Date: Tue, 7 Dec 2010 15:18:31 -0500 (EST) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo This is a great request, thanks. It's quite large but you gave me enough info that it's not killed me to figure it out. Steve, I have a request for MITRE to handle at the bottom. Thanks. ----- "Raphael Geissert" <geissert@...ian.org> wrote: > > IO::Socket::SSL: unexpected fallback to VERIFY_NONE if certificate > file(s) > are not specified. > http://bugs.debian.org/606058 > http://secunia.com/advisories/42508/ CVE-2010-4334 > > cakephp: code execution via unserialize() call with untrusted data > http://malloc.im/CakePHP-unserialize.txt > https://github.com/cakephp/cakephp/commit/e431e86aa4301ced4273dc7919b59362cbb353cb > http://secunia.com/advisories/42211/ CVE-2010-4335 > > collectd: DoS via the RRDtool and RRDCacheD plugins > http://bugs.debian.org/605092 > http://secunia.com/advisories/42393/ CVE-2010-4336 > > gnash: insecure handling of temp files at build-time > http://bugs.debian.org/605419 > http://secunia.com/advisories/42416/ CVE-2010-4337 > > ocrodjvu: insecure handling of temp files > http://bugs.debian.org/598134 CVE-2010-4338 > > hypermail: XSS > http://bugs.debian.org/598743 CVE-2010-4339 > > libcloud: "doesn't verify ssl certificate" > It appears that what it doesn't verify is the certificate's CN. From > the > references provided in the Debian bug report it looks like it is a > widespread issue on the SSL implementations in Python. > Not sure how MITRE would like to handle those. > > http://bugs.debian.org/598463 > https://github.com/tjfontaine/linode-python/issues/issue/1#issue/1 MITRE weighed in on this. Python *should* get the ID, but each fixed app also gets one. CVE-2010-4340 Steve, can MITRE take the one below. It's quite large and I don't have time to do it right now. Thanks. > piwigo: > a1) CSRF > a2) SQL injection > a3) stored XSS > http://secunia.com/advisories/41365/ > http://piwigo.org/releases/2.1.3 > http://www.exploit-db.com/exploits/14973/ > (the issues mentioned by the exploit-db entry appear to be the same > that > were fixed in 2.1.3) > b) search.php SQL injection > http://secunia.com/advisories/38305/ > http://piwigo.org/releases/2.0.8 > c) CSRF in the admin panel: > http://secunia.com/advisories/37681/ > http://www.exploit-db.com/exploits/10417 > (the exploit-db entry details two other issues, but are "admin-only" > -- feel > free to assign or ignore those.) >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