[Secure-testing-commits] r2893 - data/CVE

Tue, 29 Nov 2005 14:42:52 -0800 

Author: stef-guest
Date: 2005-11-29 22:40:49 +0000 (Tue, 29 Nov 2005)
New Revision: 2893

Modified:
   data/CVE/list
Log:
good old insecure quake 2

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2005-11-29 22:24:36 UTC (rev 2892)
+++ data/CVE/list       2005-11-29 22:40:49 UTC (rev 2893)
@@ -204,21 +204,23 @@
 CVE-2004-2600 (The firmware for Intelligent Platform Management Interface 
(IPMI) ...)
        TODO: check
 CVE-2004-2599 (Multiple buffer overflows in Quake II server before R1Q2, as 
used in ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
+       NOTE: There is a big note in the quake2 package stating that it is not 
secure.
+       NOTE: Otherwise severity would be high.
 CVE-2004-2598 (Quake II server before R1Q2, as used in multiple products, 
allows ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
 CVE-2004-2597 (Quake II server before R1Q2, as used in multiple products, 
allows ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
 CVE-2004-2596 (Quake II server before R1Q2, as used in multiple products, 
allows ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
 CVE-2004-2595 (Absolute path traversal vulnerability in Quake II server before 
R1Q2 ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
 CVE-2004-2594 (Absolute path traversal vulnerability in Quake II server before 
R1Q2 ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
 CVE-2004-2593 (Buffer overflow in command-packet processing of Quake II server 
before ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
 CVE-2004-2592 (Quake II server before R1Q2, as used in multiple products, 
allows ...)
-       TODO: check
+       - quake2 <unfixed> (bug #280573; low)
 CVE-2004-2591 (The data-overwrite capability of ButtUglySoftware CleanCache 
2.19 does ...)
        TODO: check
 CVE-2004-2590 (Unspecified vulnerability in meindlSOFT Cute PHP Library (aka 
cphplib) ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to