Attachment #141648 for bug #188512

View | Details | Raw Unified | Return to bug 188512
Collapse All | Expand All





-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
  <vuln vid="abad20bf-c1b4-11e3-a5ac-001b21614864">
    <topic>OpenLDAP -- incorrect handling of NULL in certificate Common Name</topic>
    <affects>
      <package>
	<name>openldap24-client</name>
	<name>linux-f10-openldap</name>
	<range><lt>2.4.18</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Jan Lieskovsky reports:</p>
	<blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3767">
	  <p>OpenLDAP does not properly handle a '\0' character in a domain name
	    in the subject's Common Name (CN) field of an X.509 certificate,
	    which allows man-in-the-middle attackers to spoof arbitrary SSL
	    servers via a crafted certificate issued by a legitimate
	    Certification Authority</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2009-3767</cvename>
      <url>https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3767</url>
    </references>
    <dates>
      <discovery>2009-08-07</discovery>
      <entry>2014-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="9aecb94c-c1ad-11e3-a5ac-001b21614864">
    <topic>cURL -- inappropriate GSSAPI delegation</topic>
    <affects>
      <package>
	<name>curl</name>
	<name>linux-f10-curl</name>
	<range><ge>7.10.6</ge><le>7.21.6</le></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>cURL reports:</p>
	<blockquote cite="http://curl.haxx.se/docs/adv_20110623.html">
	  <p>When doing GSSAPI authentication, libcurl unconditionally performs
	    credential delegation. This hands the server a copy of the client's
	    security credentials, allowing the server to impersonate the client
	    to any other using the same GSSAPI mechanism.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2011-2192</cvename>
      <url>http://curl.haxx.se/docs/adv_20110623.html</url>
    </references>
    <dates>
      <discovery>2011-06-23</discovery>
      <entry>2014-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="77bb0541-c1aa-11e3-a5ac-001b21614864">
    <topic>dbus-glib -- privledge escalation</topic>
    <affects>
      <package>
	<name>dbus-glib</name>
	<name>linux-f10-dbus-glib</name>
	<range><lt>0.100.1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Sebastian Krahmer reports:</p>
	<blockquote cite="https://bugs.freedesktop.org/show_bug.cgi?id=60916">
	  <p>A privilege escalation flaw was found in the way dbus-glib, the
	    D-Bus add-on library to integrate the standard D-Bus library with
	    the GLib thread abstraction and main loop, performed filtering of
	    the message sender (message source subject), when the
	    NameOwnerChanged signal was received. A local attacker could use
	    this flaw to escalate their privileges.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2013-0292</cvename>
      <url>https://bugs.freedesktop.org/show_bug.cgi?id=60916</url>
    </references>
    <dates>
      <discovery>2013-02-15</discovery>
      <entry>2014-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="bf7912f5-c1a8-11e3-a5ac-001b21614864">
    <topic>nas -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>nas</name>
	<name>linux-f10-nas-libs</name>
	<range><lt>1.9.4</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Hamid Zamani reports:</p>
	<blockquote cite="http://radscan.com/pipermail/nas/2013-August/001270.html">
	  <p>multiple security problems (buffer overflows, format string
	    vulnerabilities and missing input sanitising), which could lead to
	    the execution of arbitrary code.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2013-4256</cvename>
      <cvename>CVE-2013-4257</cvename>
      <cvename>CVE-2013-4258</cvename>
      <url>http://radscan.com/pipermail/nas/2013-August/001270.html</url>
    </references>
    <dates>
      <discovery>2013-08-07</discovery>
      <entry>2014-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="09f47c51-c1a6-11e3-a5ac-001b21614864">
    <topic>libaudiofile -- heap-based overflow in Microsoft ADPCM compression module</topic>
    <affects>
      <package>
	<name>libaudiofile</name>
	<name>linux-f10-libaudiofile</name>
	<range><lt>0.2.7</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Debian reports:</p>
	<blockquote cite="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205">
	  <p>Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile
	    0.2.6 allows context-dependent attackers to cause a denial of service
	    (application crash) or possibly execute arbitrary code via a crafted
	    WAV file.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2014-0159</cvename>
      <url>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205</url>
    </references>
    <dates>
      <discovery>2008-12-30</discovery>
      <entry>2014-04-11</entry>
    </dates>
  </vuln>

