| |
mark :: blog
A few weeks ago the 2011 update to
the CWE/SANS Top 25 Most Dangerous
Software Errors was published. As part of our contribution to this
update we analysed the most severe vulnerabilities that affected Red Hat
since the last update and mapped each one to the appropriate Common
Weakness Enumeration (CWE) type.
The table below lists all vulnerabilities which have a CVSS score of 7
or more ('high'), that we fixed in any product during calendar year 2010.
Most common CWE were: - Buffer Copy without Checking
Size of Input
(CWE-120): 8 vulnerabilities.
-
Race Condition
(CWE-362): 5 vulnerabilities.
| CVE | CWE | 2011 top 25? | CVSS base score | Fixed in |
|---|
|
CVE-2007-4567
| CWE-476 | no
| 7.8
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2009-0778
| CWE-770 | no
| 7.1
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2009-1385
| CWE-191 | no
| 7.1
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2009-3080
| CWE-129 | no
| 7.2
| Red Hat Enterprise Linux 3, 4, 5, MRG (kernel)
|
|
CVE-2009-3245
| CWE-252 | no
| 7.6
| Red Hat Enterprise Linux 3, 4, 5 (openssl)
|
|
CVE-2009-3726
| CWE-476 | no
| 7.2
| Red Hat Enterprise Linux 4, 5, MRG (kernel)
|
|
CVE-2009-4005
| CWE-127 | no
| 7.1
| Red Hat Enterprise Linux 4 (kernel)
|
|
CVE-2009-4027
| CWE-362 | no
| 7.8
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2009-4141
| CWE-416 | no
| 7.2
| Red Hat Enterprise Linux 5, MRG (kernel)
|
|
CVE-2009-4212
| CWE-191 | no
| 10.0
| Red Hat Enterprise Linux 3, 4, 5 (krb5)
|
|
CVE-2009-4272
| CWE-764 | no
| 7.8
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2009-4273
| CWE-78 | yes
| 7.9
| Red Hat Enterprise Linux 5 (systemtap)
|
|
CVE-2009-4537
| CWE-120 | yes
| 7.1
| Red Hat Enterprise Linux 4, 5, MRG (kernel)
|
|
CVE-2009-4895
| CWE-362 | no
| 7.2
| Red Hat Enterprise MRG (kernel)
|
|
CVE-2010-0008
| CWE-606 | no
| 7.8
| Red Hat Enterprise Linux 4, 5 (kernel)
|
|
CVE-2010-0291
| CWE-822 | no
| 7.2
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2010-0738
| CWE-424 | no
| 7.5
| JBoss Enterprise Application Platform 4.2, 4.3
|
|
CVE-2010-0741
| CWE-20 | no
| 7.1
| Red Hat Enterprise Linux 5 (kvm)
|
|
CVE-2010-1084
| CWE-120 | yes
| 7.2
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2010-1086
| CWE-20 | no
| 7.8
| Red Hat Enterprise Linux 4, 5 (kernel)
|
|
CVE-2010-1087
| CWE-362 | no
| 7.2
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2010-1166
| CWE-823 | no
| 7.6
| Red Hat Enterprise Linux 5 (xorg-x11-server)
|
|
CVE-2010-1173
| CWE-120 * | yes
| 7.1
| Red Hat Enterprise Linux 4, 5 (kernel)
|
|
CVE-2010-1188
| CWE-416 | no
| 7.8
| Red Hat Enterprise Linux 3, 4, 5 (kernel)
|
|
CVE-2010-1436
| CWE-120 | yes
| 7.2
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2010-1437
| CWE-362 | no
| 7.2
