date:20081229

[Secure-testing-commits] r10822 - data/CVE

2008-12-29 Thread fw

Author: fw
Date: 2008-12-29 08:16:18 + (Mon, 29 Dec 2008)
New Revision: 10822

Modified:
   data/CVE/list
Log:
CVE-2008-2383: xterm


Modified: data/CVE/list
===
--- data/CVE/list   2008-12-29 02:27:50 UTC (rev 10821)
+++ data/CVE/list   2008-12-29 08:16:18 UTC (rev 10822)
@@ -7977,8 +7977,8 @@
RESERVED
 CVE-2008-2384
RESERVED
-CVE-2008-2383
-   RESERVED
+CVE-2008-2383 [xterm code execution through DECRQSS escape sequence]
+   - xterm unfixed (medium; bug #510030)
 CVE-2008-2382 (The protocol_client_msg function in vnc.c in the VNC server in 
(1) ...)
- qemu 0.9.1-9
[etch] - qemu not-affected (Tested by maintainer)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r10824 - data/CVE

2008-12-29 Thread joeyh

Author: joeyh
Date: 2008-12-29 21:14:11 + (Mon, 29 Dec 2008)
New Revision: 10824

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===
--- data/CVE/list   2008-12-29 09:14:13 UTC (rev 10823)
+++ data/CVE/list   2008-12-29 21:14:11 UTC (rev 10824)
@@ -1,3 +1,59 @@
+CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka 
DAHDI) ...)
+   TODO: check
+CVE-2008-5743 (pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files 
with a ...)
+   TODO: check
+CVE-2008-5742 (Multiple open redirect vulnerabilities in AIST NetCat 3.12 and 
earlier ...)
+   TODO: check
+CVE-2008-5741
+   RESERVED
+CVE-2008-5740
+   RESERVED
+CVE-2008-5739 (SQL injection vulnerability in evb/check_url.php in Pligg CMS 
9.9.5 ...)
+   TODO: check
+CVE-2008-5738 (Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to 
bypass ...)
+   TODO: check
+CVE-2008-5737 (SQL injection vulnerability in index.php in Nodstrum MySQL 
Calendar ...)
+   TODO: check
+CVE-2008-5736 (Multiple unspecified vulnerabilities in FreeBSD 6 before 
6.4-STABLE, ...)
+   TODO: check
+CVE-2008-5735 (Stack-based buffer overflow in skin.c in CoolPlayer 2.17 
through 2.19 ...)
+   TODO: check
+CVE-2008-5734 (Cross-site scripting (XSS) vulnerability in WebMail Pro in 
IceWarp ...)
+   TODO: check
+CVE-2008-5733 (SQL injection vulnerability in blog.php in the Team Impact TI 
Blog ...)
+   TODO: check
+CVE-2008-5732 (Unrestricted file upload vulnerability in lib/image_upload.php 
in ...)
+   TODO: check
+CVE-2008-5731 (The PGPwded device driver (aka PGPwded.sys) in PGP Corporation 
PGP ...)
+   TODO: check
+CVE-2008-5730 (Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and 
...)
+   TODO: check
+CVE-2008-5729 (Multiple cross-site scripting (XSS) vulnerabilities in AIST 
NetCat ...)
+   TODO: check
+CVE-2008-5728 (Multiple directory traversal vulnerabilities in AIST NetCat 
3.12 and ...)
+   TODO: check
+CVE-2008-5727 (SQL injection vulnerability in 
modules/auth/password_recovery.php in ...)
+   TODO: check
+CVE-2008-5726 (SQL injection vulnerability in thread.php in stormBoards 1.0.1 
allows ...)
+   TODO: check
+CVE-2008-5725 (The NT kernel-mode driver (aka pstrip.sys) 5.0.1.1 and earlier 
in ...)
+   TODO: check
+CVE-2008-5724 (The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and 
earlier in ...)
+   TODO: check
+CVE-2008-5723 (Directory traversal vulnerability in CGI RESCUE KanniBBS2000 
(aka ...)
+   TODO: check
+CVE-2008-5722 (Buffer overflow in SAWStudio 3.9i allows user-assisted remote 
...)
+   TODO: check
+CVE-2008-5721 (SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote 
attackers ...)
+   TODO: check
+CVE-2008-5720 (Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 
allows ...)
+   TODO: check
+CVE-2008-5719 (Cross-site scripting (XSS) vulnerability in Hitachi Groupmax 
Web ...)
+   TODO: check
+CVE-2008-5718 (The papd daemon in Netatalk before 2.0.4-beta2 allows remote 
attackers ...)
+   TODO: check
+CVE-2008-5717 (Cross-site scripting (XSS) vulnerability in Hitachi 
JP1/Integrated ...)
+   TODO: check
 CVE-2008-5716 (xend in Xen 3.3.0 does not properly restrict a guest VM's write 
access ...)
- xen-3 not-affected (Vulnerable code never entered Debian)
- xen-unstable not-affected (Vulnerable code never entered Debian)
@@ -55,7 +111,7 @@
NOT-FOR-US: Ipswitch WS_FTP Server Manager
 CVE-2008-5691 (Heap-based buffer overflow in the Phoenician Casino FlashAX 
ActiveX ...)
NOT-FOR-US: Phoenician Casino FlashAX ActiveX
-CVE-2008-5690 (The Kerberos credential renewal feature in Solaris 8, 9, and 
10, and ...)
+CVE-2008-5690 (The Kerberos credential renewal feature in Sun Solaris 8, 9, 
and 10, ...)
NOT-FOR-US: Solaris
 CVE-2008-5689 (tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through 
snv_76 ...)
NOT-FOR-US: Solaris
@@ -556,8 +612,7 @@
- xulrunner 1.9.0.5-1
 CVE-2008-5499 (Unspecified vulnerability in Adobe Flash Player for Linux 
10.0.12.36, ...)
NOT-FOR-US: Adobe Flash Player for Linux
-CVE-2008-5498 [segfault and potential security issue in php5's bundled libgd's 
imagerotate]
-   RESERVED
+CVE-2008-5498 (Array index error in the imageRotate function in PHP 5.2.8 and 
earlier ...)
- php5 not-affected (php5 links to the shared lib)
- libgd2 not-affected (code is specific to php's libgd)
NOTE: 
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360r2=1.2027.2.547.2.1361
@@ -908,7 +963,7 @@
TODO: check
 CVE-2008-5344 (Unspecified vulnerability in Java Web Start (JWS) and Java 
Plug-in ...)
TODO: check
-CVE-2008-5343 (Unspecified vulnerability in Java Web Start (JWS) and Java 
Plug-in ...)
+CVE-2008-5343 (Java Web Start (JWS) and Java Plug-in with Sun JDK and

[Secure-testing-commits] r10822 - data/CVE

[Secure-testing-commits] r10824 - data/CVE

2 matches

Site Navigation

Mail list logo

Footer information