[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 28 Nov 2008 15:58:48 +0100
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: oss-security@...ts.openwall.com
Subject: CVE Request - cups, dovecot-managesieve, perl,
wireshark
Hello Steve,
could you please allocate a new CVE ids for the following
vulnerabilities:
------------------------------------------------------------
cups -- buffer overflow in the PNG image read
-- incomplete fix for CVE-2008-1722 (http://www.cups.org/strfiles/2790/str2790.patch)
-- advisory: http://www.cups.org/str.php?L2974
-- patch: http://www.cups.org/strfiles/2974/str2974.patch
-- affects: cups-1.1.17 <= x <= cups-1.3.9
-- references: http://www.cups.org/str.php?L2974
http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt (Part "- SECURITY:")
------------------------------------------------------------
dovecot-managesieve -- virtual users can edit sieve scripts of other
virtual users of the same uid
-- advisory: http://www.dovecot.org/list/dovecot/2008-November/035259.html
-- affects: all versions of dovecot-managesieve till dovecot-1.2-managesieve-0.11.0
-- references: http://www.dovecot.org/list/dovecot/2008-November/035259.html
http://secunia.com/Advisories/32768/
http://bugs.gentoo.org/show_bug.cgi?id=248840
http://www.frsirt.com/english/advisories/2008/3190
------------------------------------------------------------
perl -- perl-File-Path rmtree race condition (CVE-2005-0448 was assigned to address this)
-- from below posted proposed fix: "This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1.
It's also present in File::Path 2.xx, up to and including 2.07 which
has only a partial fix."
-- affects all upstream 5.8.8-1 based perl releases (have checked perl-5.8.8-1+ is reaffected, perl-5.8.10 already contains the fix)
-- needs a new CVE id
-- references: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=85;filename=etch_03_fix_file_path;att=1;bug=286905
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=85;filename=sid_fix_file_path;att=2;bug=286905
------------------------------------------------------------
wireshark -- DoS (infinite loop) in SMTP dissector via large SMTP request
-- affects: All versions of Wireshark <= 1.0.4
-- references: https://bugzilla.redhat.com/show_bug.cgi?id=472737
http://packetstormsecurity.org/0811-advisories/wireshark104-dos.txt
http://www.securityfocus.com/archive/1/498562/30/0/threaded
http://www.nabble.com/-SVRT-04-08--Vulnerability-in-WireShark-1.0.4-for-DoS-Attack-td20640164.html
-- upstream patches: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24989&r2=24988&pathrev=24989&view=patch
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24994&r2=24993&pathrev=24994&view=patch
-------------------------------------------------------------
Thanks!, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
