[Secure-testing-commits] r5253 - data/CVE

Stefan Fritsch Fri, 12 Jan 2007 09:38:51 -0800

Author: stef-guest
Date: 2007-01-12 18:38:44 +0100 (Fri, 12 Jan 2007)
New Revision: 5253


Modified:
   data/CVE/list
Log:
- new bcfg2 issue fixed (low)
- some mysql DoSs fixed
- phpmyadmin fixed
- fetchmail fix was incomplete


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-01-12 17:25:11 UTC (rev 5252)
+++ data/CVE/list       2007-01-12 17:38:44 UTC (rev 5253)
@@ -1,3 +1,7 @@
+CVE-2007-XXXX [bcfg2 password disclosure]
+       - bcfg2 0.8.7.3-1 (low; bug #406285)
+CVE-2007-XXXX [mysql 5.0 several DoS vulns]
+       - mysql-dfsg-5.0 5.0.32-1
 CVE-2007-0205 (Multiple directory traversal vulnerabilities in @lex Guestbook 
4.0.2 ...)
        TODO: @alex
 CVE-2006-6920 (Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 
allows ...)
@@ -11,9 +15,9 @@
 CVE-2006-6916 (Getahead Direct Web Remoting (DWR) before 1.1.3 allows 
attackers to ...)
        NOT-FOR-US: Getahead
 CVE-2007-0204 (Multiple cross-site scripting (XSS) vulnerabilities in 
phpMyAdmin ...)
-       - phpmyadmin <unfixed> (bug #406486; high)
+       - phpmyadmin 4:2.9.1.1-2 (bug #406486; high)
 CVE-2007-0203 (Multiple unspecified vulnerabilities in phpMyAdmin before 
2.9.2-rc1 ...)
-       - phpmyadmin <unfixed> (bug #406332; high)
+       - phpmyadmin 4:2.9.1.1-2 (bug #406332; high)
 CVE-2007-0202 (SQL injection vulnerability in index.php in @lex Guestbook 
4.0.2 and ...)
        NOT-FOR-US: @lex
 CVE-2007-0201 (Buffer overflow in the cmd_usr function in ftp-gw in TIS 
Internet ...)
@@ -2560,7 +2564,7 @@
 CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in 
comments.asp in ...)
        NOT-FOR-US: BlogMe
 CVE-2006-5974 (fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a 
message ...)
-       - fetchmail 6.3.6~rc3-1
+       - fetchmail 6.3.6-1
 CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through 
1.0.rc14, and ...)
        - dovecot 1.0.rc15-1
        [sarge] - dovecot <not-affected> (Vulnerable code not present)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5253 - data/CVE

Reply via email to