[Secure-testing-commits] r12257 - data/CVE

Joey Hess Thu, 02 Jul 2009 14:14:45 -0700

Author: joeyh
Date: 2009-07-02 21:14:20 +0000 (Thu, 02 Jul 2009)
New Revision: 12257


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-07-02 18:48:16 UTC (rev 12256)
+++ data/CVE/list       2009-07-02 21:14:20 UTC (rev 12257)
@@ -1,3 +1,77 @@
+CVE-2009-2313 (Directory traversal vulnerability in index.php in Jinzora Media 
...)
+       TODO: check
+CVE-2009-2312 (SmartFilter Web Gateway Security 4.2.1.00 stores user 
credentials in ...)
+       TODO: check
+CVE-2009-2311 (SQL injection vulnerability in the rGallery plugin 1.2.3 for 
WoltLab ...)
+       TODO: check
+CVE-2009-2310 (SQL injection vulnerability in include/get_read.php in ...)
+       TODO: check
+CVE-2009-2309 (SQL injection vulnerability in index.php in Codice CMS 2 allows 
remote ...)
+       TODO: check
+CVE-2009-2308 (Multiple SQL injection vulnerabilities in affiliates.php in the 
...)
+       TODO: check
+CVE-2009-2307 (SQL injection vulnerability in the CWGuestBook module 2.1 and 
earlier ...)
+       TODO: check
+CVE-2009-2306 (The ARD-9808 DVR card security camera stores sensitive 
information ...)
+       TODO: check
+CVE-2009-2305 (The ARD-9808 DVR card security camera allows remote attackers 
to cause ...)
+       TODO: check
+CVE-2009-2304 (index.php in Aardvark Topsites PHP 5.2.0 and earlier allows 
remote ...)
+       TODO: check
+CVE-2009-2303 (index.php in Aardvark Topsites PHP 5.2.1 and earlier allows 
remote ...)
+       TODO: check
+CVE-2009-2302 (Cross-site scripting (XSS) vulnerability in index.php in 
Aardvark ...)
+       TODO: check
+CVE-2009-2301 (The radware AppWall Web Application Firewall (WAF) 1.0.2.6, 
with ...)
+       TODO: check
+CVE-2009-2300 (The management interface in the phion airlock Web Application 
Firewall ...)
+       TODO: check
+CVE-2009-2299 (The Artofdefence Hyperguard Web Application Firewall (WAF) 
module ...)
+       TODO: check
+CVE-2009-2298 (Stack-based buffer overflow in rping in HP OpenView Network 
Node ...)
+       TODO: check
+CVE-2009-2297 (Unspecified vulnerability in the udp subsystem in the kernel in 
Sun ...)
+       TODO: check
+CVE-2009-2296 (The NFSv4 server kernel module in Sun Solaris 10, and 
OpenSolaris ...)
+       TODO: check
+CVE-2009-2295
+       RESERVED
+CVE-2009-2294
+       RESERVED
+CVE-2009-2293 (Optimum Web Design Tutorial Share 3.5.0 and earlier allows 
remote ...)
+       TODO: check
+CVE-2009-2292 (Cross-site scripting (XSS) vulnerability in Appleple a-News 
2.32 ...)
+       TODO: check
+CVE-2009-2291 (Unspecified vulnerability in LoginToboggan 6.x-1.x before 
6.x-1.5, a ...)
+       TODO: check
+CVE-2009-2290 (SQL injection vulnerability in the Boy Scout Advancement 
(com_bsadv) ...)
+       TODO: check
+CVE-2009-2289 (Cross-site scripting (XSS) vulnerability in index.php in Arcade 
Trade ...)
+       TODO: check
+CVE-2009-2287 (The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux 
kernel ...)
+       TODO: check
+CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 
3.8.2 ...)
+       TODO: check
+CVE-2009-2283 (Multiple cross-site scripting (XSS) vulnerabilities in the help 
jsp ...)
+       TODO: check
+CVE-2009-2282 (The Virtual Network Terminal Server daemon (vntsd) for Logical 
Domains ...)
+       TODO: check
+CVE-2008-6847 (Cross-site scripting (XSS) vulnerability in 
