1 (bug #349985; medium) + - moodle unfixed (bug #360395; medium) CVE-2006-0409 (Cross-site scripting (XSS) vulnerability in index.php in Pixelpost ...) NOT-FOR-US: Pixelpost Photoblog CVE-2006-0408 (rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users ...) Modified: data/embedded-code-copies === --- data/embedded-code-copies 2006-04-01 12:29:04 UTC (rev 3728) +++ data/embedded-code-copies 2006-04-01 22:59:42 UTC (rev 3729) @@ -166,3 +166,6 @@ etl-dev (will be renamed to libetl-dev soon): synfig + +libphp-adodb: +moodle \ No newline at end of file Added: doc/buildds === --- doc/buildds 2006-04-01 12:29:04 UTC (rev 3728) +++ doc/buildds 2006-04-01 22:59:42 UTC (rev 3729) @@ -0,0 +1,15 @@ +The testing-secure buildd arches are run by the following people: + +Arch Run by +-- +alpha formorer +arm kmuto +mipsel aba +ia64aba +ppc aba +sparc djpig +s390zobel +hppazobel +mipstbm +m68kyoe + ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3718 - data/CVE
Author: micah Date: 2006-03-30 16:41:38 + (Thu, 30 Mar 2006) New Revision: 3718 Modified: data/CVE/list Log: Handful of NFUs Modified: data/CVE/list === --- data/CVE/list 2006-03-30 15:42:09 UTC (rev 3717) +++ data/CVE/list 2006-03-30 16:41:38 UTC (rev 3718) @@ -6,35 +6,35 @@ - php5 unfixed (bug #359904; low) - php4 unfixed (bug #359907; low) CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: ActiveCampaign SupportTrio CVE-2006-1487 (Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio ...) - TODO: check + NOT-FOR-US: ActiveCampaign SupportTrio CVE-2006-1486 (Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in ...) - TODO: check + NOT-FOR-US: realestateZONE CVE-2006-1485 (gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users ...) - TODO: check + NOT-FOR-US: Greymatter CVE-2006-1484 (Genius VideoCAM NB Driver does not drop privileges when saving files, ...) - TODO: check + NOT-FOR-US: Genius VideoCAM NB Driver CVE-2006-1483 (Blazix Web Server before 1.2.6, when running on Windows, allows remote ...) - TODO: check + NOT-FOR-US: Blazix Web Server CVE-2006-1482 (Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 ...) - TODO: check + NOT-FOR-US: ConfTool CVE-2006-1481 (SQL injection vulnerability in search.php in PHP Ticket 0.71 allows ...) - TODO: check + NOT-FOR-US: PHP Ticket CVE-2006-1480 (Directory traversal vulnerability in start.php in WebAlbum 2.02 allows ...) - TODO: check + NOT-FOR-US: WebAlbum CVE-2006-1479 (Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey ...) - TODO: check + NOT-FOR-US: Serge Rey gtd-php CVE-2006-1478 (Directory traversal vulnerability in (1) initiate.php and (2) possibly ...) - TODO: check + NOT-FOR-US: Turnkey Web Tools PHP Live Helper CVE-2006-1477 (Multiple PHP remote file inclusion vulnerabilities in Turnkey Web ...) - TODO: check + NOT-FOR-US: Turnkey Web Tools PHP Live Helper CVE-2006-1476 (Windows Firewall in Microsoft Windows XP SP2 produces incorrect ...) - TODO: check + NOT-FOR-US: Windows Firewall CVE-2006-1475 (Windows Firewall in Microsoft Windows XP SP2 does not produce ...) - TODO: check + NOT-FOR-US: Windows Firewall CVE-2006-1474 (Cross-site scripting (XSS) vulnerability in the quot;failedquot; functionality ...) - TODO: check + NOT-FOR-US: Raindance Web Conferencing Pro CVE-2006-1473 RESERVED CVE-2006-1472 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3693 - data/CVE
Author: micah Date: 2006-03-25 21:51:47 + (Sat, 25 Mar 2006) New Revision: 3693 Modified: data/CVE/list Log: Added bug num for libphp-adodb and uploaded a NMU for libphp-adodb Modified: data/CVE/list === --- data/CVE/list 2006-03-24 21:26:44 UTC (rev 3692) +++ data/CVE/list 2006-03-25 21:51:47 UTC (rev 3693) @@ -1249,7 +1249,7 @@ CVE-2006-0807 (Stack-based buffer overflow in NJStar Chinese and Japanese Word ...) NOT-FOR-US: NJStar CVE-2006-0806 (Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71 ...) - - libphp-adodb unfixed + - libphp-adodb 4.72-0.1 (bug #358872; medium) CVE-2006-0805 (The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed ...) NOT-FOR-US: php-Nuke CVE-2006-0804 (Off-by-one error in TIN 1.8.0 and earlier might allow attackers to ...) @@ -2247,7 +2247,7 @@ CVE-2006-0411 (claro_init_local.inc.php in Claroline 1.7.2 uses guessable session ...) NOT-FOR-US: Claroline CVE-2006-0410 (SQL injection vulnerability in ADOdb before 4.71, when using ...) - - libphp-adodb unfixed (medium; bug #349985) + - libphp-adodb 4.72-0.1 (medium; bug #349985) CVE-2006-0409 (Cross-site scripting (XSS) vulnerability in index.php in Pixelpost ...) NOT-FOR-US: Pixelpost Photoblog CVE-2006-0408 (rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users ...) @@ -2906,9 +2906,9 @@ CVE-2006-0148 (NetSarang Xlpd 2.1 allows remote attackers to cause a denial of ...) NOT-FOR-US: NetSarang Xlpd CVE-2006-0147 (Dynamic code evaluation vulnerability in tests/tmssql.php test script ...) - - libphp-adodb unfixed (medium; bug #349985) + - libphp-adodb 4.72-0.1 (medium; bug #349985) CVE-2006-0146 (The server.php test script in ADOdb for PHP before 4.70, as used in ...) - - libphp-adodb unfixed (medium; bug #349985) + - libphp-adodb 4.72-0.1 (medium; bug #349985) CVE-2006-0145 (The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and ...) NOT-FOR-US: NetBSD CVE-2006-0144 (The proxy server feature in go-pear.php in PHP PEAR 0.2.2 allows ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3690 - data/DSA
Author: micah Date: 2006-03-24 20:47:06 + (Fri, 24 Mar 2006) New Revision: 3690 Modified: data/DSA/list Log: DSA 1019-1 kpdf Modified: data/DSA/list === --- data/DSA/list 2006-03-24 15:39:44 UTC (rev 3689) +++ data/DSA/list 2006-03-24 20:47:06 UTC (rev 3690) @@ -1,3 +1,6 @@ +[24 Mar 2006] DSA-1019-1 kpdf - several + {CVE-2006-1244} + [sarge] - kpdf 1.3.5-4.sarge.3 [24 Mar 2006] DSA-1018-1 kernel-source-2.4.27 - several {CVE-2004-0887 CVE-2004-1058 CVE-2004-2607 CVE-2005-0449 CVE-2005-1761 CVE-2005-2457 CVE-2005-2555 CVE-2005-2709 CVE-2005-2973 CVE-2005-3257 CVE-2005-3783 CVE-2005-3806 CVE-2005-3848 CVE-2005-3857 CVE-2005-3858 CVE-2005-4618} [sarge] - kernel-source-2.4.27 2.4.27-10sarge2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3648 - in data: . CVE
Author: micah Date: 2006-03-20 13:35:29 + (Mon, 20 Mar 2006) New Revision: 3648 Modified: data/CVE/list data/ID_pending Log: IDs obtained for 6 issues Modified: data/CVE/list === --- data/CVE/list 2006-03-20 10:44:53 UTC (rev 3647) +++ data/CVE/list 2006-03-20 13:35:29 UTC (rev 3648) @@ -564,7 +564,7 @@ TODO: check CVE-2005-4728 (Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian ...) - amaya 9.4-1 (bug #341424) -CVE-2006- [runit local privilege escalation] +CVE-2006-1319 [runit local privilege escalation] - runit unfixed (bug #356016; medium) [sarge] - runit not-affected CVE-2006-1049 (Multiple SQL injection vulnerabilities in Joomla! 1.0.7 and earlier ...) @@ -800,13 +800,13 @@ TODO: check CVE-2006-0938 (Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and ...) TODO: check -CVE-2006- [minor bypass of rssh sanitising] +CVE-2006-1320 [minor bypass of rssh sanitising] - rssh 2.3.0-1.1 (bug #346322; low) [sarge] - rssh not-affected (Problem has been introduced in 2.3.0) CVE-2006- [buffer overflow in netcat example] - netcat 1.10-31 (bug #352369; unimportant) NOTE: Only an example, not in the binary package -CVE-2006- [webcheck XSS] +CVE-2006-1321 [webcheck XSS] - webcheck 1.9.6 CVE-2006-0937 (U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive ...) TODO: check @@ -1079,8 +1079,6 @@ TODO: check CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web Proxy Cache ...) TODO: check -CVE-2006- [cherrypy2 information disclosure] - - cherrypy2 2.1.1-1 (bug #353542) CVE-2006-0811 (Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board ...) NOT-FOR-US: Skate Board CVE-2006-0810 (Unspecified vulnerability in config.php in Skate Board 0.9 allows ...) @@ -1241,7 +1239,7 @@ TODO: check CVE-2005-4724 (SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows ...) TODO: check -CVE-2006- [sa-exim: deletion of files] +CVE-2006-1251 [sa-exim: deletion of files] - sa-exim unfixed (bug #345071) CVE-2006- [imagemagick: array index overflow in DisplayImageCommand] - imagemagick 6:6.2.4.5-0.6 (bug #345595) Modified: data/ID_pending === --- data/ID_pending 2006-03-20 10:44:53 UTC (rev 3647) +++ data/ID_pending 2006-03-20 13:35:29 UTC (rev 3648) @@ -1,24 +1,7 @@ -CVE-2006- [runit local privilege escalation] - - runit unfixed (bug #356016; medium) - [sarge] - runit not-affected - NOTE: Micah requested CVE March 19, 2006 -CVE-2006- [minor bypass of rssh sanitising] - - rssh unfixed (bug #346322; low) - [sarge] - rssh not-affected (Problem has been introduced in 2.3.0) - NOTE: Micah requested CVE March 19, 2006 CVE-2006- [buffer overflow in netcat example] - netcat 1.10-30 (bug #352369; unimportant) NOTE: Only an example, not in the binary package NOTE: Already fixed, not worth getting a CVE for? -CVE-2006- [webcheck XSS] - - webcheck 1.9.6 - NOTE: Micah requested CVE March 19, 2006 -CVE-2006- [cherrypy2 information disclosure] - - cherrypy2 2.1.1-1 (bug #353542) - NOTE: Micah requested CVE March 19, 2006 -CVE-2006- [sa-exim: deletion of files] - - sa-exim unfixed (bug #345071) - NOTE: Micah requested CVE March 19, 2006 CVE-2006- [imagemagick: array index overflow in DisplayImageCommand] - imagemagick 6:6.2.4.5-0.6 (bug #345595) CVE-2006- [imagemagick's display(1) deletes arbitrary files] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3643 - in data: . CVE
