~wgrant/ubuntu-cve-tracker/mainold

« back to all changes in this revision

Viewing changes to retired/CVE-2008-1658

Committer: William Grant
Date: 2008-04-19 08:08:17 UTC
mfrom: (1065.2.58 ubuntu-cve)
Revision ID: william@qeuni.net-20080419080817-274tzbq5c88enccc

Merge from master.

files added:
active/00boilerplate.xpdf

active/CVE-2007-0071

active/CVE-2007-6019

active/CVE-2007-6712

active/CVE-2008-1100

active/CVE-2008-1382

active/CVE-2008-1655

active/CVE-2008-1687

active/CVE-2008-1688

active/CVE-2008-1693

active/CVE-2008-1721

active/CVE-2008-1722

active/CVE-2008-1761

active/CVE-2008-1762

active/CVE-2008-1764

active/CVE-2008-1766

active/CVE-2008-1796

retired/CVE-2008-1658

files renamed:
active/CVE-2008-1374 => retired/CVE-2008-1374

active/CVE-2008-1429 => retired/CVE-2008-1429

active/CVE-2008-1515 => retired/CVE-2008-1515

active/CVE-2008-1612 => retired/CVE-2008-1612

files modified:
README

active/CVE-2007-0175

active/CVE-2007-6531

active/CVE-2008-1080

active/CVE-2008-1081

active/CVE-2008-1082

active/CVE-2008-1531

active/CVE-2008-1720

ignored/not-for-us.txt

scripts/check-syntax

scripts/cve_lib.py

scripts/sync-from-versions.py

Show diffs side-by-side

added added

removed removed

retired/CVE-2008-1658

Candidate: CVE-2008-1658

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1658

Description:

Format string vulnerability in the grant helper (polkit-grant-helper.c) in

PolicyKit 0.7 and earlier allows attackers to cause a denial of service

(crash) and possibly execute arbitrary code via format strings in a

password.

Ubuntu-Description:

Notes:

Bugs:

Priority: medium

Discovered-by:

Assigned-to: keescook

Patches_policykit:

upstream: http://gitweb.freedesktop.org/?p=PolicyKit.git;a=commitdiff;h=5bc86a14cc0e356bcf8b5f861674f842869b1be7

upstream_policykit: pending (0.8)

dapper_policykit: DNE

edgy_policykit: DNE

feisty_policykit: DNE

gutsy_policykit: DNE

devel_policykit: released (0.7-2ubuntu6)

Older »