[Secure-testing-commits] r4694 - data/CVE

Wed, 06 Sep 2006 15:08:56 -0700 

Author: jmm-guest
Date: 2006-09-06 22:08:42 +0000 (Wed, 06 Sep 2006)
New Revision: 4694

Modified:
   data/CVE/list
Log:
two unimportant/no-dsa php issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-09-06 18:06:37 UTC (rev 4693)
+++ data/CVE/list       2006-09-06 22:08:42 UTC (rev 4694)
@@ -1101,10 +1101,17 @@
 CVE-2006-4024 (The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 
through ...)
        - festalon <not-affected> (vuln. code introduced in 0.5.0)
 CVE-2006-4023 (The ip2long function in PHP 5.1.4 and earlier may incorrectly 
validate ...)
-       - php5 <unfixed> (medium; bug #382257)
-       - php4 <unfixed> (medium; bug #382270)
+       - php5 <unfixed> (unimportant; bug #382257)
+       - php4 <unfixed> (unimportant; bug #382270)
+       NOTE: Not every lack of protection of programmer's flaws is a 
vulnerability
+       NOTE: See notes by Sean for details
+       NOTE: > the entry states that this is more likely a bug in any
+       NOTE: > applications not performing further validation/sanitizing,
+       NOTE: > and i tend to agree based on the php.net documentation, which
+       NOTE: > states: "ip2long() should not be used as the sole form of IP
+       NOTE: > validation. Combine it with long2ip()".
 CVE-2006-4022 (Intel 2100 PRO/Wireless Network Connection driver PROSet before 
...)
-       NOT-FOR-US: Intel
+       NOT-FOR-US: Intel Windows driver
 CVE-2006-4021 (The cryptographic module in ScatterChat 1.0.x allows attackers 
to ...)
        NOT-FOR-US: ScatterChat
 CVE-2006-4020 (scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows 
...)
@@ -4197,6 +4204,13 @@
        - freetype 2.2.1-1 (medium)
 CVE-2006-2660 (Buffer consumption vulnerability in the tempnam function in PHP 
5.1.4 ...)
        - php4 4:4.4.4-1 (low)
+       [sarge] - php4 <no-dsa> (not worth an update, see NOTE by Sean)
+       NOTE: using a long enough path (>MAXPATHLEN) allows you to have
+       NOTE: tempnam create a file without the temp extension.  sounds like
+       NOTE: another shoot yourself in the foot issue, since the local user
+       NOTE: could just as easily create the file manually, and if the
+       NOTE: tempnam function is taking unsanitized input, it's an
+       NOTE: application error
        - php5 5.1.6-1 (low)
 CVE-2006-2658
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to