kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/ports-mgmt/portaudit-db/database/portaudit.xml
Simon L. B. Nielsen ad0cd568d7 Remove entry 2de14f7a-dad9-11d8-b59a-00061bc2ad93 (Multiple 
Potential Buffer Overruns in Samba) which is duplicated from
vuln.xml.  I don't know why this entry is duplicated here, but I
suspect it's related to portaudit.txt.

By removing the entry from here, the entry in vuln.xml should
just be used instead.

PR:		ports/129240
Reported by:	Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2008-11-30 21:54:20 +00:00

1062 lines
37 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (c) 2004 Oliver Eikemeier
Redistribution and use in source (XML) and 'compiled' forms (SGML,
HTML, PDF, PostScript, RTF and so forth) with or without modification,
are permitted provided that the following conditions are met:
- Redistributions of source code (XML) must retain the above copyright
notice, this list of conditions and the following disclaimer as
the first lines of this file unmodified.
- Redistributions in compiled form (transformed to other DTDs,
converted to PDF, PostScript, RTF and other formats) must reproduce
the above copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other materials
provided with the distribution.
THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
$FreeBSD$
-->
<!DOCTYPE vuxml PUBLIC "-//vuxml.org//DTD VuXML 1.1//EN" "http://www.vuxml.org/dtd/vuxml-1/vuxml-11.dtd">
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="42e330ab-82a4-11d8-868e-000347dd607f">
<topic>MPlayer remotely exploitable buffer overflow in the ASX parser</topic>
<affects>
<package>
<name>mplayer{,-gtk}{,-esound}</name>
<range><lt>0.92</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A remotely exploitable buffer overflow vulnerability was found in
MPlayer. A malicious host can craft a harmful ASX header,
and trick MPlayer into executing arbitrary code upon parsing that header.</p>
</body>
</description>
<references>
<url>http://www.mplayerhq.hu/</url>
<url>http://www.securityfocus.com/archive/1/339330</url>
<url>http://www.securityfocus.com/archive/1/339193</url>
<cvename>CAN-2003-0835</cvename>
<bid>8702</bid>
</references>
<dates>
<discovery>2003-09-24</discovery>
<entry>2004-03-30</entry>
</dates>
</vuln>
<vuln vid="d8c46d74-8288-11d8-868e-000347dd607f">
<topic>MPlayer remotely exploitable buffer overflow in the HTTP parser</topic>
<affects>
<package>
<name>mplayer{,-gtk}{,-esound}</name>
<range><lt>0.92.1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A remotely exploitable buffer overflow vulnerability was found in
MPlayer. A malicious host can craft a harmful HTTP header (&quot;Location:&quot;),
and trick MPlayer into executing arbitrary code upon parsing that header.</p>
</body>
</description>
<references>
<url>http://www.mplayerhq.hu/</url>
<url>http://www.securityfocus.com/archive/1/359029</url>
<url>http://www.securityfocus.com/archive/1/359025</url>
<cvename>CAN-2004-0386</cvename>
</references>
<dates>
<discovery>2004-03-29</discovery>
<entry>2004-03-30</entry>
</dates>
</vuln>
<vuln vid="1ed556e6-734f-11d8-868e-000347dd607f">
<cancelled superseded="1a448eb7-6988-11d8-873f-0020ed76ef5a"/>
</vuln>
<vuln vid="4aec9d58-ce7b-11d8-858d-000d610a3b12">
<cancelled superseded="c63936c1-caed-11d8-8898-000d6111a684"/>
</vuln>
<vuln vid="c63936c1-caed-11d8-8898-000d6111a684">
<topic>SSLtelnet remote format string vulnerability</topic>
<affects>
<package>
<name>SSLtelnet</name>
<range><le>0.13_1</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>SSLtelnet contains a format string vulnerability
that could allow remote code execution.</p>
</body>
</description>
<references>
<mlist msgid="FB24803D1DF2A34FA59FC157B77C970502D684B7@idserv04.idef.com">http://lists.freebsd.org/pipermail/freebsd-ports/2004-June/013878.html</mlist>
<url>http://www.idefense.com/application/poi/display?id=114&amp;type=vulnerabilities&amp;flashstatus=false</url>