Author: micah Date: 2006-03-20 00:21:31 + (Mon, 20 Mar 2006) New Revision: 3643 Modified: data/CVE/list data/ID_pending Log: Sent some pending IDs to Mitre and updated a version number Modified: data/CVE/list === --- data/CVE/list 2006-03-19 10:39:57 UTC (rev 3642) +++ data/CVE/list 2006-03-20 00:21:31 UTC (rev 3643) @@ -665,7 +665,7 @@ - rssh 2.3.0-1.1 (bug #346322; low) [sarge] - rssh not-affected (Problem has been introduced in 2.3.0) CVE-2006- [buffer overflow in netcat example] - - netcat 1.10-30 (bug #352369; unimportant) + - netcat 1.10-31 (bug #352369; unimportant) NOTE: Only an example, not in the binary package CVE-2006- [webcheck XSS] - webcheck 1.9.6 Modified: data/ID_pending === --- data/ID_pending 2006-03-19 10:39:57 UTC (rev 3642) +++ data/ID_pending 2006-03-20 00:21:31 UTC (rev 3643) @@ -1,18 +1,24 @@ CVE-2006- [runit local privilege escalation] - runit unfixed (bug #356016; medium) [sarge] - runit not-affected + NOTE: Micah requested CVE March 19, 2006 CVE-2006- [minor bypass of rssh sanitising] - rssh unfixed (bug #346322; low) [sarge] - rssh not-affected (Problem has been introduced in 2.3.0) + NOTE: Micah requested CVE March 19, 2006 CVE-2006- [buffer overflow in netcat example] - netcat 1.10-30 (bug #352369; unimportant) NOTE: Only an example, not in the binary package + NOTE: Already fixed, not worth getting a CVE for? CVE-2006- [webcheck XSS] - webcheck 1.9.6 + NOTE: Micah requested CVE March 19, 2006 CVE-2006- [cherrypy2 information disclosure] - cherrypy2 2.1.1-1 (bug #353542) + NOTE: Micah requested CVE March 19, 2006 CVE-2006- [sa-exim: deletion of files] - sa-exim unfixed (bug #345071) + NOTE: Micah requested CVE March 19, 2006 CVE-2006- [imagemagick: array index overflow in DisplayImageCommand] - imagemagick 6:6.2.4.5-0.6 (bug #345595) CVE-2006- [imagemagick's display(1) deletes arbitrary files] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3644 - data/CVE
Author: micah Date: 2006-03-20 05:15:40 + (Mon, 20 Mar 2006) New Revision: 3644 Modified: data/CVE/list Log: Some NFUs and an issue on qmailadmin Modified: data/CVE/list === --- data/CVE/list 2006-03-20 00:21:31 UTC (rev 3643) +++ data/CVE/list 2006-03-20 05:15:40 UTC (rev 3644) @@ -216,41 +216,41 @@ CVE-2006-1146 (Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in ...) NOT-FOR-US: Alien Arena Gold CVE-2006-1145 (Format string vulnerability in the safe_cprintf function in ...) - TODO: check + NOT-FOR-US: Alien Arena Gold CVE-2006-1144 (Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows ...) - TODO: check + NOT-FOR-US: Hit Host CVE-2006-1143 (Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 ...) - TODO: check + NOT-FOR-US: FTPoed Blog Engine CVE-2006-1142 (Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows ...) - TODO: check + NOT-FOR-US: Ravenous Web Server CVE-2006-1141 (Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows ...) - TODO: check + - qmailadmin unfixed (bug #357896; medium) CVE-2006-1140 (SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote ...) - TODO: check + NOT-FOR-US: RedBLoG CVE-2006-1139 (Unspecified vulnerability in the ESS/ Network Controller in Xerox ...) - TODO: check + NOT-FOR-US: Xerox CopyCentre CVE-2006-1138 (Unspecified vulnerability in the web server code in Xerox CopyCentre ...) - TODO: check + NOT-FOR-US: Xerox CopyCentre CVE-2006-1137 (Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox ...) - TODO: check + NOT-FOR-US: Xerox CopyCentre CVE-2006-1136 (Buffer overflow in the PostScript file interpreter code for Xerox ...) - TODO: check + NOT-FOR-US: Xerox CopyCentre CVE-2006-1135 (Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 ...) - TODO: check + NOT-FOR-US: sBlog CVE-2006-1134 (SQL injection vulnerability in CyBoards PHP Lite 1.25, when ...) - TODO: check + NOT-FOR-US: CyBoards CVE-2006-1133 (Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 ...) - TODO: check + NOT-FOR-US: vbzoom CVE-2006-1132 (SQL injection vulnerability in show.php in vbzoom 1.11 allow remote ...) - TODO: check + NOT-FOR-US: vbzoom CVE-2006-1131 (Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS ...) - TODO: check + NOT-FOR-US: bitweaver CVE-2006-1130 (Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows ...) - TODO: check + NOT-FOR-US: EKINboard CVE-2006-1129 (SQL injection vulnerability in config.php in EKINboard 1.0.3 allows ...) - TODO: check + NOT-FOR-US: EKINboard CVE-2005-4729 (SQL injection vulnerabilitiy in show.php in VBZooM Forum allows remote ...) - TODO: check + NOT-FOR-US: VBZooM CVE-2006- [Directory traversal issue in Namazu2] - namazu2 2.0.16-1 CVE-2006-1166 (Monotone 0.25 and earlier, when a user creates a file in a directory ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3640 - in data: CVE DSA
Author: micah Date: 2006-03-17 18:34:01 + (Fri, 17 Mar 2006) New Revision: 3640 Modified: data/CVE/list data/DSA/list Log: DSA 1008-1 added and fixed drupal reference Modified: data/CVE/list === --- data/CVE/list 2006-03-17 18:14:29 UTC (rev 3639) +++ data/CVE/list 2006-03-17 18:34:01 UTC (rev 3640) @@ -1069,6 +1069,7 @@ CVE-2006-0747 RESERVED CVE-2006-0746 (Certain patches for kpdf do not include all relevant patches from xpdf ...) + {DSA-1008-1} - kdegraphics 3.5.0-3 NOTE: Only affected the 3.3.2 KDE backport CVE-2006-0745 Modified: data/DSA/list === --- data/DSA/list 2006-03-17 18:14:29 UTC (rev 3639) +++ data/DSA/list 2006-03-17 18:34:01 UTC (rev 3640) @@ -1,6 +1,10 @@ +[17 Mar 2006] DSA-1008-1 kpdf - buffer overflow + {CVE-2006-0746} + [sarge] - 3.3.2-2sarge4 + NOTE: Sid is not affected according to DSA [17 Mar 2006] DSA-1007-1 drupal - several {CVE-2006-1225 CVE-2006-1226 CVE-2006-1227 CVE-2006-1228} - [sarge] - 4.5.3-6 + [sarge] - drupal 4.5.3-6 NOTE: not fixed in testing at the time of DSA (too young) [16 Mar 2006] DSA-1006-1 wzdftpd - missing input sanitising {CVE-2005-3081} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3614 - doc
Author: micah Date: 2006-03-14 16:46:53 + (Tue, 14 Mar 2006) New Revision: 3614 Modified: doc/narrative_introduction Log: Made more clear DSA cross-reference info Modified: doc/narrative_introduction === --- doc/narrative_introduction 2006-03-14 16:40:44 UTC (rev 3613) +++ doc/narrative_introduction 2006-03-14 16:46:53 UTC (rev 3614) @@ -297,19 +297,28 @@ [sarge] - unzip 5.52-1sarge2 NOTE: fixed in testing at time of DSA -The first line tracks the date, when a DSA was issued, the DSA identifier, -the affected source package and the type of vulnerability. -The second line performs a cross-reference to the entry in CVE/list that -maintains the state of the vulnerability in sid. Every entry that is -added like this to DSA/list is parsed by a script and automatically added -to CVE/list, so there's no need to add references to the CVE list manually -(although you could). -The next lines contain the fixes for stable and optionally oldstable, addressed -with distribution tags. -You may add NOTE: entries freely, we use a NOTE entry for statistical purposes -that tracks, when a fix has reached testing relative to the time when it hit -stable. +The first line tracks the date, when a DSA was issued, the DSA +identifier, the affected source package and the type of vulnerability. +The second line performs a cross-reference to the entry in CVE/list +that maintains the state of the vulnerability in sid. Every entry that +is added like this to DSA/list is parsed by a script and automatically +added to CVE/list. The next lines contain the fixes for stable and +optionally oldstable, addressed with distribution tags. You may add +NOTE: entries freely, we use a NOTE entry for statistical purposes +that tracks, when a fix has reached testing relative to the time when +it hit stable. +Once an entry has been added to DSA/list, a cross-reference should be +added to CVE/list, an example based on the above DSA follows: + +CVE-2005-2475 (Race condition in Unzip 5.52 allows local users to modify permissions ...) + {DSA-903-1} + - unzip 5.52-4 (bug #321927; low) + +It is unnecessary to add [sarge] or [woody] entries to CVE/list when +there is a DSA cross-reference. However, they should be added if there +is a 'no-dsa' or 'not-affected' condition. + The bin/dsa2list script can be used to generate a template for a new DSA entry once the official DSA is published on the web. You should not blindly trust the script output and double-check it, though. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3615 - doc
