diff options
author | Stefan Fritsch <sf@sfritsch.de> | 2007-05-17 12:18:22 +0000 |
---|---|---|
committer | Stefan Fritsch <sf@sfritsch.de> | 2007-05-17 12:18:22 +0000 |
commit | e45ecdbb1884b87c1858d0856305c02cfcfc0a12 (patch) | |
tree | 9ea1f300ceb97d6ee624136e578f4aa2dd2987b5 /data/DTSA/advs | |
parent | e821659d22735f404c2a666dccf4646883072b02 (diff) |
advs for clamav and mydns
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@5863 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA/advs')
-rw-r--r-- | data/DTSA/advs/36-mydns.adv | 14 | ||||
-rw-r--r-- | data/DTSA/advs/37-clamav.adv | 27 |
2 files changed, 41 insertions, 0 deletions
diff --git a/data/DTSA/advs/36-mydns.adv b/data/DTSA/advs/36-mydns.adv new file mode 100644 index 0000000000..ec1eaa7ae1 --- /dev/null +++ b/data/DTSA/advs/36-mydns.adv @@ -0,0 +1,14 @@ +source: mydns +date: April 30th, 2007 +author: Stefan Fritsch +vuln-type: multiple buffer overflows +problem-scope: remote +debian-specifc: no +cve: CVE-2007-2362 +vendor-advisory: +testing-fix: 1:1.1.0-7.1lenny1 +sid-fix: 1:1.1.0-8 +upgrade: apt-get upgrade + +Multiple buffer overflows in MyDNS allow remote attackers to cause a denial of +service (daemon crash) and possibly execute arbitrary code. diff --git a/data/DTSA/advs/37-clamav.adv b/data/DTSA/advs/37-clamav.adv new file mode 100644 index 0000000000..d6267e000d --- /dev/null +++ b/data/DTSA/advs/37-clamav.adv @@ -0,0 +1,27 @@ +source: clamav +date: April 30th, 2007 +author: Stefan Fritsch +vuln-type: several vulnerabilities +problem-scope: remote +debian-specifc: no +cve: CVE-2007-1745 CVE-2007-1997 CVE-2007-2029 +vendor-advisory: +testing-fix: 0.90.1-3lenny1 +sid-fix: 0.90.2-1 +upgrade: apt-get upgrade + +Several remote vulnerabilities have been discovered in the Clam anti-virus +toolkit. The Common Vulnerabilities and Exposures project identifies the +following problems: + +CVE-2007-1745 +It was discovered that a file descriptor leak in the CHM handler may lead to +denial of service. + +CVE-2007-1997 +It was discovered that a buffer overflow in the CAB handler may lead to the +execution of arbitrary code. + +CVE-2007-2029 +It was discovered that a file descriptor leak in the PDF handler may lead to +denial of service. |