<cvename>CAN-2004-0640</cvename>
<url>http://www.osvdb.org/7594</url>
<url>http://secunia.com/advisories/12032</url>
</references>
<dates>
<discovery>2003-04-03</discovery>
<entry>2004-06-30</entry>
</dates>
</vuln>
<vuln vid="7eded4b8-e6fe-11d8-b12f-0a001f31891a">
<cancelled superseded="2de14f7a-dad9-11d8-b59a-00061bc2ad93"/>
</vuln>
<vuln vid="f72ccf7c-e607-11d8-9b0a-000347a4fa7d">
<cancelled superseded="6f955451-ba54-11d8-b88c-000d610a3b12"/>
</vuln>
<vuln vid="9fb5bb32-d6fa-11d8-b479-02e0185c0b53">
<cancelled superseded="40800696-c3b0-11d8-864c-02e0185c0b53"/>
</vuln>
<vuln vid="78348ea2-ec91-11d8-b913-000c41e2cdad">
<cancelled superseded="ab166a60-e60a-11d8-9b0a-000347a4fa7d"/>
</vuln>
<vuln vid="ab166a60-e60a-11d8-9b0a-000347a4fa7d">
<topic>Acrobat Reader handling of malformed uuencoded pdf files</topic>
<affects>
<package>
<name>acroread</name>
<range><lt>5.09</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Remote exploitation of an input validation error in the uudecoding
feature of Adobe Acrobat Reader (Unix) 5.0 allows an attacker to execute
arbitrary code.</p>
</body>
</description>
<references>
<url>http://www.osvdb.org/7429</url>
<url>http://freshmeat.net/releases/164883</url>
<cvename>CAN-2004-0630</cvename>
<cvename>CAN-2004-0631</cvename>
<url>http://secunia.com/advisories/12285</url>
<url>http://xforce.iss.net/xforce/xfdb/16972</url>
<url>http://xforce.iss.net/xforce/xfdb/16973</url>
<url>http://www.idefense.com/application/poi/display?id=124&amp;type=vulnerabilities&amp;flashstatus=false</url>
<url>http://www.idefense.com/application/poi/display?id=125&amp;type=vulnerabilities&amp;flashstatus=false</url>
<url>http://www.osvdb.org/8654</url>
<url>http://www.osvdb.org/8655</url>
<bid>10931</bid>
<bid>10932</bid>
</references>
<dates>
<discovery>2004-03-30</discovery>
<entry>2004-08-04</entry>
</dates>
</vuln>
<vuln vid="603fe36d-ec9d-11d8-b913-000c41e2cdad">
<cancelled superseded="a4bd1cd3-eb25-11d8-978e-00e018f69096"/>
</vuln>
<vuln vid="cd95b452-eca6-11d8-afa6-ed04757064bb">
<cancelled superseded="a4bd1cd3-eb25-11d8-978e-00e018f69096"/>
</vuln>
<vuln vid="a4bd1cd3-eb25-11d8-978e-00e018f69096">
<topic>KDElibs temporary directory vulnerability</topic>
<affects>
<package>
<name>kdelibs</name>
<range><lt>3.2.3_5</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>In some cases the
integrity of symlinks used by KDE are not ensured and that
these symlinks can be pointing to stale locations. This can
be abused by a local attacker to create or truncate arbitrary
files or to prevent KDE applications from functioning
correctly (Denial of Service).</p>
</body>
</description>
<references>
<url>http://www.kde.org/info/security/advisory-20040811-1.txt</url>
<cvename>CAN-2004-0689</cvename>
<url>http://www.osvdb.org/8589</url>
<url>http://secunia.com/advisories/12276</url>
</references>
<dates>
<discovery>2004-06-23</discovery>
<entry>2004-08-12</entry>
<modified>2004-08-13</modified>
</dates>
</vuln>
<vuln vid="608ceab8-eca3-11d8-afa6-ed04757064bb">
<topic>DCOPServer Temporary Filename Vulnerability</topic>
<affects>
<package>
<name>kdelibs</name>
<range><lt>3.2.3_4</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>KDE's DCOPServer creates
temporary files in an insecure manner. Since the temporary
files are used for authentication related purposes this can
potentially allow a local attacker to compromise the account of
any user which runs a KDE application.</p>
</body>
</description>
<references>
<url>http://www.kde.org/info/security/advisory-20040811-2.txt</url>
<cvename>CAN-2004-0690</cvename>
<url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386</url>
<url>http://www.osvdb.org/8590</url>
<url>http://secunia.com/advisories/12276</url>
</references>
<dates>
<discovery>2004-07-25</discovery>
<entry>2004-08-12</entry>
<modified>2004-08-13</modified>
</dates>
</vuln>
<vuln vid="641859e8-eca1-11d8-b913-000c41e2cdad">
