CVE-2010-5111 [echoping buffer overflows] - echoping 6.0.2-4 (low; bug #606808) [squeeze] - echoping (Minor issue) NOTE: Upstream fix http://sourceforge.net/p/echoping/bugs/55/ NOTE: https://bugs.gentoo.org/show_bug.cgi?id=349569 NOTE: http://xforce.iss.net/xforce/xfdb/64141 NOTE: http://secunia.com/advisories/42619/ CVE-2010-5110 [poppler: JPEG error handler] - poppler 0.16.3-1 (bug #722705) CVE-2010-5109 [libytnef: buffer overflow] - libytnef 1.5-5 (low; bug #705468) [squeeze] - libytnef (Minor issue) [wheezy] - libytnef (Minor issue) - claws-mail-extra-plugins (low) [squeeze] - claws-mail-extra-plugins (Minor issue) [wheezy] - claws-mail-extra-plugins (Minor issue) CVE-2010-5108 [Trac Ticket Modification Workflow Permission Restriction Bypass] - trac 0.11.7-1 (bug #573260) CVE-2010-5105 [blender /tmp/quit.blend temp file issue] - blender (low; bug #584621) [squeeze] - blender (Minor issue) [wheezy] - blender (Minor issue) CVE-2010-5077 [quake3 reflective UDP denial of service] {DSA-2442-1} - openarena 0.8.5-6 (medium; bug #665656) - ioquake3 (fixed before upload) - tremulous 1.1.0-8 (bug #665842) [squeeze] - tremulous 1.1.0-7~squeeze1 CVE-2010-4820 [ghostscript split from CVE-2010-2055] - ghostscript 8.71~dfsg2-6.1 [lenny] - ghostscript (too risky for regressions) CVE-2010-4817 [overwriting of arbitrary file via symlinks] - pithos 0.3.5-1 CVE-2010-4815 NOT-FOR-US: coppermine gallery CVE-2010-4777 - perl (unimportant; bug #628836) NOTE: Only affects Perl builds with enabled assertions, i.e. the debugperl binary from perl-debug CVE-2010-4664 - consolekit 0.4.2-1 (low) [squeeze] - consolekit (Minor issue) CVE-2010-4662 NOT-FOR-US: pmwiki CVE-2010-4661 [arbitrary kernel module loading] - udisks 1.0.3-1 [squeeze] - udisks (Minor issue) NOTE: upstream bug https://bugs.freedesktop.org/show_bug.cgi?id=32232 NOTE: fixed by http://cgit.freedesktop.org/udisks/commit/?id=c933a929f07421ec747cebb24d5e620fc2b97037 CVE-2010-4660 - statusnet (bug #491723) CVE-2010-4659 - statusnet (bug #491723) CVE-2010-4658 - statusnet (bug #491723) CVE-2010-4657 [xmlTextWriterWriteAttribute heap disclosure] - php5 (low) [wheezy] - php5 (Minor issue) [squeeze] - php5 (Minor issue) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=631551 NOTE: This was initially reported to be a bug in libxml2, but it later showed that PHP NOTE: is using the libxml2 API in an incorrect manner CVE-2010-4654 [Malformed commands may cause corruption of the internal stack] - kdegraphics (no stackheight) - xpdf (no stackheight) - poppler 0.16.3-1 [lenny] - poppler (stackheights introduced after 0.12) [squeeze] - poppler (stackheights introduced after 0.12) NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=8284008aa8230a92ba08d547864353d3290e9bf9 CVE-2010-4653 [integer overflow when parsing CharCodes for fonts] - kdegraphics 4.0 - xpdf 3.02-9 - poppler 0.16.3-1 (low) [lenny] - poppler (minor issue) [squeeze] - poppler 0.12.4-1.2+squeeze1 NOTE: http://cgit.freedesktop.org/poppler/poppler/commit/?id=cad66a7d25abdb6aa15f3aa94a35737b119b2659 CVE-2010-4533 [offlineimap uses SSLv2] - offlineimap (low; bug #606962) [wheezy] - offlineimap (Long-standing, documented behaviour, can be updated in spu if needed) [squeeze] - offlineimap (Long-standing, documented behaviour, can be updated in spu if needed) [lenny] - offlineimap (Long-standing, documented behaviour, can be updated in spu if needed) CVE-2010-4532 [no SSL cert validation] - offlineimap 6.3.2~rc3-2 (low; bug #603450) [squeeze] - offlineimap (Long-standing, documented behaviour, can be updated in spu if needed) [lenny] - offlineimap (Long-standing, documented behaviour, can be updated in spu if needed) CVE-2010-4245 - pootle 2.0.5-0.3 (low; bug #604060) [lenny] - pootle (Vulnerable code not present) CVE-2010-4241 - tikiwiki CVE-2010-4240 - tikiwiki CVE-2010-4239 - tikiwiki CVE-2010-4178 - mysql-gui-tools (low; bug #605542) [squeeze] - mysql-gui-tools (Minor issue) [lenny] - mysql-gui-tools (Minor issue) CVE-2010-4177 - mysql-gui-tools (low; bug #605542) [squeeze] - mysql-gui-tools (Minor issue) [lenny] - mysql-gui-tools (Minor issue) CVE-2010-3857 [JBoss BRMS XSS via UUID parameter] - jbossas4 (Vulnerable code not present) NOTE: JBoss 5 only; fixed in 5.1.0 CVE-2010-3844 - ettercap (unimportant; bug #600130) NOTE: Very far-fetched attack vector CVE-2010-3843 - ettercap (unimportant; bug #600130) NOTE: Very far-fetched attack vector CVE-2010-3845 - libapache-authenhook-perl 2.00-04+pristine-2 (low; bug #599712) [lenny] - libapache-authenhook-perl 2.00-04+pristine-1+lenny1 CVE-2010-4237 - mercurial 1.6.4-1 (low; bug #598841) [lenny] - mercurial (Minor issue) CVE-2010-3659 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3660 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3661 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3662 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3663 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3664 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3665 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3666 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3667 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3668 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3669 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3670 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3671 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3672 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3673 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3674 [Multiple security issues] {DSA-2098-1} - typo3-src 4.3.5-1 (bug #590719) CVE-2010-3440 [babiloo insecure downloading and unpacking of dictionary files] - babiloo 2.0.11-1 (low; bug #591995) CVE-2010-3439 [alien-arena: server dos] - alien-arena 7.33-5 (low; bug #575621) [lenny] - alien-arena 7.0-1+lenny2 CVE-2010-3438 [Insufficient stripping of CR/LF allows arbitrary IRC command execution] - libpoe-component-irc-perl 6.32+dfsg-1 [lenny] - libpoe-component-irc-perl 5.84+dfsg-1+lenny1 (bug #581194) CVE-2010-3375 - qtparted 0.4.5-8 (low; bug #598301) [lenny] - qtparted (Minor issue) CVE-2010-3373 - paxtest 1:0.9.9-1 (unimportant; bug #598413) CVE-2010-3359 [gargoyle: insecure library loading] - gargoyle-free 2009-08-25-2 NOTE: http://groups.google.com/group/garglk-dev/browse_thread/thread/1c92ab6f24d5ebe6 CVE-2010-3305 [pixel CSRF] - pixelpost (bug #597224) CVE-2010-3299 [ruby on rails: padding oracle attack] - rails (unimportant) NOTE: http://seclists.org/oss-sec/2010/q3/415 NOTE: http://seclists.org/oss-sec/2010/q3/413 NOTE: http://usenix.org/events/woot10/tech/full_papers/Rizzo.pdf CVE-2010-3295 [drivers/net/tulip/de4x5.c: reading uninitialized stack memory] NOTE: assigned to linux-2.6, but claimed not a problem: http://www.openwall.com/lists/oss-security/2010/09/15/2 NOTE: will probably get rejected CVE-2010-3282 NOT-FOR-US: Red Hat Directory Server CVE-2010-3293 [mailscanner virus updates DoS] - mailscanner (bug #596397; unimportant) NOTE: or even unimportant, the script is not used by default CVE-2010-3292 [mailscanner may use spoofed data] - mailscanner (bug #596396; low) [squeeze] - mailscanner (Minor issue) CVE-2010-3095 [mailscanner incomplete fix for CVE-2008-5313] - mailscanner 4.79.11-2.1 (bug #596403) CVE-2010-3090 [mailman, will be rejected] NOT-FOR-US: ** REJECT ** mailman CVE-2010-2783 - openjdk-6 6b18-1.8.1-1 CVE-2010-2548 - openjdk-6 6b18-1.8.1-1 CVE-2010-2490 [murmur DoS via malformed client query] - mumble 1.2.2-4 (bug #587713) [lenny] - mumble (Minor issue) - qt4-x11 (low; bug #587713) CVE-2010-2488 [znc null pointer deref] {DSA-2069-1} - znc 0.090-2 (bug #584929) CVE-2010-2476 [syscp open_basedir bypassing] - syscp (bug #587481) CVE-2010-2247 [makepasswd: insecure passwords generated with default settings] - makepasswd 1.10-5 (low; bug #564559) [lenny] - makepasswd 1.10-3+lenny1 CVE-2010-2243 [timekeeping oops] - linux-2.6 2.6.32-11 [lenny] - linux-2.6 (Vulnerable code not present) CVE-2010-2236 NOT-FOR-US: Red Hat Satellite CVE-2010-2222 NOT-FOR-US: Red Hat Directory Server CVE-2010-2064 - rpcbind 0.2.0-4.1 NOTE: This version changed the state directory to /var/run/rpcbind, which is only writable by root CVE-2010-2062 [VLC: integer underflow in Real