Employee/emp_login.asp in ...)
+       TODO: check
+CVE-2008-6846 (Multiple stack-based buffer overflows in avast! Linux Home 
Edition ...)
+       TODO: check
+CVE-2008-6845 (The unpack feature in ClamAV 0.93.3 and earlier allows remote 
...)
+       TODO: check
+CVE-2008-6844 (The registration view (/user/register) in eZ Publish 3.5.6 and 
...)
+       TODO: check
+CVE-2008-6843 (Directory traversal vulnerability in index.php in Fantastico, 
as used ...)
+       TODO: check
+CVE-2008-6842 (Directory traversal vulnerability in ...)
+       TODO: check
+CVE-2008-6841 (PHP remote file inclusion vulnerability in the Green Mountain 
...)
+       TODO: check
+CVE-2008-6840 (Multiple PHP remote file inclusion vulnerabilities in V-webmail 
1.6.4 ...)
+       TODO: check
 CVE-2009-XXXX [multiple drupal issues]
        - drupal6 <unfixed> (bug #535435)
        - drupal5 <unfixed> (bug #535476)
@@ -3,5 +77,5 @@
        NOTE: http://drupal.org/node/507572
        NOTE: requested CVE id
-CVE-2009-2284 [phpMyAdmin XSS PMASA-2009-5]
+CVE-2009-2284 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 
3.2.0.1 ...)
        - phpmyadmin 4:3.2.0.1-1
        TODO: need to assess severity of this issue
@@ -37,6 +111,7 @@
 CVE-2009-2266
        RESERVED
 CVE-2009-2281 [Heap-based buffer underflow in the readPostBody function in 
cgiutil.c ...]
+       RESERVED
        - mapserver <unfixed> (medium; bug #535340)
        NOTE: http://www.openwall.com/lists/oss-security/2009/06/22/2
 CVE-2009-2265
@@ -125,12 +200,12 @@
        NOT-FOR-US: OpenID module for Drupal
 CVE-2009-XXXX [udev: creates aacraid devices that are rw by group floppy]
        - udev 0.141-1 (medium; bug #530245; bug #462655; bug #404927)
-CVE-2009-2288 [command injection in nagios]
+CVE-2009-2288 (statuswml.cgi in Nagios before 3.1.1 allows remote attackers to 
...)
        - nagios3 3.0.6-5
        - nagios2 <removed>
        [etch] - nagios2 <unfixed>
        NOTE: http://secunia.com/advisories/35543
-CVE-2009-2286 [compface buffer overflow]
+CVE-2009-2286 (Buffer overflow in compface 1.5.2 and earlier allows 
user-assisted ...)
        - libcompface 1:1.5.2-5 (medium; bug #534973)
 CVE-2009-XXXX [apache2 mod_deflate DoS]
        - apache2 <unfixed> (medium; bug #534712)
@@ -2213,8 +2288,8 @@
        RESERVED
 CVE-2009-1422
        RESERVED
-CVE-2009-1421
-       RESERVED
+CVE-2009-1421 (Unspecified vulnerability in NFS / ONCplus on HP HP-UX B.11.31 
allows ...)
+       TODO: check
 CVE-2009-1420 (Unspecified vulnerability in HP OpenView Network Node Manager 
(OV NNM) ...)
        NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-1419 (Unspecified vulnerability in HP Discovery &amp; Dependency 
Mapping ...)
@@ -5130,8 +5205,8 @@
        NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
 CVE-2009-0690 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for 
Foxit ...)
        NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
-CVE-2009-0689
-       RESERVED
+CVE-2009-0689 (The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc 
in ...)
+       TODO: check
 CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before 
2.1.23 ...)
        {DSA-1807-1 DTSA-200-1 DTSA-201-1}
        - cyrus-sasl2 2.1.23.dfsg1-1 (bug #528749)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r12257 - data/CVE

Reply via email to