<cancelled superseded="2e395baa-eb26-11d8-978e-00e018f69096"/>
</vuln>
<vuln vid="2e395baa-eb26-11d8-978e-00e018f69096">
<topic>Konqueror frame injection vulnerability</topic>
<affects>
<package>
<name>kdebase</name>
<range><lt>3.2.3_1</lt></range>
</package>
<package>
<name>kdelibs</name>
<range><lt>3.2.3_3</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The Konqueror webbrowser allows websites to load webpages into
a frame of any other frame-based webpage that the user may have open.</p>
</body>
</description>
<references>
<url>http://www.kde.org/info/security/advisory-20040811-3.txt</url>
<cvename>CAN-2004-0721</cvename>
<url>http://secunia.com/advisories/11978</url>
<url>http://www.heise.de/newsticker/meldung/48793</url>
<url>http://bugs.kde.org/show_bug.cgi?id=84352</url>
</references>
<dates>
<discovery>2004-07-01</discovery>
<entry>2004-08-11</entry>
<modified>2004-08-13</modified>
</dates>
</vuln>
<vuln vid="7a9d5dfe-c507-11d8-8898-000d6111a684">
<topic>isc-dhcp3-server buffer overflow in logging mechanism</topic>
<affects>
<package>
<name>isc-dhcp3-{relay,server}</name>
<range><ge>3.0.1.r12</ge><lt>3.0.1.r14</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A buffer overflow exists in the logging functionality
of the DHCP daemon which could lead to Denial of Service
attacks and has the potential to allow attackers to
execute arbitrary code.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0460</cvename>
<url>http://www.osvdb.org/7237</url>
<uscertta>TA04-174A</uscertta>
<certvu>317350</certvu>
<mlist msgid="BAY13-F94UHMuEEkHMz0005c4f7@hotmail.com">http://www.securityfocus.com/archive/1/366801</mlist>
<mlist msgid="40DFAB69.1060909@sympatico.ca">http://www.securityfocus.com/archive/1/367286</mlist>
</references>
<dates>
<discovery>2004-06-22</discovery>
<entry>2004-06-25</entry>
<modified>2004-06-28</modified>
</dates>
</vuln>
<vuln vid="3a408f6f-9c52-11d8-9366-0020ed76ef5a">
<topic>libpng denial-of-service</topic>
<affects>
<package>
<name>linux-png</name>
<range><le>1.0.14_3</le></range>
<range><ge>1.2.*</ge><le>1.2.2</le></range>
</package>
<package>
<name>png</name>
<range><lt>1.2.5_4</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Steve Grubb reports a buffer read overrun in
libpng's png_format_buffer function. A specially
constructed PNG image processed by an application using
libpng may trigger the buffer read overrun and possibly
result in an application crash.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0421</cvename>
<url>http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120508</url>
<url>http://rhn.redhat.com/errata/RHSA-2004-181.html</url>
<url>http://secunia.com/advisories/11505</url>
<url>http://www.osvdb.org/5726</url>
<bid>10244</bid>
<url>http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7</url>
</references>
<dates>
<discovery>2004-04-29</discovery>
<entry>2004-05-02</entry>
<modified>2004-08-10</modified>
</dates>
</vuln>
<vuln vid="e5e2883d-ceb9-11d8-8898-000d6111a684">
<topic>MySQL authentication bypass / buffer overflow</topic>
<affects>
<package>
<name>mysql-server</name>
<range><ge>4.1.*</ge><lt>4.1.3</lt></range>
<range><ge>5.*</ge><le>5.0.0_2</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>By submitting a carefully crafted authentication packet, it is possible
for an attacker to bypass password authentication in MySQL 4.1. Using a
similar method, a stack buffer used in the authentication mechanism can
be overflowed.</p>
</body>
</description>
<references>
<url>http://www.nextgenss.com/advisories/mysql-authbypass.txt</url>
<url>http://dev.mysql.com/doc/mysql/en/News-4.1.3.html</url>
<url>http://secunia.com/advisories/12020</url>
<url>http://www.osvdb.org/7475</url>
<url>http://www.osvdb.org/7476</url>
<mlist msgid="Pine.LNX.4.44.0407080940550.9602-200000@pineapple.shacknet.nu">http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0003.html</mlist>
<cvename>CAN-2004-0627</cvename>
