|
Date: Wed, 15 Oct 2008 15:09:29 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security <oss-security@...ts.openwall.com> cc: coley@...re.org Subject: Re: CVE Request On Fri, 10 Oct 2008, Josh Bressers wrote: > dovecot: http://bugs.gentoo.org/show_bug.cgi?id=240409 CVE-2008-4577 and CVE-2008-4578, see below. > graphviz: http://bugs.gentoo.org/show_bug.cgi?id=240636 CVE-2008-4555 (I assigned it but forgot to answer oss-security) > fence: http://bugs.gentoo.org/show_bug.cgi?id=240576 CVE-2008-4579 for this bug, CVE-2008-4580 for Tomas' followup, see below. - Steve ====================================================== Name: CVE-2008-4555 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4555 Reference: BUGTRAQ:20081008 Advisory: Graphviz Buffer Overflow Code Execution Reference: URL:http://www.securityfocus.com/archive/1/archive/1/497150/100/0/threaded Reference: MISC:http://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.html Reference: CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=240636 Reference: BID:31648 Reference: URL:http://www.securityfocus.com/bid/31648 Reference: SECUNIA:32186 Reference: URL:http://secunia.com/advisories/32186 Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements. ====================================================== Name: CVE-2008-4577 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4577 Reference: MLIST:[Dovecot-news] 20081005 v1.1.4 released Reference: URL:http://www.dovecot.org/list/dovecot-news/2008-October/000085.html Reference: CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=240409 Reference: BID:31587 Reference: URL:http://www.securityfocus.com/bid/31587 Reference: FRSIRT:ADV-2008-2745 Reference: URL:http://www.frsirt.com/english/advisories/2008/2745 Reference: SECUNIA:32164 Reference: URL:http://secunia.com/advisories/32164 The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions. ====================================================== Name: CVE-2008-4578 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4578 Reference: MLIST:[Dovecot-news] 20081005 v1.1.4 released Reference: URL:http://www.dovecot.org/list/dovecot-news/2008-October/000085.html Reference: CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=240409 Reference: BID:31587 Reference: URL:http://www.securityfocus.com/bid/31587 Reference: FRSIRT:ADV-2008-2745 Reference: URL:http://www.frsirt.com/english/advisories/2008/2745 Reference: SECUNIA:32164 Reference: URL:http://secunia.com/advisories/32164 The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes. ====================================================== Name: CVE-2008-4579 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4579 Reference: MISC:http://bugs.gentoo.org/show_bug.cgi?id=240576 Reference: MLIST:[oss-security] 20081013 Re: CVE Request Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/13/3 The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file. ====================================================== Name: CVE-2008-4580 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4580 Reference: MLIST:[oss-security] 20081013 Re: CVE Request Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/13/3 fence_manual in fence allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.