CVE requests: IO::Socket::SSL, cakephp, collectd, gnash, ocrodjvu, hypermail, libcloud, piwigo

[Raphael Geissert <geissert () debian org>]

Hi,

Could CVE ids be assigned for the following issues? thanks in advance.

IO::Socket::SSL: unexpected fallback to VERIFY_NONE if certificate file(s) 
are not specified.
http://bugs.debian.org/606058
http://secunia.com/advisories/42508/

cakephp: code execution via unserialize() call with untrusted data
http://malloc.im/CakePHP-unserialize.txt
https://github.com/cakephp/cakephp/commit/e431e86aa4301ced4273dc7919b59362cbb353cb
http://secunia.com/advisories/42211/

collectd: DoS via the RRDtool and RRDCacheD plugins
http://bugs.debian.org/605092
http://secunia.com/advisories/42393/

gnash: insecure handling of temp files at build-time
http://bugs.debian.org/605419
http://secunia.com/advisories/42416/

ocrodjvu: insecure handling of temp files
http://bugs.debian.org/598134

hypermail: XSS
http://bugs.debian.org/598743

libcloud: "doesn't verify ssl certificate"
It appears that what it doesn't verify is the certificate's CN. From the 
references provided in the Debian bug report it looks like it is a 
widespread issue on the SSL implementations in Python.
Not sure how MITRE would like to handle those.

http://bugs.debian.org/598463
https://github.com/tjfontaine/linode-python/issues/issue/1#issue/1

piwigo:
a1) CSRF
a2) SQL injection
a3) stored XSS
http://secunia.com/advisories/41365/
http://piwigo.org/releases/2.1.3
http://www.exploit-db.com/exploits/14973/
(the issues mentioned by the exploit-db entry appear to be the same that 
were fixed in 2.1.3)
b) search.php SQL injection
http://secunia.com/advisories/38305/
http://piwigo.org/releases/2.0.8
c) CSRF in the admin panel:
http://secunia.com/advisories/37681/
http://www.exploit-db.com/exploits/10417
(the exploit-db entry details two other issues, but are "admin-only" -- feel 
free to assign or ignore those.)

Regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net