Author: micah Date: 2006-03-14 16:52:56 + (Tue, 14 Mar 2006) New Revision: 3615 Modified: doc/narrative_introduction Log: Re-re-clarified DSA cross references Modified: doc/narrative_introduction === --- doc/narrative_introduction 2006-03-14 16:46:53 UTC (rev 3614) +++ doc/narrative_introduction 2006-03-14 16:52:56 UTC (rev 3615) @@ -308,15 +308,9 @@ that tracks, when a fix has reached testing relative to the time when it hit stable. -Once an entry has been added to DSA/list, a cross-reference should be -added to CVE/list, an example based on the above DSA follows: - -CVE-2005-2475 (Race condition in Unzip 5.52 allows local users to modify permissions ...) - {DSA-903-1} - - unzip 5.52-4 (bug #321927; low) - -It is unnecessary to add [sarge] or [woody] entries to CVE/list when -there is a DSA cross-reference. However, they should be added if there +There is no need to add anything to CVE/list for a DSA, the DSA +cross-reference will be added automatically by the cron job. However, +you do need to add [sarge] or [woody] entries to CVE/list when there is a 'no-dsa' or 'not-affected' condition. The bin/dsa2list script can be used to generate a template for a new ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3599 - data
Author: micah Date: 2006-03-11 22:53:41 + (Sat, 11 Mar 2006) New Revision: 3599 Added: data/ID_pending Log: This is a list of the current CVE- issues that need to be assigned Added: data/ID_pending === --- data/ID_pending 2006-03-11 21:52:33 UTC (rev 3598) +++ data/ID_pending 2006-03-11 22:53:41 UTC (rev 3599) @@ -0,0 +1,437 @@ +CVE-2006- [runit local privilege escalation] + - runit unfixed (bug #356016; medium) + [sarge] - runit not-affected +CVE-2006- [minor bypass of rssh sanitising] + - rssh unfixed (bug #346322; low) + [sarge] - rssh not-affected (Problem has been introduced in 2.3.0) +CVE-2006- [buffer overflow in netcat example] + - netcat 1.10-30 (bug #352369; unimportant) + NOTE: Only an example, not in the binary package +CVE-2006- [webcheck XSS] + - webcheck 1.9.6 +CVE-2006- [the usual gallery2 XSS] + - gallery2 2.0.3-1 +CVE-2006- [Insecure rpath in amaya] + - amaya 9.4-1 (bug #341424) +CVE-2006- [cherrypy2 information disclosure] + - cherrypy2 2.1.1-1 (bug #353542) +CVE-2006- [sa-exim: deletion of files] + - sa-exim unfixed (bug #345071) +CVE-2006- [imagemagick: array index overflow in DisplayImageCommand] + - imagemagick 6:6.2.4.5-0.6 (bug #345595) +CVE-2006- [imagemagick's display(1) deletes arbitrary files] + - imagemagick 6:6.2.4.5-0.7 (bug #352575; medium) + - graphicsmagick not-affected (Vulnerable code not present) + [woody] - imagemagick not-affected (Vulnerable code not present) + [sarge] - imagemagick not-affected (Vulnerable code not present) +CVE-2006- [dpkg-sig: insecure temp file bug] + - dpkg-sig unfixed (bug #352723; medium) +CVE-2006- [Wordpress XSS] + - wordpress 2.0.1-1 (bug #328909) +CVE-2006- [pioneers meta-server DoS] + - pioneers 0.9.55-1 (bug #351986; medium) + [sarge] - gnocatan not-affected (Not exploitable in Sarge per maintainer) +CVE-2006- [kphone creates world-readable config file with passwords] + - kphone unfixed (bug #337830; low) +CVE-2006- [knowledgetree information disclosure] + - knowledgetree unfixed (bug #348306; medium) +CVE-2006- [php5 response splitting] + - php5 5.1.2-1 (bug #347894) + - php4 not-affected (vulnerable code was introduced in PHP5) +CVE-2006- [php5 mysqli format string issue] + - php5 5.1.2-1 (bug #347894) + - php4 not-affected (vulnerable code was introduced in PHP5) +CVE-2005- [World-readable config file with sensitive data in b2evolution] + - b2evolution 0.9.1b-4 (bug #344000) +CVE-2005- [xshisen follows symlinks for shared gid games files] + - xshisen 1.51-1-1.2 (bug #291613) +CVE-2005- [phpbb2 bbcode xss ie-only fixed in 2.0.19] + - phpbb2 not-affected (Fixed through a more complete fix in previous 2.0.13+1-6sarge1 update) +CVE-2005- [snort: DoS in verbose mode] + - snort 2.3.3-2 (bug #328134; low) + [woody] - snort no-dsa (Only exploitable in obscure setups not used in production environments, see #328134) + [sarge] - snort no-dsa (Only exploitable in obscure setups not used in production environments, see #328134) +CVE-2005- [Insecure tempfile in libjpeg6b's exifautotran] + - libjpeg6b 6b-11 (bug #340079; low) + [woody] - libjpeg6b not-affected (Does not include exifautotran) +CVE-2005- [SQL Injection in server_privileges.php] + - phpmyadmin unfixed (bug #343858; unimportant) + NOTE: Attack only works for authenticated users and after all SQL injection is + NOTE: phpmyadmin's primary use case :-) +CVE-2005- [rageirc IRC daemon always allows login with empty password] + - rageircd unfixed (bug #343543; medium) +CVE-2003- [Insecure tempfile in x-face-el] + - x-face-el 1.3.6.23-1 + NOTE: DSA-340 +CVE-2005- [Unspecified new Real/Helix createProcess() issue, no details yet] + - helix-player unfixed (unknown) + NOTE: http://service.real.com/help/faq/security/security111605.html +CVE-2005- [maradns risk mitigation against AES side channel attacks by Shamir et al.] + - maradns 1.0.35-1 (unimportant) +CVE-2005- [unsafe file permissions in vpnc] + - vpnc unfixed (bug #340105; medium) +CVE-2005- [user logout in drupal has no effect] + [sarge] - drupal not-affected (bug was introduced after 4.5.3) + - drupal 4.5.5-3 (bug #336719; medium) +CVE-2005- [double free() in libungif] + - libungif4 4.1.4-1 (bug #338542; medium) +CVE-2005- [webcalendar's password visible to local users through debconf] + - webcalendar unfixed (bug #337624) +CVE-2005- [Insecure temp files in note] + - note 1.3.1-3 (bug #337492; low) +CVE-2005- [ntop format string vulnerability] + - ntop unfixed (bug #335996; unimportant) + NOTE: Not exploitable
[Secure-testing-commits] r3537 - data
Author: micah Date: 2006-02-25 04:13:03 + (Sat, 25 Feb 2006) New Revision: 3537 Modified: data/embedded-code-copies Log: noting some other embedded code copies Modified: data/embedded-code-copies === --- data/embedded-code-copies 2006-02-24 21:14:25 UTC (rev 3536) +++ data/embedded-code-copies 2006-02-25 04:13:03 UTC (rev 3537) @@ -21,7 +21,6 @@ pvpgn (links dynamically since 1.7.8-2) mrtg (links dynamically since 2.12.2-1) - libgadu/ekg: centericq gaim @@ -156,4 +155,13 @@ pine imagemagick: -graphicsmagick \ No newline at end of file +graphicsmagick + +halibut: +nsis + +libghttp: +hotway + +etl-dev (will be renamed to libetl-dev soon): +synfig ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3510 - data/CVE