  <vuln vid="7ccd4def-c1be-11e3-9d09-000c2980a9f3">
    <topic>OpenSSL -- Local Information Disclosure</topic>
    <affects>

    <affects>
      <package>
	<name>gnutls</name>
	<name>linux-f10-gnutls</name>
	<range><lt>2.12.23_4</lt></range>
      </package>
      <package>

    <affects>
      <package>
	<name>libgcrypt</name>
	<name>linux-f10-libgcrypt</name>
	<range><lt>1.5.3</lt></range>
      </package>
    </affects>

      </body>
    </description>
    <references>
    <cvename>CVE-2013-4242</cvename>
    <url>http://eprint.iacr.org/2013/448</url>
    <url>http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000329.html</url>
    <url>http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html</url>

    <affects>
      <package>
	<name>libxml2</name>
	<name>linux-f10-libxml2</name>
	<range><lt>2.7.8_3</lt></range>
      </package>
    </affects>

    <affects>
      <package>
	<name>png</name>
	<name>linux-f10-png</name>
	<range><lt>1.4.11</lt></range>
      </package>
    </affects>

    <affects>
      <package>
	<name>libxml2</name>
	<name>linux-f10-libxml2</name>
	<range><lt>2.7.8_2</lt></range>
      </package>
    </affects>

      </package>
      <package>
	<name>libxml2</name>
	<name>linux-f10-libxml2</name>
	<range><lt>2.7.8</lt></range>
      </package>
    </affects>

      </package>
      <package>
	<name>linux-tiff</name>
	<name>linux-f10-tiff</name>
	<range><lt>3.9.4</lt></range>
      </package>
    </affects>

	<name>linux-firefox-devel</name>
	<range><lt>3.5.9</lt></range>
      </package>
      <package>
        <name>nss</name>
        <name>linux-f10-nss</name>
        <range><lt>3.12.5</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">

    <affects>
      <package>
	<name>expat2</name>
	<name>linux-f10-expat</name>
	<range><lt>2.0.1_1</lt></range>
      </package>
    </affects>

