Next Page >>
CVS
xine-lib <= 1.1.11.1
XMMS speex plugin
Fixed version:
gstreamer-plugins-good, >= 0.10.8 (patched in CVS)
SDL_sound, patched in CVS
Speex >= 1.2beta3.2 (patched in CVS)
Sweep >= 0.9.3
vorbis-tools, patched in CVS
VLC Media Player, N/A
Issue 1
-------
Class: Information leak
Versions: all versions before 3.0.11, 3.2.6, 3.4.5, and 3.5.3
Description: Bugzilla allows web browsers to serve the contents of
files in the CVS/, contrib/, docs/en/xml/, and t/
directories, as well as the old-params.txt file.
These files do not contain sensitive data by default, but
custom installations may have added scripts or files into
these directories which contain e.g. passwords or some
other sensitive information. We now forbird access to
specially crafted module file.
======================================================================
5) Solution
Fixed in the CVS repository.
======================================================================
6) Time Table
29/12/2009 - Vendor notified.
exploited by malicious people to bypass certain security restrictions.
Background
==========
ViewVC is a browser interface for CVS and Subversion version control
repositories.
Affected packages
=================
Test', alert('XSS ALERT') , '
IV. Solution
At the time of writing, a fix is available in CVS.
http://mvnforum.cvs.sourceforge.net/mvnforum/mvnforum/srcweb/mvnplugin/mvnforum/user/viewthread.jsp?r1=1.316&r2=1.317
Timeline:
2008-04-27: mvnForum authors informed
PRIVMSG eggdrop :\1\1
Resolution
----------
Upgrade to eggdrop/windrop 1.6.19+ctcpfix ([2],[3]), the current cvs versions,
or apply the ctcpfix patch at [2] before compiling.
Disclosure timeline
-------------------
exploited by malicious people to bypass certain security restrictions.
Background
==========
ViewVC is a browser interface for CVS and Subversion version control
repositories.
Affected packages
=================
exploited by malicious people to bypass certain security restrictions.
Background
==========
ViewVC is a browser interface for CVS and Subversion version control
repositories.
Affected packages
=================
version 4.2 is NOT affected, please alter it in advisory
http://secunia.com/advisories/28726/ and others.
Vendor fix this flaw in cvs on 10.10.2007.
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/bgplg/bgplg.c
Updated version OpenBSD 4.2 which was released Nov 1, 2007 is NOT
vulnerable.
Luigi Auriemma
Application: id3lib
http://id3lib.sourceforge.net
Versions: only devel (CVS)
stable (3.8.3) is NOT affected
Platforms: Windows, *nix and Mac
Bug: array overflow
Exploitation: local
Date: 19 Dec 2007
* Even with account creation disabled, users can use the WebService to
create an account.
We strongly advise that 2.23.x and 3.0.x users upgrade to 3.0.2
immediately. Users of CVS HEAD or 3.1.1 should upgrade to 3.1.2
immediately. This is critical if you have a "requirelogin" installation
and also have the WebService enabled.
Vulnerability Details
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_7
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_7
>
> The latest version of e107, version 0.7.17 contains a PHP backdoor.
> http://e107.org/e107_files/downloads/e107_v0.7.17_full.zip
Looks like the e107 team has removed this file, and reviewing the code
in the cvs repository this code does not appear there.
Best Wishes,
Chris Travers
Patches have been made available for Horde:
* 3.1:
http://ocert.org/patches/2008-012/Text_Filter.31.patch
* 3.2 - CVS HEAD:
http://ocert.org/patches/2008-012/MIME.patch
http://ocert.org/patches/2008-012/Text_Filter.patch
A replacement for externalinput.php is linked below as well.
will change permision to EXAMPLEFILE when the owner will use this URL.
I think, it should be some byte, what inform about overflowing (empty command should nulling this byte). We have diagnosed this issue on BSD systems. Unfortunately, we do not know exactly how many machines can be affected.
- --- 2. How to fix ---
OpenBSD has been first informed. Fix is avalible on cvs:
http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpd.c
http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/extern.h
http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y
Problem Description:
The rootcerts package was added in Mandriva in 2005 and was meant
to be updated when nessesary. The provided rootcerts packages has
been upgraded using the latest certdata.txt file from the mozilla
cvs repository, as of 2009/12/03.
In Mandriva a number of additional CA root certificates has been
added such as ICP-Brasil (Brazil government CA), cacert.org, IGC/A CA
(French government CA). The IGC/A CA one was recently added upstream
in the mozilla certdata.txt file.
Successful exploitation allows execution of arbitrary code.
======================================================================
5) Solution
Fixed in the CVS repository.
======================================================================
6) Time Table
09/01/2009 - Vendor notified.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
. Firebird SQL v2.1.3 Release Candidate 2 (estimated release: July 2009)
. Firebird SQL v2.5 Beta 2 (estimated release: July 2009)
. Firebird SQL v1.5.6 (estimated release: August 2009)
. Firebird SQL v2.0.6 (estimated release: October 2009)
Please build a fresh CVS checkout to have a fixed version sooner.
6. *Vendor Information, Solutions and Workarounds*
The issue is resolved in all branches of the Firebird SQL repository. It
Successful exploitation may allow execution of arbitrary code.
======================================================================
5) Solution
Fixed in the CVS repository.
======================================================================
6) Time Table
27/05/2008 - Vendor notified.
Remediation
-----------
This bug was patched in CVS and appends the following lines between 776
and 777:
if (length <= 0) {
PyErr_SetString(PyExc_ValueError, "length must be greater than zero");
return NULL;
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_7
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
Next Page>>
|