Author: micah Date: 2006-02-19 19:09:29 + (Sun, 19 Feb 2006) New Revision: 3510 Modified: data/CVE/list Log: Some NFUs and two libpam-mysql issues Modified: data/CVE/list === --- data/CVE/list 2006-02-19 18:47:30 UTC (rev 3509) +++ data/CVE/list 2006-02-19 19:09:29 UTC (rev 3510) @@ -113,7 +113,8 @@ CVE-2006-0682 (Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system ...) NOT-FOR-US: e107 CVE-2006-0681 (Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 ...) - TODO: check + NOT-FOR-US: powerd + NOTE: powerd supposedly normally comes with sysvinit, but not in debian CVE-2006-0680 (Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote ...) NOT-FOR-US: WebGUI CVE-2006-0679 @@ -218,7 +219,7 @@ CVE-2005-4714 (Format string vulnerability in the vmps_log function in OpenVMPS (VLAN ...) NOT-FOR-US: OpenVMPS CVE-2005-4713 (Unspecified vulnerability in the SQL logging facility in PAM-MySQL ...) - TODO: check + - libpam-mysql unfixed (bug #353589; high) CVE-2005-4712 (CRLF injection vulnerability in process_signup.php in PHP Handicapper ...) NOT-FOR-US: Handicapper CVE-2006- [imagemagick's display(1) deletes arbitrary files] @@ -1780,7 +1781,7 @@ CVE-2006-0057 (Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers ...) NOT-FOR-US: Windows CVE-2006-0056 (Double-free vulnerability in the authentication and authentication ...) - TODO: check + - libpam-mysql unfixed (bug #353589; high) CVE-2006-0055 (The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable ...) - ee unfixed (bug #348322) NOTE: Sarge and Woody are affected ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3512 - data/CVE
Author: micah Date: 2006-02-19 19:45:10 + (Sun, 19 Feb 2006) New Revision: 3512 Modified: data/CVE/list Log: 25 more NFUs and one ITP that was miscategorized as a NFU before Modified: data/CVE/list === --- data/CVE/list 2006-02-19 19:17:34 UTC (rev 3511) +++ data/CVE/list 2006-02-19 19:45:10 UTC (rev 3512) @@ -116,7 +116,7 @@ NOT-FOR-US: powerd NOTE: powerd supposedly normally comes with sysvinit, but not in debian CVE-2006-0680 (Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote ...) - NOT-FOR-US: WebGUI + - webgui itp (bug #139749) CVE-2006-0679 RESERVED CVE-2006-0678 (PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before ...) @@ -611,60 +611,59 @@ NOT-FOR-US: CRE Loaded CVE-2006-0477 (Buffer overflow in git-checkout-index in GIT before 1.1.5 allows ...) - git-core 1.1.5-1 (bug #350274) -claimed by micah CVE-2006-0476 (Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Winamp CVE-2006-0475 (PHP-Ping 1.3 does not properly validate ping counts, which allows ...) - TODO: check + NOT-FOR-US: PHP-Ping CVE-2006-0474 (Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers ...) - TODO: check + NOT-FOR-US: Shareaza CVE-2006-0473 (Cross-site scripting (XSS) vulnerability in the bbcode function in ...) - TODO: check + NOT-FOR-US: My little homepage CVE-2006-0472 (Cross-site scripting (XSS) vulnerability in guestbook.php in my little ...) - TODO: check + NOT-FOR-US: My little homepage CVE-2006-0471 (Cross-site scripting (XSS) vulnerability in the bbcode function in ...) - TODO: check + NOT-FOR-US: My little homepage CVE-2006-0470 (Cross-site scripting (XSS) vulnerability in search.php in ...) - TODO: check + NOT-FOR-US: MyBB CVE-2006-0469 (Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and ...) - TODO: check +NOT-FOR-US: uebimiau + NOTE: this had an ITP back in 2002, but it never was done (bug #164116) CVE-2006-0468 (CommuniGate Pro Core Server before 5.0.7 allows remote attackers to ...) - TODO: check + NOT-FOR-US: CommuniGate Pro CVE-2005-4707 (Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before ...) - TODO: check + NOT-FOR-US: PHP GEN CVE-2005-4706 (Unspecified vulnerability in the quot;privilege managementquot; feature of Sun ...) - TODO: check + NOT-FOR-US: Solaris 10 CVE-2005-4705 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2005-4704 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2005-4703 (Apache Tomcat 4.0.3, when running on Windows, allows remote attackers ...) - TODO: check + NOT-FOR-US: Windows Tomcat vulnerability CVE-2005-4702 (SQL injection vulnerability in the favorites module in index.php in ...) - TODO: check + NOT-FOR-US: IPBProArcade CVE-2005-4701 (Unspecified vulnerability in Process File System (procfs) in Sun ...) - TODO: check + NOT-FOR-US: Solaris 10 CVE-2005-4700 (TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) ...) - TODO: check + NOT-FOR-US: TellMe CVE-2005-4699 (Argument injection vulnerability in TellMe 1.2 and earlier allows ...) - TODO: check + NOT-FOR-US: TellMe CVE-2005-4698 (Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier ...) - TODO: check + NOT-FOR-US: TellMe CVE-2005-4697 (The Microsoft Wireless Zero Configuration system (WZCS) allows local ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2005-4696 (The Microsoft Wireless Zero Configuration system (WZCS) stores WEP ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2005-4695 (Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers ...) - TODO: check + NOT-FOR-US: Symantec Brightmail AntiSpam CVE-2005-4694 (Unspecified vulnerability in the www_add method in Asset.pm in Plain ...) - TODO: check + - webgui itp (bug #139749) CVE-2005-4693 (Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to ...) - gaim-encryption unfixed (bug #337127) CVE-2005-4692 (Unspecified vulnerability in mroovca stats (mroovcastats) before ...) - TODO: check + NOT-FOR-US: mroovca CVE-2005-4691 (imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, ...) - TODO: check -end claimed by micah + NOT-FOR-US: NetBSD CVE-2005-4690 (Six Apart Movable Type 3.16 allows local users with blog-creation ...) TODO: check CVE-2005-4689 (Six Apart Movable Type 3.16 stores account names and password hashes
[Secure-testing-commits] r3513 - in data: CVE DSA
Author: micah Date: 2006-02-19 20:37:11 + (Sun, 19 Feb 2006) New Revision: 3513 Modified: data/CVE/list data/DSA/list Log: Added DSA-979-1 pdfkit.framework madness Modified: data/CVE/list === --- data/CVE/list 2006-02-19 19:45:10 UTC (rev 3512) +++ data/CVE/list 2006-02-19 20:37:11 UTC (rev 3513) @@ -1081,7 +1081,7 @@ CVE-2006-0302 (ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 ...) NOT-FOR-US: ZyXel hardware CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other ...) - {DSA-974-1 DSA-972-1 DSA-971-1} + {DSA-979-1 DSA-974-1 DSA-972-1 DSA-971-1} - poppler 0.4.5-1 (medium) - tetex-bin 3.0-12 (medium) - kdegraphics 4:3.5.1-2 (medium) @@ -5725,7 +5725,7 @@ CVE-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...) NOT-FOR-US: ALZip CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream function ...) - {DSA-961-1 DSA-950-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1} + {DSA-979-1 DSA-961-1 DSA-950-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1 DTSA-28-1} - xpdf 3.01-3 (bug #342281; bug #342337; medium) - gpdf 2.10.0-1 (bug #342286; medium) - pdftohtml not-affected (Vulnerable xpdf code not contained) @@ -5752,7 +5752,7 @@ - cupsys 1.1.23-13 (unimportant) - pdfkit.framework 0.8-4 CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...) - {DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-979-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-938-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1} - xpdf 3.01-3 (bug #342281; bug #342337; medium) - gpdf 2.10.0-1 (bug #342286; medium) - pdftohtml unfixed (bug #342289; medium) Modified: data/DSA/list === --- data/DSA/list 2006-02-19 19:45:10 UTC (rev 3512) +++ data/DSA/list 2006-02-19 20:37:11 UTC (rev 3513) @@ -1,3 +1,7 @@ +[17 Feb 2006] DSA-979-1 pdfkit.framework - several + {CVE-2005-3191 CVE-2005-3193 CVE-2006-0301} + [sarge] - pdfkit.framework 0.8-2sarge3 + NOTE: sid is not affected [17 Feb 2006] DSA-978-1 gnupg - invalid success return {CVE-2006-0455} [woody] - gnupg 1.0.6-4woody4 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3503 - data/CVE
Author: micah Date: 2006-02-17 19:18:22 + (Fri, 17 Feb 2006) New Revision: 3503 Modified: data/CVE/list Log: oprofile upload version Modified: data/CVE/list === --- data/CVE/list 2006-02-17 15:53:53 UTC (rev 3502) +++ data/CVE/list 2006-02-17 19:18:22 UTC (rev 3503) @@ -377,7 +377,7 @@ CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...) NOT-FOR-US: Lexmark printer CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...) - - oprofile unfixed (bug #352910; low) + - oprofile 0.9.1-9 (bug #352910; low) CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...) - fcron not-affected (Not included in Debian package) CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3504 - data/CVE
Author: micah Date: 2006-02-17 20:10:49 + (Fri, 17 Feb 2006) New Revision: 3504 Modified: data/CVE/list Log: no-dsa for oprofile in sarge Modified: data/CVE/list === --- data/CVE/list 2006-02-17 19:18:22 UTC (rev 3503) +++ data/CVE/list 2006-02-17 20:10:49 UTC (rev 3504) @@ -378,6 +378,7 @@ NOT-FOR-US: Lexmark printer CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...) - oprofile 0.9.1-9 (bug #352910; low) + [sarge] - oprofile no-dsa (requires sudo access to be vulnerable) CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...) - fcron not-affected (Not included in Debian package) CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3493 - data/CVE
Author: micah Date: 2006-02-15 17:21:54 + (Wed, 15 Feb 2006) New Revision: 3493 Modified: data/CVE/list Log: Update on gnupg issue Modified: data/CVE/list === --- data/CVE/list 2006-02-15 16:20:52 UTC (rev 3492) +++ data/CVE/list 2006-02-15 17:21:54 UTC (rev 3493) @@ -578,8 +578,9 @@ RESERVED CVE-2006-0455 [buggy return codes in gpg's sig verification code] RESERVED - - gnupg unfixed - [woody] - gnupg not-affected (Only gpg 1.4.x are vulnerable) + - gnupg unfixed (bug #353017; medium) + NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html indicates that + NOTE: *all* versions are affected because gpg --verify is also affected CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ...) - linux-2.6 2.6.15-5 [sarge] - kernel-source-2.6.8 not-affected ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3485 - data/CVE
Author: micah Date: 2006-02-15 05:19:30 + (Wed, 15 Feb 2006) New Revision: 3485 Modified: data/CVE/list Log: A bunch of NFUs Modified: data/CVE/list === --- data/CVE/list 2006-02-15 04:36:48 UTC (rev 3484) +++ data/CVE/list 2006-02-15 05:19:30 UTC (rev 3485) @@ -29,39 +29,39 @@ - mantis 0.19.4-3 [woody] - mantis not-affected (Complete rewrite in 0.19) CVE-2006-0663 (Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino ...) - TODO: check + NOT-FOR-US: Lotus Domino CVE-2006-0662 (Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client ...) - TODO: check + NOT-FOR-US: Lotus Domino CVE-2006-0661 (Cross-site scripting (XSS) vulnerability in SmE GB Host 1.21 and SmE ...) - TODO: check + NOT-FOR-US: SmE GB Host CVE-2006-0660 (Multiple directory traversal vulnerabilities in FarsiNews 2.5 and ...) - TODO: check + NOT-FOR-US: FarsiNews CVE-2006-0659 (Multiple PHP remote file include vulnerabilities in Runcms 1.2 and ...) - TODO: check + NOT-FOR-US: Runcms CVE-2006-0658 (Incomplete blacklist vulnerability in FCKeditor 2.0 and 2.2, as used ...) - TODO: check + NOT-FOR-US: FCKeditor CVE-2006-0657 (Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event ...) - TODO: check + NOT-FOR-US: Softcomplex CVE-2006-0656 (Directory traversal vulnerability in HP Systems Insight Manager 4.2 ...) - TODO: check + NOT-FOR-US: HP CVE-2006-0655 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...) - TODO: check + NOT-FOR-US: Hinton Design phpht Topsites CVE-2006-0654 (check.php in Hinton Design phpht Topsites 1.3 does not validate ...) - TODO: check + NOT-FOR-US: Hinton Design phpht Topsites CVE-2006-0653 (Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites ...) - TODO: check + NOT-FOR-US: Hinton Design phpht Topsites CVE-2006-0652 (WHMCompleteSolution (WHMCS) before 2.3 assigns incorrect permissions ...) - TODO: check + NOT-FOR-US: WHMCompleteSolution CVE-2006-0651 (SQL injection vulnerability in index.php in vwdev allows remote ...) - TODO: check + NOT-FOR-US: vwdev CVE-2006-0650 (Cross-site scripting (XSS) vulnerability in cpaint2.inc.php in the ...) - TODO: check + NOT-FOR-US: CPAINT CVE-2006-0649 (Cross-site scripting (XSS) vulnerability in DataparkSearch before 4.37 ...) - TODO: check + NOT-FOR-US: DataparkSearch CVE-2006-0648 (Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, ...) - TODO: check +NOT-FOR-US: PHP iCalendar CVE-2006-0647 (LDAP service in Sun Java System Directory Server 5.2, running on Linux ...) - TODO: check + NOT-FOR-US: Sun Java System Directory Server CVE-2006-0646 (ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain ...) - binutils not-affected (SuSE specific vulnerability) CVE-2006-0645 (Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS ...) @@ -71,11 +71,11 @@ CVE-2005-4715 (Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, ...) NOT-FOR-US: PHP-Nuke CVE-2005-4714 (Format string vulnerability in the vmps_log function in OpenVMPS (VLAN ...) - TODO: check + NOT-FOR-US: OpenVMPS CVE-2005-4713 (Unspecified vulnerability in the SQL logging facility in PAM-MySQL ...) TODO: check CVE-2005-4712 (CRLF injection vulnerability in process_signup.php in PHP Handicapper ...) - TODO: check + NOT-FOR-US: Handicapper CVE-2006- [imagemagick's display(1) deletes arbitrary files] - imagemagick 6:6.2.4.5-0.7 (bug #352575; medium) - graphicsmagick not-affected (Vulnerable code not present) @@ -232,7 +232,7 @@ CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...) NOT-FOR-US: Lexmark printer CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...) - TODO: check + - oprofile unfixed (bug #352910; low) CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...) - fcron not-affected (Not included in Debian package) CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...) @@ -325,7 +325,7 @@ CVE-2006-0531 (Unspecified vulnerability in Sun Java System Access Manager 7.0 allows ...) NOT-FOR-US: Sun Java System Access Manager CVE-2003-1293 (Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb ...) - TODO: check + NOT-FOR-US: NukedWeb CVE-2006- [kphone creates world-readable config file with passwords] - kphone unfixed (bug #337830; low) CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...) @@ -421,29 +421,29 @@ - mozilla-firefox unfixed
[Secure-testing-commits] r3414 - data/CVE
Author: micah Date: 2006-02-03 19:16:49 + (Fri, 03 Feb 2006) New Revision: 3414 Modified: data/CVE/list Log: mydns DSA 963-1 Modified: data/CVE/list === --- data/CVE/list 2006-02-03 09:14:17 UTC (rev 3413) +++ data/CVE/list 2006-02-03 19:16:49 UTC (rev 3414) @@ -455,6 +455,8 @@ CVE-2006-0352 (The default configuration of Fluffington FLog 1.01 installs ...) NOT-FOR-US: Fluffington FLog CVE-2006-0351 (Unspecified quot;critical denial-of-service vulnerabilityquot; in MyDNS before ...) +{DSA-963-1} + [sarge] - mydns 1.0.0-4sarge1 - mydns 1.1.0+pre-3 (medium; bug #348826) CVE-2006-0350 (Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote ...) NOT-FOR-US: eggblog ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3415 - in data: CVE DSA
Author: micah Date: 2006-02-03 19:20:29 + (Fri, 03 Feb 2006) New Revision: 3415 Modified: data/CVE/list data/DSA/list Log: DSA 964-1 gnocatan (and pioneers in sid) Modified: data/CVE/list === --- data/CVE/list 2006-02-03 19:16:49 UTC (rev 3414) +++ data/CVE/list 2006-02-03 19:20:29 UTC (rev 3415) @@ -196,10 +196,11 @@ TODO: check CVE-2003-1291 (VMware ESX Server 1.5.2 before Patch 4 allows local users to execute ...) TODO: check -CVE-2006- [pioneers: Client and server can crash from huge chat buffer] +CVE-2006-0467 (Unspecified vulnerability in pioneers before 0.9.49 allows remote ...) + { DSA-964-1} + [woody] - gnocatan 0.6.1-5woody3 + [sarge] - gnocatan 0.8.1.59-1sarge1 - pioneers 0.9.49-1 (bug #350237; medium) -CVE-2006-0467 (Unspecified vulnerability in pioneers before 0.9.49 allows remote ...) - TODO: check CVE-2006-0466 (Cross-site scripting (XSS) vulnerability in search.asp in Goldstag ...) NOT-FOR-US: Goldstag Content Management System CVE-2006-0465 (Cross-site scripting (XSS) vulnerability in risultati_ricerca.php in ...) Modified: data/DSA/list === --- data/DSA/list 2006-02-03 19:16:49 UTC (rev 3414) +++ data/DSA/list 2006-02-03 19:20:29 UTC (rev 3415) @@ -1,3 +1,12 @@ +[03 Feb 2006] DSA-964-1 gnocatan - buffer overflow + { CVE-2006-0467 } + [woody] - gnocatan 0.6.1-5woody3 + [sarge] - gnocatan 0.8.1.59-1sarge1 + NOTE: Fixed in sid at time of DSA (package name change to pioneers) +[02 Feb 2006] DSA-963-1 mydns - missing input sanitising + { CVE-2006-0351 } + [sarge] - mydns 1.0.0-4sarge1 + NOTE: fixed in sid at time of DSA [01 Feb 2006] DSA-962-1 pdftohtml - buffer overflows {CVE-2005-3191 CVE-2005-3192 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628} [sarge] - pdftohtml 0.36-11sarge1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3417 - data/CVE
