[Secure-testing-commits] r5257 - data/CVE

Alex de Oliveira Silva Fri, 12 Jan 2007 12:58:10 -0800

Author: enerv-guest
Date: 2007-01-12 21:58:04 +0100 (Fri, 12 Jan 2007)
New Revision: 5257


Modified:
   data/CVE/list
Log:
Changed severity in CVEs



Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-01-12 20:14:11 UTC (rev 5256)
+++ data/CVE/list       2007-01-12 20:58:04 UTC (rev 5257)
@@ -1117,7 +1117,7 @@
 CVE-2006-6611 (PHP remote file inclusion vulnerability in interface.php in 
Barman ...)
        NOT-FOR-US: Barman
 CVE-2006-6610 (clientcommands in Nexuiz before 2.2.1 has unknown impact and 
remote ...)
-       - nexuiz 2.2.1-1
+       - nexuiz 2.2.1-1 (high)
 CVE-2006-6609 (Nexuiz before 2.2.1 allows remote attackers to cause a denial 
of ...)
        - nexuiz 2.2.1-1
 CVE-2006-6608 (Unspecified vulnerability in SSH key based authentication in HP 
...)
@@ -2195,7 +2195,7 @@
 CVE-2006-6144 (The &quot;mechglue&quot; abstraction interface of the GSS-API 
library for ...)
        - krb5 <not-affected> (Only 1.5 onwards are vulnerable)
 CVE-2006-6143 (The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 
through ...)
-       - krb5 1.4.4-6
+       - krb5 1.4.4-6 (high)
        [sarge] - krb5 <not-affected>
 CVE-2006-6142 (Multiple cross-site scripting (XSS) vulnerabilities in 
SquirrelMail ...)
        {DSA-1241-1}
@@ -2565,7 +2565,7 @@
 CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in 
comments.asp in ...)
        NOT-FOR-US: BlogMe
 CVE-2006-5974 (fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a 
message ...)
-       - fetchmail 6.3.6-1
+       - fetchmail 6.3.6-1 (low)
 CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through 
1.0.rc14, and ...)
        - dovecot 1.0.rc15-1
        [sarge] - dovecot <not-affected> (Vulnerable code not present)
@@ -2884,10 +2884,10 @@
 CVE-2006-5825 (Cross-site scripting (XSS) vulnerability in index.php in Kayako 
...)
        NOT-FOR-US: Kayako SupportSuite
 CVE-2006-5824 (Integer overflow in the ffs_rdextattr function in FreeBSD 6.1 
allows ...)
-       - kfreebsd-5 <unfixed>
+       - kfreebsd-5 <unfixed> (low)
        [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5823 (The zlib_inflate function in Linux kernel 2.6.x allows local 
users to ...)
-       - linux-2.6 <unfixed>
+       - linux-2.6 <unfixed> (low)
 CVE-2006-5822 (Stack-based buffer overflow in the NetBackup bpcd daemon 
(bpcd.exe) in ...)
        NOT-FOR-US: Symantec Veritas NetBackup 
 CVE-2006-5821 (Heap-based buffer overflow in the IMA_SECURE_DecryptData1 
function in ...)
@@ -3208,7 +3208,7 @@
 CVE-2006-5680 (The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and 
before ...)
        - libarchive 1.3.1-1 (unimportant)
 CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 
allows ...)
-       - kfreebsd-5 <unfixed>
+       - kfreebsd-5 <unfixed> (medium)
        [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5678 (** DISPUTED ** ...)
        NOT-FOR-US: Les Visiteurs
@@ -3482,7 +3482,7 @@
 CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might 
allow ...)
        NOT-FOR-US: QK SMTP
 CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to 
cause ...)
-       - kfreebsd-5 <unfixed>
+       - kfreebsd-5 <unfixed> (low)
        [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5549 (** DISPUTED ** ...)
        NOT-FOR-US: Adobe PHP SDK
@@ -3635,10 +3635,10 @@
 CVE-2006-5484 (SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 
2.2.0 ...)
        NOT-FOR-US: SSH Tectia
 CVE-2006-5483 (p1003_1b.c in FreeBSD 6.1 allows local users to cause an 
unspecified ...)
-       - kfreebsd-5 <unfixed>
+       - kfreebsd-5 <unfixed> (low)
        [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5482 (ufs_vnops.c in FreeBSD 6.1 allows local users to cause an 
unspecified ...)
-       - kfreebsd-5 <unfixed>
+       - kfreebsd-5 <unfixed> (low)
        [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in Castor 
1.1.1 ...)
        NOT-FOR-US: Castor
@@ -5090,7 +5090,7 @@
 CVE-2006-4815
        RESERVED
 CVE-2006-4814 (The mincore function in the Linux kernel before 2.4.33.6 does 
not ...)
-       - linux-2.6 2.6.18-9
+       - linux-2.6 2.6.18-9 (low)
 CVE-2006-4813 (The __block_prepare_write function in fs/buffer.c for Linux 
kernel ...)
        {DSA-1233}
        - linux-2.6 2.6.13-1
@@ -5627,7 +5627,7 @@
        {DSA-1202-1}
        - screen 4.0.3-0.1 (bug #395225; bug #395999; medium)
 CVE-2006-4572 (ip6_tables in netfilter in the Linux kernel before 2.6.16.31 
allows ...)
-       - linux-2.6 2.6.18-9
+       - linux-2.6 2.6.18-9 (high)
 CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, 
...)
        {DSA-1210 DSA-1192-1 DSA-1191-1}
        NOTE: MFSA-2006-64
@@ -5787,7 +5787,7 @@
 CVE-2006-4517 (Novell iManager 2.5 and 2.0.2 allows remote attackers to cause 
a ...)
        NOT-FOR-US: Novell iManager
 CVE-2006-4516 (Integer signedness error in FreeBSD 6.0-RELEASE allows local 
users to ...)
-       - kfreebsd-5 <unfixed>
+       - kfreebsd-5 <unfixed> (low)
        [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-4515
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5257 - data/CVE

Reply via email to