| Red Hat Enterprise Linux 4, 5 (kernel)
|
|
CVE-2010-2063
| CWE-823 | no
| 7.5
| Red Hat Enterprise Linux 3, 4, 5 (samba)
|
|
CVE-2010-2235
| CWE-77 | no
| 7.1
| Red Hat Network Satellite Server 5.3 (cobbler)
|
|
CVE-2010-2240
| CWE-788 | no
| 7.2
| Red Hat Enterprise Linux 3, 4, 5, MRG (kernel)
|
|
CVE-2010-2248
| CWE-682 | no
| 7.1
| Red Hat Enterprise Linux 4, 5 (kernel)
|
|
CVE-2010-2492
| CWE-805 | no
| 7.2
| Red Hat Enterprise Linux 5, 6 (kernel)
|
|
CVE-2010-2521
| CWE-805 | no
| 8.3
| Red Hat Enterprise Linux 4, 5, MRG (kernel)
|
|
CVE-2010-2798
| CWE-476 | no
| 7.2
| Red Hat Enterprise Linux 5 (kernel)
|
|
CVE-2010-2962
| CWE-823 | no
| 7.2
| Red Hat Enterprise Linux 6, MRG (kernel)
|
|
CVE-2010-3069
| CWE-129 | no
| 8.3
| Red Hat Enterprise Linux 3, 4, 5, 6 (samba)
|
|
CVE-2010-3081
| CWE-131 | yes
| 7.2
| Red Hat Enterprise Linux 3, 4, 5, 6, MRG (kernel)
|
|
CVE-2010-3084
| CWE-120 | yes
| 7.2
| Red Hat Enterprise Linux 6 (kernel)
|
|
CVE-2010-3301
| CWE-129 | no
| 7.2
| Red Hat Enterprise Linux 6 (kernel)
|
|
CVE-2010-3302
| CWE-120 | yes
| 7.1
| Red Hat Enterprise Linux 6 (openswan)
|
|
CVE-2010-3308
| CWE-120 | yes
| 7.1
| Red Hat Enterprise Linux 6 (openswan)
|
|
CVE-2010-3432
| CWE-805 * | no
| 7.8
| Red Hat Enterprise Linux 4, 5, 6, MRG (kernel)
|
|
CVE-2010-3705
| CWE-788 | no
| 8.3
| Red Hat Enterprise Linux 6, MRG (kernel)
|
|
CVE-2010-3708
| CWE-77 | no
| 7.5
| JBoss Enterprise Application Platform 4.3, SOA Platform 4.2
|
|
CVE-2010-3752
| CWE-78 | yes
| 7.1
| Red Hat Enterprise Linux 6 (openswan)
|
|
CVE-2010-3753
| CWE-78 | yes
| 7.1
| Red Hat Enterprise Linux 6 (openswan)
|
|
CVE-2010-3847
| CWE-426 | no
| 7.2
| Red Hat Enterprise Linux 5, 6 (glibc)
|
|
CVE-2010-3856
| CWE-426 | no
| 7.2
| Red Hat Enterprise Linux 5, 6 (glibc)
|
|
CVE-2010-3864
| CWE-362 | no
| 7.6
| Red Hat Enterprise Linux 6 (openssl)
|
|
CVE-2010-3904
| CWE-822 | no
| 7.2
| Red Hat Enterprise Linux 5, 6 (kernel)
|
|
CVE-2010-4170
| CWE-88 | no
| 7.2
| Red Hat Enterprise Linux 4, 5, 6 (systemtap)
|
|
CVE-2010-4179
| CWE-862 | yes
| 7.5
| Red Hat Enterprise MRG (cumin)
|
|
CVE-2010-4344
| CWE-120 | yes
| 7.5
| Red Hat Enterprise Linux 4, 5 (exim)
|
* - in both these cases the outcome is not a buffer overflow as the possible
overflow is detected and instead converted into an abort (DoS)
See also our 2010 analysis
Created: 09 Aug 2011
Tagged as: cvss, cwe, fedora, metrics, red hat
0 comments
(new comments disabled)
|
|
|
Hi! I'm Mark Cox. This blog gives my
thoughts and opinions on my security
work, open source, fedora, home automation,
and other topics.
pics from my twitter:
popular tags:
[all],
apache,
apachecon,
apacheweek,
cve,
cvss,
fedora,
financial,
geocaching,
ha,
metrics,
microsoft,
nashville,
north carolina,
red hat summit,
redhat,
security,
trips
|
|