Author: micah Date: 2006-02-04 04:44:55 + (Sat, 04 Feb 2006) New Revision: 3417 Modified: data/CVE/list Log: Claim a block Modified: data/CVE/list === --- data/CVE/list 2006-02-03 21:14:31 UTC (rev 3416) +++ data/CVE/list 2006-02-04 04:44:55 UTC (rev 3417) @@ -1,3 +1,4 @@ +begin claim by micah CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...) TODO: check CVE-2006-0529 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...) @@ -52,6 +53,7 @@ TODO: check CVE-2006-0504 (Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 ...) TODO: check +end claimed by micah CVE-2006-0503 (IMAP service in MailEnable Professional Edition before 1.72 allows ...) TODO: check CVE-2006-0502 (PHP remote file inclusion vulnerability in loginout.php in FarsiNews ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3418 - data/CVE
Author: micah Date: 2006-02-04 05:35:17 + (Sat, 04 Feb 2006) New Revision: 3418 Modified: data/CVE/list Log: bunch of NFUs and 3 spip issues Modified: data/CVE/list === --- data/CVE/list 2006-02-04 04:44:55 UTC (rev 3417) +++ data/CVE/list 2006-02-04 05:35:17 UTC (rev 3418) @@ -1,34 +1,42 @@ begin claim by micah CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...) - TODO: check + NOT-FOR-US: CA Message Queuing + NOTE: CA Message Queuing is embeded in a lot of products, but they all seem + NOTE: to be commercial products (see list in referenced URL) CVE-2006-0529 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 ...) - TODO: check + NOT-FOR-US: CA Message Queuing + NOTE: CA Message Queuing is embeded in a lot of products, but they all seem + NOTE: to be commercial products (see list in referenced URL) CVE-2006-0528 (GNOME Evolution allows remote attackers to cause a denial of service ...) - TODO: check +- evolution 2.2.3-4 (low) +[sarge] - evolution not-affected (Vulnerability was apparantly introduced in 2.3.1) +[woody] - evolution not-affected (Vulnerability was apparantly introduced in 2.3.1) CVE-2006-0527 (Unspecified vulnerability in Berkeley Internet Name Domain (BIND) on ...) - TODO: check + NOTE: CVE says, due to the lack of relevant details from the vendor, it is not + NOTE: known whether this is a duplicate of an existing CVE or a brand-new issue that + NOTE: applies to BIND on other operating systems. CVE-2006-0526 (The default configuration of the America Online (AOL) client software ...) - TODO: check + NOT-FOR-US: AOL CVE-2006-0525 (Multiple unspecified Adobe products install a large number of .EXE and ...) - TODO: check + NOT-FOR-US: Windows issue CVE-2006-0524 (Cross-site scripting (XSS) vulnerability in ashnews.php in Derek ...) - TODO: check + NOT-FOR-US: Derek Ashauer ashnews CVE-2006-0523 (SQL injection vulnerability in global.php in MyBB before 1.03 allows ...) - TODO: check + NOT-FOR-US: MyBB CVE-2006-0522 (SQL injection vulnerability in the Authentication Servlet in Symantec ...) - TODO: check + NOT-FOR-US: Symantec Sygate Management Server CVE-2006-0521 (Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM ...) - TODO: check + NOT-FOR-US: Browser CRM CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module 1.3 ...) - TODO: check + NOT-FOR-US: Invision Power Board CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows ...) - TODO: check + - spip unfixed (medium; bug #351336) CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e ...) - TODO: check + - spip unfixed (medium; bug #351335) CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...) - TODO: check + - spip unfixed (medium; bug #351334) CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...) - TODO: check + NOT-FOR-US: Solaris CVE-2006-0515 RESERVED CVE-2006-0514 @@ -36,23 +44,23 @@ CVE-2006-0513 RESERVED CVE-2006-0512 (PADL MigrationTools 46 creates temporary files insecurely, which ...) - TODO: check + NOT-FOR-US: PADL MigrationTools CVE-2006-0511 (** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does not ...) - TODO: check + NOT-FOR-US: Blackboard Academic Suite CVE-2006-0510 (SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 ...) - TODO: check + NOT-FOR-US: Daffodil CVE-2006-0509 (Multiple cross-site scripting (XSS) vulnerabilities in clients.php in ...) - TODO: check + NOT-FOR-US: Cerberus Helpdesk CVE-2006-0508 (Easy CMS stores the images directory under the web document root with ...) - TODO: check +NOT-FOR-US: Easy CMS CVE-2006-0507 (Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow ...) - TODO: check + NOT-FOR-US: Easy CMS CVE-2006-0506 (Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN ...) - TODO: check + NOT-FOR-US: Nuked-klaN CVE-2006-0505 (zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to ...) - TODO: check + NOT-FOR-US: Zbattle CVE-2006-0504 (Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 ...) - TODO: check + NOT-FOR-US: MailEnable Enterprise Edition end claimed by micah CVE-2006-0503 (IMAP service in MailEnable Professional Edition before 1.72 allows ...) TODO: check ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org
[Secure-testing-commits] r3400 - in data: CVE DSA
Author: micah Date: 2006-01-31 21:53:34 + (Tue, 31 Jan 2006) New Revision: 3400 Modified: data/CVE/list data/DSA/list Log: DSA-960-2 Modified: data/CVE/list === --- data/CVE/list 2006-01-31 21:14:22 UTC (rev 3399) +++ data/CVE/list 2006-01-31 21:53:34 UTC (rev 3400) @@ -1215,7 +1215,7 @@ RESERVED CVE-2005-4536 [libmail-audit-perl: insecure /tmp handling] RESERVED - {DSA-960-1} + {DSA-960-1 DSA-960-2} - libmail-audit-perl 2.1-5.1 (bug #344029; medium) CVE-2005-4535 RESERVED Modified: data/DSA/list === --- data/DSA/list 2006-01-31 21:14:22 UTC (rev 3399) +++ data/DSA/list 2006-01-31 21:53:34 UTC (rev 3400) @@ -1,3 +1,7 @@ +[31 Jan 2006] DSA-960-2 libmail-audit-perl - insecure temporary file creation + {CVE-2005-4536} + [sarge] - libmail-audit-perl 2.1-5sarge2 + NOTE: This update only corrects the update for sarge, the version in woody is correct. [31 Jan 2006] DSA-960-1 libmail-audit-perl - insecure temporary file creation {CVE-2005-4536} [woody] - libmail-audit-perl 2.0-4woody1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3378 - data/CVE
Author: micah Date: 2006-01-27 01:16:59 + (Fri, 27 Jan 2006) New Revision: 3378 Modified: data/CVE/list Log: More sarge false positive checks, ekg affects gaim also Modified: data/CVE/list === --- data/CVE/list 2006-01-26 21:14:23 UTC (rev 3377) +++ data/CVE/list 2006-01-27 01:16:59 UTC (rev 3378) @@ -202,6 +202,7 @@ TODO: check CVE-2006-0332 (Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments ...) - ecartis unfixed (medium; bug #348824) + NOTE: Sarge and Woody are affected CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin ...) TODO: check CVE-2006-0330 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 ...) @@ -949,6 +950,7 @@ RESERVED CVE-2006-0055 (The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable ...) - ee unfixed (bug #348322) + NOTE: Sarge and Woody are affected CVE-2006-0054 (The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to ...) NOT-FOR-US: FreeBSD CVE-2005-4604 (Buffer overflow in MTink in the printer-filters-utils package allows ...) @@ -2352,6 +2354,7 @@ NOT-FOR-US: Multipke DuWare products CVE-2005-3975 (Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and ...) - drupal 4.5.6-1 (bug #348811; medium) + NOTE: Sarge is affected CVE-2005-3974 (Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on ...) - drupal 4.5.6-1 (low) [sarge] - drupal not-affected (Only vulnerable if running PHP 5) @@ -5378,8 +5381,10 @@ TODO: check xemacs21 CVE-2005- [egroupware unsafe use of /tmp for storing a log file] - egroupware 1.0.0.009.dfsg-3-1 (bug #329597; low) + NOTE: Sarge is affected (package doesn't exist in Woody) CVE-2005- [SQL injection vulnerability in egroupware in account deletion] - egroupware 1.0.0.009.dfsg-3-1 (bug #329597; low) + NOTE: Sarge is affected (package doesn't exist in Woody) CVE-2005- [Insecure pidfile handling in mailleds] - mailleds 0.93-11.1 (bug #329365; low) CVE-2005- [kdebase uses urandom as an entropy source] @@ -5999,6 +6004,7 @@ CVE-2005-2781 (The Avatar upload feature in FUD Forum before 2.7.0 does not properly ...) - phpgroupware 0.9.16.009-1 (bug #340094; medium) - egroupware 1.0.0.009.dfsg-3-4 (bug #340495; medium) + NOTE: Sarge and Woody are affected CVE-2005-2780 (Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) ...) NOT-FOR-US: Land Down Under CVE-2005-2779 (The iTAN Online-Banking Security System allows remote attackers to ...) @@ -7365,6 +7371,7 @@ {DSA-813-1 DTSA-2-1 DTSA-4-1} - ekg 1:1.5+20050718+1.6rc3-1 (low) - centericq 4.20.0-9 (bug #323185; medium) + NOTE: Sarge ekg is affected (doesn't exist in Woody, and DSA-813-1 takes care of centericq) CVE-2005-2447 REJECTED CVE-2005-2446 @@ -7567,10 +7574,15 @@ {DSA-813-1 DSA-769-1 DTSA-2-1 DTSA-5-1} - gaim 1:1.4.0-5 (low) - centericq 4.20.0-9 (bug #323185; low) + - ekg 1:1.5+20050712+1.6rc2-1 (low) + NOTE: ekg in Sarge is affected (Not in Woody, gaim and centericq had DSAs) CVE-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg before ...) {DSA-813-1 DTSA-2-1} - TODO: check gaim and others that embed libgadu in source tree + TODO: check gaim (similar to 2005-2370 and 2005-2448) - centericq 4.20.0-9 (bug #323185; medium) + - gaim 1:1.5.0-1 (medium) +- ekg 1:1.5+20050712+1.6rc2-1 (medium) + NOTE: Sarge ekg and gaim are affected (ekg not in Woody, centericq had a DSA) CVE-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows external ...) {DTSA-12-1} - vim 1:6.3-085+1 (bug #320017; medium) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3379 - data/CVE