<cvename>CAN-2004-0628</cvename>
<certvu>184030</certvu>
<certvu>645326</certvu>
</references>
<dates>
<discovery>2004-07-01</discovery>
<entry>2004-07-05</entry>
</dates>
</vuln>
<vuln vid="74d06b67-d2cf-11d8-b479-02e0185c0b53">
<topic>multiple vulnerabilities in ethereal</topic>
<affects>
<package>
<name>ethereal{,-lite}</name>
<name>tethereal{,-lite}</name>
<range><lt>0.10.4</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Issues have been discovered in multiple protocol dissectors.</p>
</body>
</description>
<references>
<url>http://www.ethereal.com/appnotes/enpa-sa-00014.html</url>
<cvename>CAN-2004-0504</cvename>
<cvename>CAN-2004-0505</cvename>
<cvename>CAN-2004-0506</cvename>
<cvename>CAN-2004-0507</cvename>
<url>http://secunia.com/advisories/11608</url>
<bid>10347</bid>
<url>http://www.osvdb.org/6131</url>
<url>http://www.osvdb.org/6132</url>
<url>http://www.osvdb.org/6133</url>
<url>http://www.osvdb.org/6134</url>
</references>
<dates>
<discovery>2004-05-13</discovery>
<entry>2004-07-11</entry>
</dates>
</vuln>
<vuln vid="265c8b00-d2d0-11d8-b479-02e0185c0b53">
<topic>multiple vulnerabilities in ethereal</topic>
<affects>
<package>
<name>ethereal{,-lite}</name>
<name>tethereal{,-lite}</name>
<range><lt>0.10.5</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Issues have been discovered in multiple protocol dissectors.</p>
</body>
</description>
<references>
<url>http://www.ethereal.com/appnotes/enpa-sa-00015.html</url>
<cvename>CAN-2004-0633</cvename>
<cvename>CAN-2004-0634</cvename>
<cvename>CAN-2004-0635</cvename>
<url>http://secunia.com/advisories/12024</url>
<bid>10672</bid>
<url>http://www.osvdb.org/7536</url>
<url>http://www.osvdb.org/7537</url>
<url>http://www.osvdb.org/7538</url>
</references>
<dates>
<discovery>2004-07-06</discovery>
<entry>2004-07-11</entry>
</dates>
</vuln>
<vuln vid="4764cfd6-d630-11d8-b479-02e0185c0b53">
<topic>PHP memory_limit and strip_tags() vulnerabilities</topic>
<affects>
<package>
<name>php4</name>
<name>php4-{cgi,cli,dtc,horde,nms}</name>
<name>mod_php4-twig</name>
<range><lt>4.3.8</lt></range>
</package>
<package>
<name>mod_php4</name>
<range><lt>4.3.8,1</lt></range>
</package>
<package>
<name>php5</name>
<name>php5-{cgi,cli}</name>
<range><lt>5.0.0</lt></range>
</package>
<package>
<name>mod_php5</name>
<range><lt>5.0.0,1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Stefan Esser has reported two vulnerabilities in PHP, which can
be exploited by malicious people to bypass security functionality
or compromise a vulnerable system. An error within PHP's memory_limit
request termination allows remote code execution on PHP servers
with activated memory_limit. A binary safety problem within PHP's
strip_tags() function may allow injection of arbitrary tags in
Internet Explorer and Safari browsers.</p>
</body>
</description>
<references>
<url>http://www.php.net/ChangeLog-4.php</url>
<url>http://www.php.net/ChangeLog-5.php</url>
<url>http://security.e-matters.de/advisories/112004.html</url>
<url>http://security.e-matters.de/advisories/122004.html</url>
<url>http://secunia.com/advisories/12064</url>
<url>http://www.osvdb.org/7870</url>
<url>http://www.osvdb.org/7871</url>
<cvename>CAN-2004-0594</cvename>
<cvename>CAN-2004-0595</cvename>
</references>
<dates>
<discovery>2007-07-07</discovery>
<entry>2004-07-15</entry>
</dates>
</vuln>
<vuln vid="730db824-e216-11d8-9b0a-000347a4fa7d">
<topic>Mozilla / Firefox user interface spoofing vulnerability</topic>
<affects>
<package>
<name>firefox</name>
<range><le>0.9.1_1</le></range>
</package>
<package>
<name>linux-mozilla</name>
<range><le>1.7.1</le></range>
</package>
<package>
<name>linux-mozilla-devel</name>
<range><le>1.7.1</le></range>
</package>
<package>
<name>mozilla</name>
<range><le>1.7.1,2</le></range>
<range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range>
</package>
<package>
<name>mozilla-gtk1</name>
