[Secure-testing-commits] r14287 - data/CVE

Joey Hess Wed, 17 Mar 2010 14:14:40 -0700

Author: joeyh
Date: 2010-03-17 21:14:27 +0000 (Wed, 17 Mar 2010)
New Revision: 14287


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-03-17 15:26:44 UTC (rev 14286)
+++ data/CVE/list       2010-03-17 21:14:27 UTC (rev 14287)
@@ -1,3 +1,49 @@
+CVE-2010-0985 (Directory traversal vulnerability in the Abbreviations Manager 
...)
+       TODO: check
+CVE-2010-0984 (Acidcat CMS 3.5.3 and earlier stores sensitive information 
under the ...)
+       TODO: check
+CVE-2010-0983 (PHP remote file inclusion vulnerability in include/mail.inc.php 
in ...)
+       TODO: check
+CVE-2010-0982 (Directory traversal vulnerability in the CARTwebERP 
(com_cartweberp) ...)
+       TODO: check
+CVE-2010-0981 (SQL injection vulnerability in the TPJobs (com_tpjobs) 
component for ...)
+       TODO: check
+CVE-2010-0980 (SQL injection vulnerability in player.php in Left 4 Dead (L4D) 
Stats ...)
+       TODO: check
+CVE-2010-0979 (Cross-site scripting (XSS) vulnerability in display.php in ...)
+       TODO: check
+CVE-2010-0978 (KMSoft Guestbook (aka GBook) 1.0 stores sensitive information 
under ...)
+       TODO: check
+CVE-2010-0977 (PD PORTAL 4.0 stores sensitive information under the web root 
with ...)
+       TODO: check
+CVE-2010-0976 (Acidcat CMS 3.5.x does not prevent access to install.asp after 
...)
+       TODO: check
+CVE-2010-0975 (PHP remote file inclusion vulnerability in external.php in ...)
+       TODO: check
+CVE-2010-0974 (Multiple SQL injection vulnerabilities in PHPCityPortal allow 
remote ...)
+       TODO: check
+CVE-2010-0973 (SQL injection vulnerability in index.php in phppool media 
Domain ...)
+       TODO: check
+CVE-2010-0972 (Directory traversal vulnerability in the GCalendar 
(com_gcalendar) ...)
+       TODO: check
+CVE-2010-0971 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor 
1.6.4 ...)
+       TODO: check
+CVE-2010-0970 (SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 
allows ...)
+       TODO: check
+CVE-2010-0968 (SQL injection vulnerability in bannershow.php in Geekhelps ADMP 
1.01 ...)
+       TODO: check
+CVE-2010-0967 (Multiple directory traversal vulnerabilities in Geekhelps ADMP 
1.01, ...)
+       TODO: check
+CVE-2010-0966 (PHP remote file inclusion vulnerability in inc/config.php in 
deV!L`z ...)
+       TODO: check
+CVE-2010-0965 (Jevci Siparis Formu Scripti stores sensitive information under 
the web ...)
+       TODO: check
+CVE-2010-0964 (SQL injection vulnerability in start.php in Eros Webkatalog 
allows ...)
+       TODO: check
+CVE-2010-0963 (Cross-site scripting (XSS) vulnerability in index.php in dl 
Download ...)
+       TODO: check
+CVE-2007-6733 (The nfs_lock function in fs/nfs/file.c in the Linux kernel 
2.6.9 does ...)
+       TODO: check
 CVE-2010-XXXX [ikiwiki htmlscrubber XSS via svg images]
        - ikiwiki 3.20100312 (low)
        NOTE: CVE id requested on oss-sec
@@ -43,7 +89,7 @@
        NOT-FOR-US: SkaDate Dating
 CVE-2009-4698 (Multiple SQL injection vulnerabilities in the Qas (aka Quas) 
module ...)
        NOT-FOR-US: XOOPS Celepar
-CVE-2010-0969 [unbound DoS on 64 bit platforms]
+CVE-2010-0969 (Unbound before 1.4.3 does not properly align structures on 
64-bit ...)
        - unbound 1.4.3-1
        [lenny] - unbound <not-affected> (Vulnerable code not present)
 CVE-2010-XXXX [moin: hierarchical ACLs security issue]
@@ -538,8 +584,8 @@
        NOT-FOR-US: Joomla!
 CVE-2010-0794
        RESERVED
-CVE-2010-0793
-       RESERVED
+CVE-2010-0793 (Buffer overflow in BarnOwl before 1.5.1 allows remote attackers 
to ...)
+       TODO: check
 CVE-2010-0792 (fcrontab in fcron before 3.0.5 allows local users to read 
arbitrary ...)
        - fcron <unfixed> (low; bug #572587)
        [lenny] - fcron <no-dsa> (Minor issue)
@@ -678,13 +724,13 @@
        RESERVED
 CVE-2010-0730
        RESERVED
-CVE-2010-0729
-       RESERVED
+CVE-2010-0729 (A certain Red Hat patch for the Linux kernel in Red Hat 
Enterprise ...)
+       TODO: check
 CVE-2010-0728 (smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is 
...)
        - samba 2:3.4.7~dfsg-1 (high)
        [lenny] - samba <not-affected> (Only affects 3.3.11, 3.4.6 and 3.5.0)
-CVE-2010-0727
-       RESERVED
+CVE-2010-0727 (The gfs2_lock function in the Linux kernel before ...)
+       TODO: check
 CVE-2010-0726 (Cross-site scripting (XSS) vulnerability in the tb-send.rb 
(TrackBack ...)
        {DSA-2009-1}
        - tdiary 2.2.1-1.1 (low; bug #572417)
@@ -1596,8 +1642,7 @@
        RESERVED
 CVE-2010-0398
        RESERVED
-CVE-2010-0397 [null pointer dereference in PHP's xmlrpc extension]
-       RESERVED
+CVE-2010-0397 (The xmlrpc extension in PHP 5.3.1 does not properly handle a 
missing ...)
        - php5 5.3.2-1 (medium; bug #573573)
        NOTE: sent mail to oss-sec notifying about the id
 CVE-2010-0396 (Directory traversal vulnerability in the dpkg-source component 
in dpkg ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r14287 - data/CVE

Reply via email to