Author: micah Date: 2006-01-27 03:18:30 + (Fri, 27 Jan 2006) New Revision: 3379 Modified: data/CVE/list Log: bugnum for gaim issue Modified: data/CVE/list === --- data/CVE/list 2006-01-27 01:16:59 UTC (rev 3378) +++ data/CVE/list 2006-01-27 03:18:30 UTC (rev 3379) @@ -7578,9 +7578,8 @@ NOTE: ekg in Sarge is affected (Not in Woody, gaim and centericq had DSAs) CVE-2005-2369 (Multiple integer signedness errors in libgadu, as used in ekg before ...) {DSA-813-1 DTSA-2-1} - TODO: check gaim (similar to 2005-2370 and 2005-2448) - centericq 4.20.0-9 (bug #323185; medium) - - gaim 1:1.5.0-1 (medium) + - gaim 1:1.5.0-1 (bug #350071; medium) - ekg 1:1.5+20050712+1.6rc2-1 (medium) NOTE: Sarge ekg and gaim are affected (ekg not in Woody, centericq had a DSA) CVE-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows external ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3380 - data/CVE
Author: micah Date: 2006-01-27 03:36:21 + (Fri, 27 Jan 2006) New Revision: 3380 Modified: data/CVE/list Log: Woody not affected by libgadu gaim problem Modified: data/CVE/list === --- data/CVE/list 2006-01-27 03:18:30 UTC (rev 3379) +++ data/CVE/list 2006-01-27 03:36:21 UTC (rev 3380) @@ -7580,6 +7580,7 @@ {DSA-813-1 DTSA-2-1} - centericq 4.20.0-9 (bug #323185; medium) - gaim 1:1.5.0-1 (bug #350071; medium) +[woody] - gaim not-affected (affected code libgadu not present in woody) - ekg 1:1.5+20050712+1.6rc2-1 (medium) NOTE: Sarge ekg and gaim are affected (ekg not in Woody, centericq had a DSA) CVE-2005-2368 (vim 6.3 before 6.3.082, with modelines enabled, allows external ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3352 - data/CVE
Author: micah Date: 2006-01-23 20:16:49 + (Mon, 23 Jan 2006) New Revision: 3352 Modified: data/CVE/list Log: Updates for 2.6.15-3 Modified: data/CVE/list === --- data/CVE/list 2006-01-23 16:36:25 UTC (rev 3351) +++ data/CVE/list 2006-01-23 20:16:49 UTC (rev 3352) @@ -1044,16 +1044,16 @@ RESERVED CVE-2006-0037 [another netfilter ip_nat_helper_pptp dos] RESERVED - - linux-2.6 unfixed + - linux-2.6 2.6.15-3 [sarge] - kernel-source-2.6.8 not-affected (Vulnerable code not present) [sarge] - kernel-source-2.4.27 not-affected (Vulnerable code not present) CVE-2006-0036 [netfilter ip_nat_helper_pptp dos] RESERVED - - linux-2.6 unfixed + - linux-2.6 2.6.15-3 [sarge] - kernel-source-2.6.8 not-affected (Vulnerable code not present) [sarge] - kernel-source-2.4.27 not-affected (Vulnerable code not present) CVE-2006-0035 (The netlink_rcv_skb function in af_netlink.c in Linux kernel 2.6.15 ...) - - linux-2.6 unfixed + - linux-2.6 2.6.15-3 CVE-2006-0019 [kjs heap overflow] RESERVED {DSA-948-1} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3319 - data/CVE
Author: micah Date: 2006-01-19 02:53:50 + (Thu, 19 Jan 2006) New Revision: 3319 Modified: data/CVE/list Log: Bug num for drupal vulns in sarge Sarge false positive checks up through 'd' One false positive found Modified: data/CVE/list === --- data/CVE/list 2006-01-18 17:25:08 UTC (rev 3318) +++ data/CVE/list 2006-01-19 02:53:50 UTC (rev 3319) @@ -1901,12 +1901,13 @@ CVE-2005-3976 (SQL injection vulnerability in type.asp, as used in multiple DUware ...) NOT-FOR-US: Multipke DuWare products CVE-2005-3975 (Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and ...) - - drupal 4.5.6-1 (medium) + - drupal 4.5.6-1 (bug #348811; medium) CVE-2005-3974 (Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on ...) - drupal 4.5.6-1 (low) [sarge] - drupal not-affected (Only vulnerable if running PHP 5) CVE-2005-3973 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 ...) - - drupal 4.5.6-1 (medium) + - drupal 4.5.6-1 (bug #348811; medium) + NOTE: Sarge is affected CVE-2005-3972 (Cross-site scripting (XSS) vulnerability in extremesearch.php in ...) NOT-FOR-US: Extreme Search Corporate Edition CVE-2005-3971 (Cross-site scripting (XSS) vulnerability in the login form in Citrix ...) @@ -2792,6 +2793,7 @@ NOT-FOR-US: Dynix WebPac CVE-2004-2541 (Buffer overflow in Cscope 15.5, and possibly multiple overflows, ...) - cscope unfixed (bug #340177; medium) + NOTE: Sarge and Woody are affected CVE-2005- [unsafe file permissions in vpnc] - vpnc unfixed (bug #340105; medium) CVE-2005- [Insecure tempfiles in libjpeg] @@ -4735,6 +4737,7 @@ - hdup unfixed (bug #302790; low) CVE-2001- [crypt++ passes passwords through the command line] - crypt++el unfixed (bug #105562; low) + NOTE: Sarge and Woody are affected CVE-2004- [Two vulnerabilities in sredird] - sredird 2.2.1-1.1 (bug #267098) CVE-2003- [fuzz: Insecure temp file usage] @@ -4880,6 +4883,7 @@ CVE-2005- [Multiple security issues when using distcc without ssh auth] - distcc 2.18.3-3 (bug #298929; low) NOTE: Only affects distcc in a very non-standard setup + NOTE: Sarge affected CVE-2004- [phpwiki shares a cookie for all wikis on a host] - phpwiki unfixed (bug #282565; medium) CVE-2005- [Possibly incorrect virtualisation in php4] @@ -5884,6 +5888,8 @@ - egroupware not-affected (copy included is older and not vulnerable; bug #339583) CVE-2005- [cplay - still unsafe temporary file handling vulnerable to symlink attacks] - cplay 1.49-8 (bug #324913; low) + [woody] - cplay not-affected (CPLAY_TMP doesn't exist in this version) + NOTE: Sarge is affected CVE-2005- [$servers[$i]['disable_anon_bind'] = true doesn't prevent anonymous to access ldap directory] - phpldapadmin 0.9.6c-5 (bug #322423; low) CVE-2005-2672 (pwmconfig in LM_sensors before 2.9.1 creates temporary files ...) @@ -8398,6 +8404,7 @@ NOTE: oldstable (woody) had zlib 1.1, which is not affected [woody] - dpkg not-affected (Woody contains zlib 1.1, which is not affected) - dpkg 1.13.11 (bug #317967; medium) + NOTE: Sarge is affected - zsync 0.4.0-2 (bug #317968; medium) [woody] - dump not-affected (Woody contains zlib 1.1, which is not affected) - dump 0.4b40-1 (bug #317966; medium) @@ -8932,6 +8939,7 @@ NOT-FOR-US: Drupal CVE-2002-1805 (Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote ...) - dacode unfixed (bug #322605; low) + NOTE: Sarge is affected (has same version as testing/unstable) CVE-2002-1804 (Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote ...) NOT-FOR-US: NPDS CVE-2002-1803 (Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3315 - data/CVE
Author: micah Date: 2006-01-18 04:43:21 + (Wed, 18 Jan 2006) New Revision: 3315 Modified: data/CVE/list Log: Some NFUs and false positive checks Modified: data/CVE/list === --- data/CVE/list 2006-01-17 23:06:44 UTC (rev 3314) +++ data/CVE/list 2006-01-18 04:43:21 UTC (rev 3315) @@ -97,15 +97,15 @@ CVE-2005-4652 (SQL injection vulnerability in PHlyMail 3.02.01 allows remote ...) TODO: check CVE-2005-4651 (SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 ...) - TODO: check + NOT-FOR-US: AlstraSoft EPay Pro CVE-2005-4650 (Joomla! 1.03 does not restrict the number of quot;Searchquot; Mambots, which ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2005-4649 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced ...) - TODO: check + NOT-FOR-US: Advanced Guestbook CVE-2005-4648 (Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and ...) - TODO: check + NOT-FOR-US: Illustrate dBpowerAMP Music Converter CVE-2003-1290 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI ...) - TODO: check + NOT-FOR-US: BEA WebLogic Server CVE-2006- [knowledgetree information disclosure] - knowledgetree unfixed (bug #348306; medium) CVE-2006- [php5 response splitting] @@ -12613,7 +12613,8 @@ - netapplet not-affected (Not vulerable, see bug #310833) CVE-2005-1039 (Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, ...) - coreutils unfixed (bug #304556; low) - NOTE: Setting up a sarge/oldstable chroot to see if this affects -- micah + [woody] - fileutils unfixed (bug #304556; low) + NOTE: Sarge is affected CVE-2005-1038 (crontab in Vixie cron 4.1, when running with the -e option, allows ...) NOTE: long fixed in Debian's cron CVE-2005-1037 (Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3296 - data/CVE