<range><le>1.7.1_1</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>A vulnerability has been reported in Mozilla and Firefox,
allowing malicious websites to spoof the user interface.</p>
</body>
</description>
<references>
<url>http://bugzilla.mozilla.org/show_bug.cgi?id=252198</url>
<url>http://www.nd.edu/~jsmith30/xul/test/spoof.html</url>
<url>http://secunia.com/advisories/12188</url>
<bid>10832</bid>
<cvename>CAN-2004-0764</cvename>
</references>
<dates>
<discovery>2004-07-19</discovery>
<entry>2004-07-30</entry>
</dates>
</vuln>
<vuln vid="f9e3e60b-e650-11d8-9b0a-000347a4fa7d">
<topic>libpng stack-based buffer overflow and other code concerns</topic>
<affects>
<package>
<name>png</name>
<range><le>1.2.5_7</le></range>
</package>
<package>
<name>linux-png</name>
<range><le>1.0.14_3</le></range>
<range><ge>1.2.*</ge><le>1.2.2</le></range>
</package>
<package>
<name>firefox</name>
<range><lt>0.9.3</lt></range>
</package>
<package>
<name>thunderbird</name>
<range><lt>0.7.3</lt></range>
</package>
<package>
<name>linux-mozilla</name>
<range><lt>1.7.2</lt></range>
</package>
<package>
<name>linux-mozilla-devel</name>
<range><lt>1.7.2</lt></range>
</package>
<package>
<name>mozilla</name>
<range><lt>1.7.2,2</lt></range>
<range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range>
</package>
<package>
<name>mozilla-gtk1</name>
<range><lt>1.7.2</lt></range>
</package>
<package>
<name>netscape-{communicator,navigator}</name>
<range><le>4.78</le></range>
</package>
<package>
<name>linux-netscape-{communicator,navigator}</name>
<name>{ja,ko}-netscape-{communicator,navigator}-linux</name>
<range><le>4.8</le></range>
</package>
<package>
<name>{,ja-}netscape7</name>
<range><le>7.1</le></range>
</package>
<package>
<name>{de-,fr-,pt_BR-}netscape7</name>
<range><le>7.02</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Chris Evans has discovered multiple vulnerabilities in libpng,
which can be exploited by malicious people to compromise a
vulnerable system or cause a DoS (Denial of Service).</p>
</body>
</description>
<references>
<mlist msgid="Pine.LNX.4.58.0408041840080.20655@sphinx.mythic-beasts.com">http://www.securityfocus.com/archive/1/370853</mlist>
<url>http://scary.beasts.org/security/CESA-2004-001.txt</url>
<url>http://www.osvdb.org/8312</url>
<url>http://www.osvdb.org/8313</url>
<url>http://www.osvdb.org/8314</url>
<url>http://www.osvdb.org/8315</url>
<url>http://www.osvdb.org/8316</url>
<cvename>CAN-2004-0597</cvename>
<cvename>CAN-2004-0598</cvename>
<cvename>CAN-2004-0599</cvename>
<certvu>388984</certvu>
<certvu>236656</certvu>
<certvu>160448</certvu>
<certvu>477512</certvu>
<certvu>817368</certvu>
<certvu>286464</certvu>
<url>http://secunia.com/advisories/12219</url>
<url>http://secunia.com/advisories/12232</url>
<url>http://bugzilla.mozilla.org/show_bug.cgi?id=251381</url>
<url>http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2</url>
<uscertta>TA04-217A</uscertta>
<url>http://dl.sourceforge.net/sourceforge/libpng/ADVISORY.txt</url>
</references>
<dates>
<discovery>2004-08-04</discovery>
<entry>2004-08-04</entry>
<modified>2004-08-12</modified>
</dates>
</vuln>
<vuln vid="abe47a5a-e23c-11d8-9b0a-000347a4fa7d">
<topic>Mozilla certificate spoofing</topic>
<affects>
<package>
<name>firefox</name>
<range><ge>0.9.1</ge><le>0.9.2</le></range>
</package>
<package>
<name>linux-mozilla</name>
<range><lt>1.7.2</lt></range>
</package>
<package>
<name>linux-mozilla-devel</name>
<range><lt>1.7.2</lt></range>
</package>
<package>
<name>mozilla</name>
<range><lt>1.7.2,2</lt></range>
<range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range>
</package>
<package>
<name>mozilla-gtk1</name>
<range><lt>1.7.2</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Mozilla and Mozilla Firefox contains a flaw that may
allow a malicious user to spoof SSL certification.</p>
</body>
</description>
<references>
<mlist msgid="003a01c472ba$b2060900$6501a8c0@sec">http://www.securityfocus.com/archive/1/369953</mlist>
<url>http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory</url>
<url>http://secunia.com/advisories/12160</url>
<url>http://bugzilla.mozilla.org/show_bug.cgi?id=253121</url>
<url>http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2</url>
<url>http://www.osvdb.org/8238</url>
<bid>10796</bid>
<cvename>CAN-2004-0763</cvename>
</references>
<dates>
<discovery>2004-07-25</discovery>
<entry>2004-07-30</entry>
<modified>2004-08-05</modified>
</dates>
</vuln>
<vuln vid="a713c0f9-ec54-11d8-9440-000347a4fa7d">
<topic>ImageMagick png and bmp vulnerabilities</topic>
<affects>
<package>
<name>ImageMagick{,-nox11}</name>
<range><lt>6.0.6</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Glenn Randers-Pehrson has contributed a fix for the png
vulnerabilities discovered by Chris Evans.</p>
<p>Furthermore, Marcus Meissner has discovered and patched a buffer
overrun associated with decoding runlength-encoded BMP images.</p>
</body>
</description>
<references>
<url>http://studio.imagemagick.org/pipermail/magick-users/2004-August/013218.html</url>
<url>http://studio.imagemagick.org/pipermail/magick-developers/2004-August/002011.html</url>
<url>http://freshmeat.net/releases/169228</url>
<url>http://secunia.com/advisories/12236</url>
<url>http://secunia.com/advisories/12479</url>
<url>http://www.freebsd.org/ports/portaudit/f9e3e60b-e650-11d8-9b0a-000347a4fa7d.html</url>
</references>
<dates>
<discovery>2004-08-04</discovery>
<entry>2004-08-04</entry>
<modified>2004-09-03</modified>
</dates>
</vuln>
<vuln vid="0139e7e0-e850-11d8-9440-000347a4fa7d">
<topic>CVStrac remote code execution vulnerability</topic>
<affects>
<package>
<name>cvstrac</name>
<range><lt>1.1.4</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>CVStrac contains a flaw that may allow a remote attacker
to execute arbitrary commands.</p>
</body>
</description>
<references>
<mlist msgid="20040805175709.6995.qmail@web50508.mail.yahoo.com">http://www.securityfocus.com/archive/1/370955</mlist>
<url>http://secunia.com/advisories/12090</url>
<url>http://www.osvdb.org/8373</url>
<url>http://www.cvstrac.org/cvstrac/chngview?cn=316</url>
</references>
<dates>
<discovery>2004-08-05</discovery>
<entry>2004-08-13</entry>
</dates>
</vuln>
<vuln vid="5b8f9a02-ec93-11d8-b913-000c41e2cdad">
<topic>gaim remotely exploitable vulnerabilities in MSN component</topic>
<affects>
<package>
<name>{ja-,ru-,}gaim</name>
<range><lt>0.81_1</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Sebastian Krahmer discovered several remotely exploitable
buffer overflow vulnerabilities in the MSN component of
gaim.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0500</cvename>
<url>http://secunia.com/advisories/12125</url>
<url>http://www.osvdb.org/8382</url>
<url>http://www.osvdb.org/8961</url>
<url>http://www.osvdb.org/8962</url>
<url>http://www.suse.com/de/security/2004_25_gaim.html</url>
<bid>10865</bid>
</references>
<dates>
<discovery>2004-08-12</discovery>
<entry>2004-08-12</entry>
<modified>2004-08-30</modified>
</dates>
</vuln>
<vuln vid="65a17a3f-ed6e-11d8-aff1-00061bc2ad93">
<topic>jftpgw remote syslog format string vulnerability</topic>
<affects>
<package>
<name>jftpgw</name>
<range><lt>0.13.5</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Remote authenticated users can execute arbitrary code by
passing a malicious string containing format specifiers.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0448</cvename>
<bid>10438</bid>
<url>http://secunia.com/advisories/11732</url>
<url>http://www.debian.org/security/2004/dsa-510</url>
</references>
<dates>
<discovery>2004-05-29</discovery>
<entry>2004-08-13</entry>
</dates>
</vuln>
<vuln vid="e811aaf1-f015-11d8-876f-00902714cc7c">
<cancelled superseded="a800386e-ef7e-11d8-81b0-000347a4fa7d"/>
</vuln>
<vuln vid="a800386e-ef7e-11d8-81b0-000347a4fa7d">
<topic>ruby CGI::Session insecure file creation</topic>
<affects>
<package>
<name>ruby{,_r,_static}</name>
<range><lt>1.6.8.2004.07.28</lt></range>
<range><ge>1.8.*</ge><lt>1.8.2.p2</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Rubys CGI session management store session information insecurely,
which can be exploited by a local attacker to take over a session.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0755</cvename>
<url>http://secunia.com/advisories/12290</url>
<url>http://www.debian.org/security/2004/dsa-537</url>
<url>http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ChangeLog?rev=1.2673.2.410</url>
<url>http://www.osvdb.org/8845</url>
</references>
<dates>
<discovery>2004-07-22</discovery>
<entry>2004-08-16</entry>
<modified>2004-08-16</modified>
</dates>
</vuln>
<vuln vid="ebffe27a-f48c-11d8-9837-000c41e2cdad">
<cancelled superseded="eda0ade6-f281-11d8-81b0-000347a4fa7d"/>
</vuln>
<vuln vid="eda0ade6-f281-11d8-81b0-000347a4fa7d">
<topic>Qt 3.x BMP heap-based overflow, GIF and XPM DoS NULL pointer dereference</topic>
<affects>
<package>
<name>qt</name>
<range><ge>3.*</ge><lt>3.3.3</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Chris Evans has discovered flaws in th handling of various bitmap
formats, allowing the execution of arbitrary code or causing a DoS.</p>
</body>
</description>
<references>
<url>http://scary.beasts.org/security/CESA-2004-004.txt</url>
<url>http://secunia.com/advisories/12325</url>
<cvename>CAN-2004-0691</cvename>
<cvename>CAN-2004-0692</cvename>
<cvename>CAN-2004-0693</cvename>
<url>http://www.osvdb.org/9026</url>
<url>http://xforce.iss.net/xforce/xfdb/17040</url>
<url>http://xforce.iss.net/xforce/xfdb/17041</url>
<url>http://xforce.iss.net/xforce/xfdb/17042</url>
</references>
<dates>
<discovery>2004-08-18</discovery>
<entry>2004-08-20</entry>
</dates>
</vuln>
<vuln vid="0d3a5148-f512-11d8-9837-000c41e2cdad">
<cancelled superseded="bacbc357-ea65-11d8-9440-000347a4fa7d"/>
</vuln>
<vuln vid="bacbc357-ea65-11d8-9440-000347a4fa7d">
<topic>SpamAssassin DoS vulnerability</topic>
<affects>
<package>
<name>p5-Mail-SpamAssassin</name>
<range><lt>2.64</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Unspecified malformed messages can be used to
cause a DoS (Denial of Service).</p>
</body>
</description>
<references>
<url>http://secunia.com/advisories/12255</url>
<mlist msgid="20040805034902.6DF465900BB@radish.jmason.org>">http://marc.theaimsgroup.com/?l=spamassassin-announce&amp;m=109168121628767&amp;w=2</mlist>
<cvename>CAN-2004-0796</cvename>
<bid>10957</bid>
</references>
<dates>
<discovery>2004-08-05</discovery>
<entry>2004-08-10</entry>
</dates>
</vuln>
<vuln vid="77cc070b-fdbe-11d8-81b0-000347a4fa7d">
<topic>vpopmail multiple vulnerabilities</topic>
<affects>
<package>
<name>vpopmail</name>
<range><lt>5.4.6</lt></range>
</package>
<package>
<name>vpopmail-devel</name>
<range><lt>5.5.0</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Inter7 vpopmail (vchkpw) versions 5.4.2 and earlier contain
buffer overflows and format string vulnerabilities in the file vsybase.c</p>
<p>The buffer overflows are not fixed in versions 5.4.6/5.5.0, but are
believed to be very hard to exploit, and only by administrators able to add users.</p>
</body>
</description>
<references>
<url>http://www.osvdb.org/9146</url>
<url>http://www.osvdb.org/9147</url>
<url>http://www.osvdb.org/9148</url>
<bid>10962</bid>
<url>http://secunia.com/advisories/12441</url>
<url>http://cvs.sourceforge.net/viewcvs.py/vpopmail/vpopmail/vsybase.c?r1=1.9.2.1&amp;r2=1.9.2.2</url>
<url>http://www.kupchino.org.ru/unl0ck/advisories/vpopmail.txt</url>
<mlist msgid="200408181347.12199.bugtraq@beyondsecurity.com">http://www.securityfocus.com/archive/1/372257</mlist>
<mlist msgid="58114.66.79.185.80.1092936304.squirrel@mail.xyxx.com">http://www.securityfocus.com/archive/1/372468</mlist>
<url>http://xforce.iss.net/xforce/xfdb/17016</url>
<url>http://xforce.iss.net/xforce/xfdb/17017</url>
<url>http://security.gentoo.org/glsa/glsa-200409-01.xml</url>
</references>
<dates>
<discovery>2004-08-17</discovery>
<entry>2004-09-03</entry>
</dates>
</vuln>
<vuln vid="d2102505-f03d-11d8-81b0-000347a4fa7d">
<topic>multiple vulnerabilities in the cvs server code</topic>
<affects>
<package>
<name>cvs+ipv6</name>
<range><lt>1.11.17</lt></range>
</package>
<package>
<name>FreeBSD</name>
<range><lt>491101</lt></range>
<range><ge>500000</ge><lt>502114</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Stefan Esser reports multiple remote exploitable vulnerabilites
in the cvs code base.</p>
<p>Additionaly there exists an undocumented switch to the history
command allows an attacker to determine whether arbitrary files
exist and whether the CVS process can access them.</p>
</body>
</description>
<references>
<cvename>CAN-2004-0414</cvename>
<cvename>CAN-2004-0416</cvename>
<cvename>CAN-2004-0417</cvename>
<cvename>CAN-2004-0418</cvename>
<cvename>CAN-2004-0778</cvename>
<url>http://secunia.com/advisories/11817</url>
<url>http://secunia.com/advisories/12309</url>
<url>http://security.e-matters.de/advisories/092004.html</url>
<url>http://www.idefense.com/application/poi/display?id=130&amp;type=vulnerabilities&amp;flashstatus=false</url>
<url>https://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev=1.116.2.104</url>
<url>http://www.osvdb.org/6830</url>
<url>http://www.osvdb.org/6831</url>
<url>http://www.osvdb.org/6832</url>
<url>http://www.osvdb.org/6833</url>
<url>http://www.osvdb.org/6834</url>
<url>http://www.osvdb.org/6835</url>
<url>http://www.osvdb.org/6836</url>
<url>http://www.packetstormsecurity.org/0405-exploits/cvs_linux_freebsd_HEAP.c</url>
<bid>10499</bid>
</references>
<dates>
<discovery>2004-05-20</discovery>
<entry>2004-08-17</entry>
</dates>
</vuln>
<vuln vid="59669fc9-fdf4-11d8-81b0-000347a4fa7d">
<topic>multiple vulnerabilities in LHA</topic>
<affects>
<package>
<name>lha</name>
<range><le>1.14i_4</le></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Multiple vulnerabilities have been found in the LHA code by Lukasz Wojtow
and Thomas Biege.</p>
<p>Successful exploitation may allow execution of arbitrary code.</p>
</body>
</description>
<references>
<url>http://secunia.com/advisories/12435</url>
<cvename>CAN-2004-0694</cvename>
<cvename>CAN-2004-0745</cvename>
<cvename>CAN-2004-0769</cvename>
<cvename>CAN-2004-0771</cvename>
<mlist msgid="20040606162856.29866.qmail@www.securityfocus.com">http://www.securityfocus.com/archive/1/365386</mlist>
<mlist msgid="20040515110900.24784.qmail@www.securityfocus.com">http://www.securityfocus.com/archive/1/363418</mlist>
<url>http://lw.ftw.zamosc.pl/lha-exploit.txt</url>
<url>http://www.osvdb.org/9519</url>
<url>http://www.osvdb.org/9520</url>
<url>http://www.osvdb.org/9521</url>
<url>http://www.osvdb.org/9522</url>
<bid>10354</bid>
<bid>11093</bid>
<url>http://rhn.redhat.com/errata/RHSA-2004-323.html</url>
</references>
<dates>
<discovery>2004-05-19</discovery>
<entry>2004-09-03</entry>
</dates>
</vuln>
<vuln vid="fdbbed57-f933-11d8-a776-00e081220a76">
<topic>cdrtools local privilege escalation</topic>
<affects>
<package>
<name>cdrtools</name>
<range><lt>2.0.3_4</lt></range>
</package>
<package>
<name>cdrtools-cjk</name>
<range><lt>2.0.3.20030714_4</lt></range>
</package>
<package>
<name>cdrtools-devel</name>
<range><lt>2.01a38</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Max Vozeler found a flaw in in cdrecord allowing a local root exploit</p>
</body>
</description>
<references>
<url>ftp://ftp.berlios.de/pub/cdrecord/alpha/AN-2.01a38</url>
<url>http://www.osvdb.org/9395</url>
<cvename>CAN-2004-0806</cvename>
<mlist msgid="E1C0yA3-0002cc-00@newraff.debian.org">http://lists.debian.org/debian-devel-changes/2004/08/msg03421.html</mlist>
<bid>11075</bid>
<url>http://secunia.com/advisories/12481</url>
</references>
<dates>
<discovery>2004-08-28</discovery>
<entry>2004-08-30</entry>
</dates>
</vuln>
</vuxml>
Reference in a new issue View git blame Copy permalink