Return to bug 188512

Lines 51-56 Link Here

(-)security/vuxml/vuln.xml (+168 lines)
51		51
52	-->	52	-->
53	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">	53	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
		54	<vuln vid="abad20bf-c1b4-11e3-a5ac-001b21614864">
		55	<topic>OpenLDAP -- incorrect handling of NULL in certificate Common Name</topic>
		56	<affects>
		57	<package>
		58	<name>openldap24-client</name>
		59	<name>linux-f10-openldap</name>
		60	<range><lt>2.4.18</lt></range>
		61	</package>
		62	</affects>
		63	<description>
		64	<body xmlns="http://www.w3.org/1999/xhtml">
		65	<p>Jan Lieskovsky reports:</p>
		66	<blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3767">
		67	<p>OpenLDAP does not properly handle a '\0' character in a domain name
		68	in the subject's Common Name (CN) field of an X.509 certificate,
		69	which allows man-in-the-middle attackers to spoof arbitrary SSL
		70	servers via a crafted certificate issued by a legitimate
		71	Certification Authority</p>
		72	</blockquote>
		73	</body>
		74	</description>
		75	<references>
		76	<cvename>CVE-2009-3767</cvename>
		77	<url>https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3767</url>
		78	</references>
		79	<dates>
		80	<discovery>2009-08-07</discovery>
		81	<entry>2014-04-11</entry>
		82	</dates>
		83	</vuln>
		84
		85	<vuln vid="9aecb94c-c1ad-11e3-a5ac-001b21614864">
		86	<topic>cURL -- inappropriate GSSAPI delegation</topic>
		87	<affects>
		88	<package>
		89	<name>curl</name>
		90	<name>linux-f10-curl</name>
		91	<range><ge>7.10.6</ge><le>7.21.6</le></range>
		92	</package>
		93	</affects>
		94	<description>
		95	<body xmlns="http://www.w3.org/1999/xhtml">
		96	<p>cURL reports:</p>
		97	<blockquote cite="http://curl.haxx.se/docs/adv_20110623.html">
		98	<p>When doing GSSAPI authentication, libcurl unconditionally performs
		99	credential delegation. This hands the server a copy of the client's
		100	security credentials, allowing the server to impersonate the client
		101	to any other using the same GSSAPI mechanism.</p>
		102	</blockquote>
		103	</body>
		104	</description>
		105	<references>
		106	<cvename>CVE-2011-2192</cvename>
		107	<url>http://curl.haxx.se/docs/adv_20110623.html</url>
		108	</references>
		109	<dates>
		110	<discovery>2011-06-23</discovery>
		111	<entry>2014-04-11</entry>
		112	</dates>
		113	</vuln>
		114
		115	<vuln vid="77bb0541-c1aa-11e3-a5ac-001b21614864">
		116	<topic>dbus-glib -- privledge escalation</topic>
		117	<affects>
118	<package>
119	<name>dbus-glib</name>
120	<name>linux-f10-dbus-glib</name>
121	<range><lt>0.100.1</lt></range>
122	</package>
123	</affects>
124	<description>
125	<body xmlns="http://www.w3.org/1999/xhtml">
126	<p>Sebastian Krahmer reports:</p>
127	<blockquote cite="https://bugs.freedesktop.org/show_bug.cgi?id=60916">
128	<p>A privilege escalation flaw was found in the way dbus-glib, the
129	D-Bus add-on library to integrate the standard D-Bus library with
130	the GLib thread abstraction and main loop, performed filtering of
131	the message sender (message source subject), when the
132	NameOwnerChanged signal was received. A local attacker could use
133	this flaw to escalate their privileges.</p>
134	</blockquote>
135	</body>
136	</description>
137	<references>
138	<cvename>CVE-2013-0292</cvename>
139	<url>https://bugs.freedesktop.org/show_bug.cgi?id=60916</url>
140	</references>
141	<dates>
142	<discovery>2013-02-15</discovery>
143	<entry>2014-04-11</entry>
144	</dates>
145	</vuln>
146
147	<vuln vid="bf7912f5-c1a8-11e3-a5ac-001b21614864">
148	<topic>nas -- multiple vulnerabilities</topic>
149	<affects>
150	<package>
151	<name>nas</name>
152	<name>linux-f10-nas-libs</name>
153	<range><lt>1.9.4</lt></range>
154	</package>
155	</affects>
156	<description>
157	<body xmlns="http://www.w3.org/1999/xhtml">
158	<p>Hamid Zamani reports:</p>
159	<blockquote cite="http://radscan.com/pipermail/nas/2013-August/001270.html">
160	<p>multiple security problems (buffer overflows, format string
161	vulnerabilities and missing input sanitising), which could lead to
162	the execution of arbitrary code.</p>
163	</blockquote>
164	</body>
165	</description>
166	<references>
167	<cvename>CVE-2013-4256</cvename>
168	<cvename>CVE-2013-4257</cvename>
169	<cvename>CVE-2013-4258</cvename>
170	<url>http://radscan.com/pipermail/nas/2013-August/001270.html</url>
171	</references>
172	<dates>
173	<discovery>2013-08-07</discovery>
174	<entry>2014-04-11</entry>
175	</dates>
176	</vuln>
177
178	<vuln vid="09f47c51-c1a6-11e3-a5ac-001b21614864">
179	<topic>libaudiofile -- heap-based overflow in Microsoft ADPCM compression module</topic>
180	<affects>
181	<package>
182	<name>libaudiofile</name>
183	<name>linux-f10-libaudiofile</name>
184	<range><lt>0.2.7</lt></range>
185	</package>
186	</affects>
187	<description>
188	<body xmlns="http://www.w3.org/1999/xhtml">
189	<p>Debian reports:</p>
190	<blockquote cite="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205">
191	<p>Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile
192	0.2.6 allows context-dependent attackers to cause a denial of service
193	(application crash) or possibly execute arbitrary code via a crafted
194	WAV file.</p>
195	</blockquote>
196	</body>
197	</description>
198	<references>
199	<cvename>CVE-2014-0159</cvename>
200	<url>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205</url>
201	</references>
202	<dates>
203	<discovery>2008-12-30</discovery>
204	<entry>2014-04-11</entry>
205	</dates>
206	</vuln>
207
54	<vuln vid="7ccd4def-c1be-11e3-9d09-000c2980a9f3">	208	<vuln vid="7ccd4def-c1be-11e3-9d09-000c2980a9f3">
55	<topic>OpenSSL -- Local Information Disclosure</topic>	209	<topic>OpenSSL -- Local Information Disclosure</topic>
56	<affects>	210	<affects>
Lines 1084-1089 Link Here
1084	<affects>	1238	<affects>
1085	<package>	1239	<package>
1086	<name>gnutls</name>	1240	<name>gnutls</name>
		1241	<name>linux-f10-gnutls</name>
1087	<range><lt>2.12.23_4</lt></range>	1242	<range><lt>2.12.23_4</lt></range>
1088	</package>	1243	</package>
1089	<package>	1244	<package>
Lines 4644-4649 Link Here
4644	<affects>	4799	<affects>
4645	<package>	4800	<package>
4646	<name>libgcrypt</name>	4801	<name>libgcrypt</name>
		4802	<name>linux-f10-libgcrypt</name>
4647	<range><lt>1.5.3</lt></range>	4803	<range><lt>1.5.3</lt></range>
4648	</package>	4804	</package>
4649	</affects>	4805	</affects>
Lines 4660-4665 Link Here
4660	</body>	4816	</body>
4661	</description>	4817	</description>
4662	<references>	4818	<references>
		4819	<cvename>CVE-2013-4242</cvename>
4663	<url>http://eprint.iacr.org/2013/448</url>	4820	<url>http://eprint.iacr.org/2013/448</url>
4664	<url>http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000329.html</url>	4821	<url>http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000329.html</url>
4665	<url>http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html</url>	4822	<url>http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html</url>
Lines 17586-17591 Link Here
17586	<affects>	17743	<affects>
17587	<package>	17744	<package>
17588	<name>libxml2</name>	17745	<name>libxml2</name>
		17746	<name>linux-f10-libxml2</name>
17589	<range><lt>2.7.8_3</lt></range>	17747	<range><lt>2.7.8_3</lt></range>
17590	</package>	17748	</package>
17591	</affects>	17749	</affects>
Lines 18888-18893 Link Here
18888	<affects>	19046	<affects>
18889	<package>	19047	<package>
18890	<name>png</name>	19048	<name>png</name>
		19049	<name>linux-f10-png</name>
18891	<range><lt>1.4.11</lt></range>	19050	<range><lt>1.4.11</lt></range>
18892	</package>	19051	</package>
18893	</affects>	19052	</affects>
Lines 19929-19934 Link Here
19929	<affects>	20088	<affects>
19930	<package>	20089	<package>
19931	<name>libxml2</name>	20090	<name>libxml2</name>
		20091	<name>linux-f10-libxml2</name>
19932	<range><lt>2.7.8_2</lt></range>	20092	<range><lt>2.7.8_2</lt></range>
19933	</package>	20093	</package>
19934	</affects>	20094	</affects>
Lines 22706-22711 Link Here
22706	</package>	22866	</package>
22707	<package>	22867	<package>
22708	<name>libxml2</name>	22868	<name>libxml2</name>
		22869	<name>linux-f10-libxml2</name>
22709	<range><lt>2.7.8</lt></range>	22870	<range><lt>2.7.8</lt></range>
22710	</package>	22871	</package>
22711	</affects>	22872	</affects>
Lines 32355-32360 Link Here
32355	</package>	32516	</package>
32356	<package>	32517	<package>
32357	<name>linux-tiff</name>	32518	<name>linux-tiff</name>
		32519	<name>linux-f10-tiff</name>
32358	<range><lt>3.9.4</lt></range>	32520	<range><lt>3.9.4</lt></range>
32359	</package>	32521	</package>
32360	</affects>	32522	</affects>
Lines 33540-33545 Link Here
33540	<name>linux-firefox-devel</name>	33702	<name>linux-firefox-devel</name>
33541	<range><lt>3.5.9</lt></range>	33703	<range><lt>3.5.9</lt></range>
33542	</package>	33704	</package>
		33705	<package>
		33706	<name>nss</name>
		33707	<name>linux-f10-nss</name>
		33708	<range><lt>3.12.5</lt></range>
		33709	</package>
33543	</affects>	33710	</affects>
33544	<description>	33711	<description>
33545	<body xmlns="http://www.w3.org/1999/xhtml">	33712	<body xmlns="http://www.w3.org/1999/xhtml">
Lines 35069-35074 Link Here
35069	<affects>	35236	<affects>
35070	<package>	35237	<package>
35071	<name>expat2</name>	35238	<name>expat2</name>
		35239	<name>linux-f10-expat</name>
35072	<range><lt>2.0.1_1</lt></range>	35240	<range><lt>2.0.1_1</lt></range>
35073	</package>	35241	</package>
35074	</affects>	35242	</affects>