Author: micah Date: 2006-01-14 17:00:45 + (Sat, 14 Jan 2006) New Revision: 3296 Modified: data/CVE/list Log: Certify some more packages as affected in Sarge Modified: data/CVE/list === --- data/CVE/list 2006-01-14 11:55:13 UTC (rev 3295) +++ data/CVE/list 2006-01-14 17:00:45 UTC (rev 3296) @@ -137,6 +137,7 @@ NOT-FOR-US: PD9 Software MegaBBS CVE-2006-0162 (Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus ...) - clamav 0.88-1 + NOTE: Sarge is affected CVE-2006-0138 (aMSN (aka Alvaro's Messenger) allows remote attackers to cause a ...) NOT-FOR-US: Alvaro's Messenger CVE-2006-0137 (SQL injection vulnerability in linkcategory.php in Phanatic Softwares ...) @@ -2924,6 +2925,7 @@ NOT-FOR-US: Advanced Guestbook CVE-2005-3587 (Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before ...) - clamav 0.87.1-1 (medium) + NOTE: sarge is affected (not in oldstable) CVE-2005-3586 (content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to ...) NOT-FOR-US: Mambo CVE-2005-3585 (SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows ...) @@ -4218,6 +4220,7 @@ CVE-2005-3229 (Multiple interpretation error in unspecified versions of ClamAV ...) - clamav unfixed (low) NOTE: This was already forwarded to sgran; zobel any news yet? + NOTE: Sarge affected (not in oldstable) CVE-2005-3228 (Multiple interpretation error in unspecified versions of Ikarus ...) NOT-FOR-US: Ikarus Antivirus CVE-2005-3227 (Multiple interpretation error in unspecified versions of UNA Antivirus ...) @@ -6372,6 +6375,7 @@ - gallery 1.3.3 CVE-2005- [DoS against clamav through infinite loop in cli_rmdirs] - clamav 0.86.2-1 (low) + NOTE: suspect this also affects Sarge, not enough info to know what this is CVE-2005-2554 (The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 ...) NOT-FOR-US: Network Associated ePolicy Orchestrator Agent CVE-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 2.4.x ...) @@ -6719,9 +6723,11 @@ - fftw3 3.0.1-12 (low; bug #321566) CVE-2005- [clamav-getfile: Insecure use of temporary files] - clamav-getfiles 0.5-1 (bug #321446; medium) + NOTE: Sarge is affected CVE-2005-3254 (The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect ...) {DTSA-6-1} - cgiwrap 3.9-3.1 (bug #316881; low) + NOTE: Sarge and Woody affected CVE-2005-3255 (The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian ...) {DTSA-6-1} - cgiwrap 3.9-3.1 (bug #316901; low) @@ -10342,6 +10348,7 @@ NOT-FOR-US: HTTP Commander CVE-2005- [clamav: DoS through multiple empty Content-Disposition header lines] - clamav 0.85.1-1 (low) + NOTE: Suspect Sarge is affected, not enough information to certify CVE-2005- [libxpm4: new s_popen() function is insecure garbage] - xfree86 4.3.0.dfsg.1-14 (bug #308783) - xorg-x11 not-affected (Xfree-specific, inspected the Subversion tree) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3282 - in data: CVE DSA
Author: micah Date: 2006-01-12 15:44:24 + (Thu, 12 Jan 2006) New Revision: 3282 Modified: data/CVE/list data/DSA/list Log: DSA-938-1 (koffice) Modified: data/CVE/list === --- data/CVE/list 2006-01-12 13:46:57 UTC (rev 3281) +++ data/CVE/list 2006-01-12 15:44:24 UTC (rev 3282) @@ -2806,34 +2806,34 @@ RESERVED CVE-2005-3628 [further xpdf overflow check] RESERVED - {DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1} - kdegraphics 3.5.0-3 - xpdf 3.01-4 - koffice 1:1.4.2-6 (bug #342294) - libextractor 0.5.9-1 CVE-2005-3627 (Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, ...) - {DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1} - poppler 0.4.3-2 - kdegraphics 3.5.0-3 - xpdf 3.01-4 - koffice 1:1.4.2-6 (bug #342294) - libextractor 0.5.9-1 CVE-2005-3626 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...) - {DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1} - poppler 0.4.3-2 - kdegraphics 3.5.0-3 - xpdf 3.01-4 - koffice 1:1.4.2-6 (bug #342294) - libextractor 0.5.9-1 CVE-2005-3625 (Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, ...) - {DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1} - poppler 0.4.3-2 - kdegraphics 3.5.0-3 - xpdf 3.01-4 - koffice 1:1.4.2-6 (bug #342294) - libextractor 0.5.9-1 CVE-2005-3624 (The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, ...) - {DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1} - poppler 0.4.3-2 - kdegraphics 3.5.0-3 - xpdf 3.01-4 @@ -4273,7 +4273,7 @@ CVE-2005-3194 (Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), ...) NOT-FOR-US: ALZip CVE-2005-3193 (Heap-based buffer overflow in the JPXStream::readCodestream function ...) - {DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1} - xpdf 3.01-3 (bug #342281; bug #342337; medium) - gpdf 2.10.0-1 (bug #342286; medium) - pdftohtml not-affected (Vulnerable xpdf code not contained) @@ -4298,7 +4298,7 @@ - libextractor 0.5.8-1 (medium) - cupsys 1.1.23-13 (unimportant) CVE-2005-3191 (Multiple heap-based buffer overflows in the (1) ...) - {DSA-936-1 DSA-932-1 DSA-931-1} + {DSA-936-1 DSA-932-1 DSA-931-1 DSA-938-1} - xpdf 3.01-3 (bug #342281; bug #342337; medium) - gpdf 2.10.0-1 (bug #342286; medium) - pdftohtml unfixed (bug #342289; medium) Modified: data/DSA/list === --- data/DSA/list 2006-01-12 13:46:57 UTC (rev 3281) +++ data/DSA/list 2006-01-12 15:44:24 UTC (rev 3282) @@ -1,3 +1,7 @@ +[12 Jan 2006] DSA-938-1 koffice - buffer overflows + {CVE-2005-3191 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628} + [sarge] - koffice 1.3.5-4.sarge.2 + NOTE: Not fixed in testing at time of DSA (too new) [12 Jan 2006] DSA-937-1 tetex-bin - buffer overflows {CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628} [sarge] - tetex-bin 2.0.2-30sarge4 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r3283 - in data: CVE DSA
Author: micah Date: 2006-01-12 18:59:23 + (Thu, 12 Jan 2006) New Revision: 3283 Modified: data/CVE/list data/DSA/list Log: DSA-935-1 and DSA-930-2 Modified: data/CVE/list === --- data/CVE/list 2006-01-12 15:44:24 UTC (rev 3282) +++ data/CVE/list 2006-01-12 18:59:23 UTC (rev 3283) @@ -283,7 +283,9 @@ - linux-2.6 unfixed NOTE: Added patch tracker template CVE-2006-0083 (Format string vulnerability in the logging code of SMS Server Tools ...) - {DSA-930-1} + {DSA-930-2} + [woody] - smstools 1.5.0-2woody0 + [sarge] - smstools 1.14.8-1sarge0 - smstools unfixed (bug #347221; medium) CVE-2006-0106 (gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, ...) {CVE-2005-4560} @@ -2745,6 +2747,8 @@ CVE-2005-3657 (The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security ...) NOT-FOR-US: McAfee CVE-2005-3656 (Multiple format string vulnerabilities in logging functions in ...) + {DSA-935-1} + [sarge] - libapache2-mod-auth-pgsql 2.0.2b1-5sarge0 - libapache2-mod-auth-pgsql 2.0.2b1-7 - libapache-mod-auth-pgsql not-affected (Does not contain the vulnerable ap_log_rerror() function) CVE-2005-3655 Modified: data/DSA/list === --- data/DSA/list 2006-01-12 15:44:24 UTC (rev 3282) +++ data/DSA/list 2006-01-12 18:59:23 UTC (rev 3283) @@ -11,6 +11,10 @@ {CVE-2005-2097 CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628} [sarge] - libextractor 0.4.2-2sarge2 NOTE: Fixed in testing at time of DSA +[10 Jan 2006] DSA-935-1 libapache2-mod-auth-pgsql - format string vulnerability + {CVE-2005-3656} + [sarge] - libapache2-mod-auth-pgsql 2.0.2b1-5sarge0 + NOTE: Not fixed in sid at the time of DSA [09 Jan 2006] DSA-934-1 pound - remote {CVE-2005-1391 CVE-2005-3751} [sarge] - pound 1.8.2-1sarge1 @@ -27,6 +31,11 @@ {CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628} [woody] - xpdf 1.00-3.8 [sarge] - xpdf 3.00-13.4 +[10 Jan 2006] DSA-930-2 smstools - format string attack + {CVE-2006-0083} + [woody] smstools - 1.5.0-2woody0 + [sarge] smstools - 1.14.8-1sarge0 + NOTE: not fixed in sid at time of DSA [09 Jan 2006] DSA-930-1 smstools - format string error {CVE-2006-0083} [sarge] - smstools 1.14.8-1sarge0 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits