oss-sec mailing list archives

Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3

From: "Steven M. Christey" <coley () rcf-smtp mitre org>
Date: Fri, 14 Jan 2011 12:47:59 -0500 (EST)


On Fri, 14 Jan 2011, Moritz M??hlenhoff wrote:

We're still missing CVE assignments for several issues from 2009.
These have been requested on oss-security before, but couldn't be
processed by Josh/Red Hat, since RH doesn't have 2009 IDs. As such,
they need to be handled by MITRE:

1. Overkill (this should be a CVE-2009 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549310


Use CVE-2009-5041

2. Emacs mode for reStructuredText (from DocUtils) (this should be a CVE-2009 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560755


Use CVE-2009-5042

3. FireGPG (this should be a CVE-2008 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514386
http://securityvulns.com/Udocument757.html


There are 2 CVEs needed:

CVE-2008-7272 - storage of cleartext/passphrase on disk
CVE-2008-7273 - symlink following

4. Burn (Homepage: http://www.bigpaul.org/burn/) (That's a CVE-2009 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542329


CVE-2009-5043

5. pdfroff (from GNU groff) (That's a CVE-2009 ID)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff


CVE-2009-5044

6. Jetty (That's a CVE-2009 ID)
http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt


There are a number of CVEs to assign here.

A) "Dump Servlet" information leak
  (Affected versions: Any)


CVE-2009-5045

B) "FORM Authentication demo" information leak
  (Affected versions: Any)


No CVE assigned - ability to detect presence of a particular
application is not CVE-worthy unless the app's design intends to allow
it to be hidden.

C) "JSP Dump" reflected XSS
   (Affected versions: Any)
D) "Session Dump Servlet" stored XSS
  (Affected versions: Any)


CVE-2009-5046

E) "Cookie Dump Servlet" escape sequence injection

    (Affected versions: Any)

F) Http Content-Length header escape sequence injection
  (Affected versions: Any)


CVE-2009-5047

G) "Cookie Dump Servlet" stored XSS
  (Affected versions: =<6.1.20)


CVE-2009-5048

H) WebApp JSP Snoop page XSS
(Affected versions: =<6.1.21)


CVE-2009-5049

7. Konversation (That's a CVE-2009 ID)
http://bugs.kde.org/show_bug.cgi?id=219985


CVE-2009-5050

Current thread:

CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Raphael Geissert (Jan 13)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Moritz Mühlenhoff (Jan 14)
  - Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Steven M. Christey (Jan 14)
    - Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Tomas Hoger (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Josh Bressers (Jan 14)