[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 28 Nov 2008 15:58:48 +0100
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: oss-security@...ts.openwall.com
Subject: CVE Request - cups, dovecot-managesieve, perl,
wireshark
Hello Steve,
could you please allocate a new CVE ids for the following
vulnerabilities:
------------------------------------------------------------
cups -- buffer overflow in the PNG image read
-- incomplete fix for CVE-2008-1722 (http://www.cups.org/strfiles/2790/str2790.patch)
-- advisory: http://www.cups.org/str.php?L2974
-- patch: http://www.cups.org/strfiles/2974/str2974.patch
-- affects: cups-1.1.17 <= x <= cups-1.3.9
-- references: http://www.cups.org/str.php?L2974
http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt (Part "- SECURITY:")
------------------------------------------------------------
dovecot-managesieve -- virtual users can edit sieve scripts of other
virtual users of the same uid
-- advisory: http://www.dovecot.org/list/dovecot/2008-November/035259.html
-- affects: all versions of dovecot-managesieve till dovecot-1.2-managesieve-0.11.0
-- references: http://www.dovecot.org/list/dovecot/2008-November/035259.html
http://secunia.com/Advisories/32768/
http://bugs.gentoo.org/show_bug.cgi?id=248840
http://www.frsirt.com/english/advisories/2008/3190
------------------------------------------------------------
perl -- perl-File-Path rmtree race condition (CVE-2005-0448 was assigned to address this)
-- from below posted proposed fix: "This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1.
It's also present in File::Path 2.xx, up to and including 2.07 which
has only a partial fix."
-- affects all upstream 5.8.8-1 based perl releases (have checked perl-5.8.8-1+ is reaffected, perl-5.8.10 already contains the fix)
-- needs a new CVE id
-- references: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=85;filename=etch_03_fix_file_path;att=1;bug=286905
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=85;filename=sid_fix_file_path;att=2;bug=286905
------------------------------------------------------------
wireshark -- DoS (infinite loop) in SMTP dissector via large SMTP request
-- affects: All versions of Wireshark <= 1.0.4
-- references: https://bugzilla.redhat.com/show_bug.cgi?id=472737
http://packetstormsecurity.org/0811-advisories/wireshark104-dos.txt
http://www.securityfocus.com/archive/1/498562/30/0/threaded
http://www.nabble.com/-SVRT-04-08--Vulnerability-in-WireShark-1.0.4-for-DoS-Attack-td20640164.html
-- upstream patches: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24989&r2=24988&pathrev=24989&view=patch
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24994&r2=24993&pathrev=24994&view=patch
-------------------------------------------------------------
Thanks!, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