RTSP] {DSA-2044-1 DSA-2043-1} - vlc 1.0.1-1 [lenny] - vlc 0.8.6.h-4+lenny2.3 - mplayer 2:1.0~rc3+svn20100502-3 (medium; bug #581245) [lenny] - mplayer 1.0~rc2-17+lenny3.2 - xine-lib (immune due to additional check in xio_rw_abbort()) NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=dc74600c97eb834c08674676e209afa842053aca NOTE: http://dzcore.wordpress.com/2009/07/27/dzc-2009-001-the-movie-player-and-vlc-media-player-real-data-transport-parsing-integer-underflow/ NOTE: DSA-2043 and DSA-2044 CVE-2010-2061 - rpcbind 0.2.0-4.1 CVE-2010-1765 - webkit (doesn't include cf code) - chromium-browser 5.0.375.55~r47796-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=37933 NOTE: http://trac.webkit.org/changeset/57995 CVE-2010-1678 - mapserver 5.6.5-2 NOTE: http://trac.osgeo.org/mapserver/ticket/3641 CVE-2010-1673 [ikiwiki xss due to insufficient html scrubbing] - ikiwiki 3.20101112 [squeeze] - ikiwiki 3.20100815.2 [lenny] - ikiwiki CVE-2010-2447 [gitolite "not filtering src/ or hooks/ from pathnames"] - gitolite 1.4.2-1 (low) NOTE: http://secunia.com/advisories/39587/ CVE-2010-1445 [Heap buffer overflow in RTMP access] - vlc 1.0.6-1 [lenny] - vlc (Vulnerable code not present) NOTE: http://www.videolan.org/security/sa1003.html CVE-2010-1444 [Invalid memory access in ZIP archive decompressor] - vlc 1.0.6-1 [lenny] - vlc (Vulnerable code not present) NOTE: http://www.videolan.org/security/sa1003.html CVE-2010-1443 [Invalid memory access in XSPF playlist parser] - vlc 1.0.6-1 (unimportant) NOTE: http://www.videolan.org/security/sa1003.html CVE-2010-1442 [Invalid memory access in AVI, ASF, Matroska (MKV) demuxers] - vlc 1.0.6-1 [lenny] - vlc 0.8.6.h-4+lenny3 NOTE: http://www.videolan.org/security/sa1003.html CVE-2010-1441 [Heap buffer overflow vulnerability in A/52, DTS and MPEG Audio decoders] - vlc 1.0.6-1 [lenny] - vlc 0.8.6.h-4+lenny3 NOTE: http://www.videolan.org/security/sa1003.html CVE-2010-2449 [gource: predictable log file located in /tmp] - gource 0.26-2 (low; bug #577958) CVE-2010-1154 - irssi 0.8.15-1 (low) [lenny] - irssi (Minor issue) CVE-2010-2446 [Rbot Owner Reaction Command Execution] - rbot 0.9.14-2 (bug #575286) [lenny] - rbot ("reaction" plugin not present in 0.9.10) [etch] - rbot ("reaction" plugin not present in 0.9.10) CVE-2010-0747 [linux-2.6 drbd connector issue] {DSA-2015-1} - linux-2.6 (drbd introduced for the first time in 2.6.32-12, which included the fix for this issue, so no supported debian kernel was ever affected) - drbd8 2:8.3.7-1 [lenny] - drbd8 2:8.0.14-2+lenny1 NOTE: CVE requested at http://www.openwall.com/lists/oss-security/2010/03/11/9 CVE-2010-2450 [shibboleth-sp2: world-readable key] - shibboleth-sp2 2.3.1+dfsg-2 (low; bug #571631) [lenny] - shibboleth-sp2 (Minor issue) - shibboleth-sp (Vulnerable code not present) CVE-2010-2473 [Blocked user session regeneration] {DSA-2016-1} - drupal6 6.18-1 (bug #592716) CVE-2010-2472 [Locale module cross site scripting] {DSA-2016-1} - drupal6 6.18-1 (bug #592716) CVE-2010-2471 [Open redirection] {DSA-2016-1} - drupal6 6.18-1 (bug #592716) CVE-2010-2250 [Installation cross site scripting] {DSA-2016-1} - drupal6 6.18-1 (bug #592716) CVE-2010-0749 - transmission 1.92-1 (unimportant; bug #574507) CVE-2010-0748 [transmission magnet links parser buffer overflow] - transmission 1.92-1 (medium; bug #574507) [lenny] - transmission (Support for Magnet links not yet available) CVE-2010-0737 NOT-FOR-US: JBoss Operations Network CVE-2010-0474 {DSA-2188-1} - webkit CVE-2010-0398 [autokey arbitrary file overwriting via symlinks] - autokey 0.61.3-2 CVE-2010-0207 [xpdf: XRef table parsing infinite loop] - kdegraphics 4.0 (unimportant) - xpdf (unimportant) - poppler 0.16.3-1 (unimportant) [squeeze] - poppler 0.12.4-1.2+squeeze1 NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=28172 NOTE: Just a crasher, not treated as a security issue CVE-2010-0206 [xpdf: Invalid pointer dereference by processing JBIG2 PDF stream objects] - kdegraphics 4.0 (unimportant) - xpdf (unimportant) - poppler 0.16.3-1 (unimportant) [squeeze] - poppler 0.12.4-1.2+squeeze1 NOTE: Just a crasher, not treated as a security issue