security [ARCHIVED] June 2007

security@lists.fedoraproject.org

16 participants
60 discussions

[Bug 243592] New: CVE-2007-3112, CVE-2007-3113: cacti DoS vulnerabilities
by Red Hat Bugzilla 17 Sep '07

17 Sep '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243592 Summary: CVE-2007-3112, CVE-2007-3113: cacti DoS vulnerabilities Product: Fedora Extras Version: f7 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: cacti AssignedTo: mmcgrath(a)redhat.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3112 "Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter." http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3113 "Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter." The patch linked to in the reports applies to 0.8.6j too. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 6

[Bug 240396] New: CVE-2007-2654: xfsdump file permissions issue
by Red Hat Bugzilla 11 Sep '07

11 Sep '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240396 Summary: CVE-2007-2654: xfsdump file permissions issue Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: xfsdump AssignedTo: cattelan(a)redhat.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2654 "xfs_fsr in xfsdump creates a temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems." Patch from SUSE update attached. ------- Additional Comments From ville.skytta(a)iki.fi 2007-05-17 03:49 EST ------- Created an attachment (id=154896) --> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=154896&action=view) Patch from SUSE update -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 4

[Bug 235013] New: CVE-2007-1804: pulseaudio 0.9.5 DoS
by Red Hat Bugzilla 07 Sep '07

07 Sep '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235013 Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: pulseaudio AssignedTo: drzeus-bugzilla(a)drzeus.cx ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1804 "PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value of FRAME_SIZE_MAX_ALLOW sent on TCP port 9875, which triggers a p->export assertion failure in do_read; (2) a PA_PSTREAM_DESCRIPTOR_LENGTH value of 0 sent on TCP port 9875, which triggers a length assertion failure in pa_memblock_new; or (3) an empty packet on UDP port 9875, which triggers a t assertion failure in pa_sdp_parse; and allows remote authenticated users to cause a denial of service (daemon crash) via a crafted packet on TCP port 9875 that (4) triggers a maxlength assertion failure in pa_memblockq_new, (5) triggers a size assertion failure in pa_xmalloc, or (6) plays a certain sound file." FC5, FC6, devel have 0.9.5 at the moment. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 4

[Bug 192830] New: CVE-2006-2453 Additional dia format string flaws
by Red Hat Bugzilla 30 Aug '07

30 Aug '07

1 13

[Bug 215136] New: CVE-2006-5864: gv <= 3.6.2 stack-based buffer overflow
by Red Hat Bugzilla 30 Aug '07

30 Aug '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=215136 Summary: CVE-2006-5864: gv <= 3.6.2 stack-based buffer overflow Product: Fedora Extras Version: fc6 Platform: All URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5864 OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: gv AssignedTo: orion(a)cora.nwra.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: extras-qa(a)fedoraproject.org,fedora-security- list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5864 "Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the DocumentMedia header." -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 5

[Bug 241799] New: CVE-2007-2894: bochs guest OS local user DoS
by Red Hat Bugzilla 24 Aug '07

24 Aug '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241799 Summary: CVE-2007-2894: bochs guest OS local user DoS Product: Fedora Extras Version: fc6 Platform: All URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2894 OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: bochs AssignedTo: j.w.r.degoede(a)hhs.nl ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2894 "The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error." -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 9

[Bug 244502] New: CVE-2007-3165: tor < 0.1.2.14 information disclosure
by Red Hat Bugzilla 19 Aug '07

19 Aug '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244502 Summary: CVE-2007-3165: tor < 0.1.2.14 information disclosure Product: Fedora Extras Version: f7 Platform: All URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3165 OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: tor AssignedTo: enrico.scholz(a)informatik.tu-chemnitz.de ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3165 "Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers." -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 5

[Bug 240395] New: CVE-2007-2650: clamav OLE2 parser DoS
by Red Hat Bugzilla 19 Jul '07

19 Jul '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240395 Summary: CVE-2007-2650: clamav OLE2 parser DoS Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: clamav AssignedTo: enrico.scholz(a)informatik.tu-chemnitz.de ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2650 "The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file." Affected versions unknown. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 19

[Bug 246322] New: flac123 0.0.9 vorbis comment parsing buffer overflow
by Red Hat Bugzilla 12 Jul '07

12 Jul '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=246322 Summary: flac123 0.0.9 vorbis comment parsing buffer overflow Product: Fedora Version: f7 Platform: All URL: http://www.vuxml.org/freebsd/32d38cbb-2632-11dc-94da- 0016179b2dd5.html OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: flac123 AssignedTo: foolish(a)guezz.net ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://www.vuxml.org/freebsd/32d38cbb-2632-11dc-94da-0016179b2dd5.html "flac123, also known as flac-tools, is vulnerable to a buffer overflow in vorbis comment parsing. This allows for the execution of arbitrary code." 0.0.10 is out, supposedly containing a fix for this. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 5

[Bug 241489] New: CVE-2007-2865: phpPgAdmin 4.1.1 XSS vulnerability
by Red Hat Bugzilla 12 Jul '07

12 Jul '07

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241489 Summary: CVE-2007-2865: phpPgAdmin 4.1.1 XSS vulnerability Product: Fedora Extras Version: fc6 Platform: All URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2865 OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: phpPgAdmin AssignedTo: devrim(a)commandprompt.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2865 "Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter." -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 2

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

security [ARCHIVED] June 2007