oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request - cups, dovecot-managesieve, perl, wireshark

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 28 Nov 2008 15:58:48 +0100
Hello Steve,

  could you please allocate a new CVE ids for the following
vulnerabilities:

------------------------------------------------------------

cups  -- buffer overflow in the PNG image read
      -- incomplete fix for CVE-2008-1722 (http://www.cups.org/strfiles/2790/str2790.patch)
      -- advisory: http://www.cups.org/str.php?L2974
      -- patch: http://www.cups.org/strfiles/2974/str2974.patch
      -- affects: cups-1.1.17 <= x <= cups-1.3.9
      -- references: http://www.cups.org/str.php?L2974
                     http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt (Part "- SECURITY:")
                     

------------------------------------------------------------

dovecot-managesieve -- virtual users can edit sieve scripts of other 
                       virtual users of the same uid
                    -- advisory:  http://www.dovecot.org/list/dovecot/2008-November/035259.html
                    -- affects: all versions of dovecot-managesieve till  dovecot-1.2-managesieve-0.11.0
                    -- references: http://www.dovecot.org/list/dovecot/2008-November/035259.html
                                   http://secunia.com/Advisories/32768/
                                   http://bugs.gentoo.org/show_bug.cgi?id=248840
                                   http://www.frsirt.com/english/advisories/2008/3190


------------------------------------------------------------

perl -- perl-File-Path rmtree race condition (CVE-2005-0448 was assigned to address this)
     -- from below posted proposed fix: "This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1.
                                         It's also present in File::Path 2.xx, up to and including 2.07 which
                                         has only a partial fix."
     -- affects all upstream 5.8.8-1 based perl releases (have checked perl-5.8.8-1+ is reaffected, perl-5.8.10 already 
contains the fix)
     -- needs a new CVE id
     -- references: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922
                    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286922
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
                    http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=85;filename=etch_03_fix_file_path;att=1;bug=286905
                    http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=85;filename=sid_fix_file_path;att=2;bug=286905

------------------------------------------------------------

wireshark -- DoS (infinite loop) in SMTP dissector via large SMTP request
          -- affects: All versions of Wireshark <= 1.0.4
          -- references: https://bugzilla.redhat.com/show_bug.cgi?id=472737
                         http://packetstormsecurity.org/0811-advisories/wireshark104-dos.txt
                         http://www.securityfocus.com/archive/1/498562/30/0/threaded
                         
http://www.nabble.com/-SVRT-04-08--Vulnerability-in-WireShark-1.0.4-for-DoS-Attack-td20640164.html

         -- upstream patches: 
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24989&r2=24988&pathrev=24989&view=patch
                              
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-smtp.c?r1=24994&r2=24993&pathrev=24994&view=patch

-------------------------------------------------------------

Thanks!, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: