[Secure-testing-commits] r15430 - data/CVE

Joey Hess Wed, 06 Oct 2010 14:14:43 -0700

Author: joeyh
Date: 2010-10-06 21:14:24 +0000 (Wed, 06 Oct 2010)
New Revision: 15430


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-10-06 09:34:48 UTC (rev 15429)
+++ data/CVE/list       2010-10-06 21:14:24 UTC (rev 15430)
@@ -1,3 +1,103 @@
+CVE-2010-3778
+       RESERVED
+CVE-2010-3777
+       RESERVED
+CVE-2010-3776
+       RESERVED
+CVE-2010-3775
+       RESERVED
+CVE-2010-3774
+       RESERVED
+CVE-2010-3773
+       RESERVED
+CVE-2010-3772
+       RESERVED
+CVE-2010-3771
+       RESERVED
+CVE-2010-3770
+       RESERVED
+CVE-2010-3769
+       RESERVED
+CVE-2010-3768
+       RESERVED
+CVE-2010-3767
+       RESERVED
+CVE-2010-3766
+       RESERVED
+CVE-2010-3765
+       RESERVED
+CVE-2010-3764
+       RESERVED
+CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in 
core/summary_api.php in ...)
+       TODO: check
+CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, 
does not ...)
+       TODO: check
+CVE-2010-3761 (Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) 
FastBack ...)
+       TODO: check
+CVE-2010-3760 (FastBackMount.exe in the Mount service in IBM Tivoli Storage 
Manager ...)
+       TODO: check
+CVE-2010-3759 (FastBackMount.exe in the Mount service in IBM Tivoli Storage 
Manager ...)
+       TODO: check
+CVE-2010-3758 (Multiple stack-based buffer overflows in FastBackServer.exe in 
the ...)
+       TODO: check
+CVE-2010-3757 (Format string vulnerability in the _Eventlog function in ...)
+       TODO: check
+CVE-2010-3756 (The _CalcHashValueWithLength function in FastBackServer.exe in 
the ...)
+       TODO: check
+CVE-2010-3755 (The _DAS_ReadBlockReply function in FastBackServer.exe in the 
Server ...)
+       TODO: check
+CVE-2010-3754 (The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in 
the ...)
+       TODO: check
+CVE-2010-3753 (programs/pluto/xauth.c in the client in Openswan 2.6.26 through 
2.6.28 ...)
+       TODO: check
+CVE-2010-3752 (programs/pluto/xauth.c in the client in Openswan 2.6.25 through 
2.6.28 ...)
+       TODO: check
+CVE-2010-3751
+       RESERVED
+CVE-2010-3750
+       RESERVED
+CVE-2010-3749
+       RESERVED
+CVE-2010-3748
+       RESERVED
+CVE-2010-3747
+       RESERVED
+CVE-2010-3746
+       RESERVED
+CVE-2010-3745
+       RESERVED
+CVE-2010-3744
+       RESERVED
+CVE-2010-3743
+       RESERVED
+CVE-2010-3742 (Multiple PHP remote file inclusion vulnerabilities in ...)
+       TODO: check
+CVE-2010-3741 (The offline backup mechanism in Research In Motion (RIM) 
BlackBerry ...)
+       TODO: check
+CVE-2010-3740 (The Net Search Extender (NSE) implementation in the Text Search 
...)
+       TODO: check
+CVE-2010-3739 (The audit facility in the Security component in IBM DB2 UDB 9.5 
before ...)
+       TODO: check
+CVE-2010-3738 (The Security component in IBM DB2 UDB 9.5 before FP6a logs 
AUDIT ...)
+       TODO: check
+CVE-2010-3737 (Memory leak in the Relational Data Services component in IBM 
DB2 UDB ...)
+       TODO: check
+CVE-2010-3736 (Memory leak in the Relational Data Services component in IBM 
DB2 UDB ...)
+       TODO: check
+CVE-2010-3735 (The &quot;Query Compiler, Rewrite, Optimizer&quot; component in 
IBM DB2 UDB 9.5 ...)
+       TODO: check
+CVE-2010-3734 (The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, 
UNIX, ...)
+       TODO: check
+CVE-2010-3733 (The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a 
uses ...)
+       TODO: check
+CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a 
allows ...)
+       TODO: check
+CVE-2010-3731 (Buffer overflow in the Administration Server component in IBM 
DB2 UDB ...)
+       TODO: check
+CVE-2010-3730 (Google Chrome before 6.0.472.62 does not properly use 
information ...)
+       TODO: check
+CVE-2010-3729 (The SPDY protocol implementation in Google Chrome before 
6.0.472.62 ...)
+       TODO: check
 CVE-2010-3728
        RESERVED
 CVE-2010-3727
@@ -1081,12 +1181,11 @@
        - linux-2.6 <unfixed>
 CVE-2010-3309
        RESERVED
-CVE-2010-3308
-       RESERVED
+CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in 
Openswan ...)
        - openswan 1:2.6.28+dfsg-2
        [lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3307
-       RESERVED
+CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in ...)
+       TODO: check
 CVE-2010-3305 [pixel CSRF]
        RESERVED
        - pixelpost <unfixed>
@@ -1094,13 +1193,11 @@
        - dovecot 1.2.13-1
        TODO: check whether this is true: [lenny] - dovecot <not-affected> 
(only affects 1.2.x)
        NOTE: http://www.dovecot.org/list/dovecot-news/2010-July/000163.html
-CVE-2010-3303 [mantis multiple XSS']
-       RESERVED
+CVE-2010-3303 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT 
before ...)
        - mantis <unfixed>
        TODO: check
        NOTE: http://www.mantisbt.org/bugs/changelog_page.php?version_id=111
-CVE-2010-3302
-       RESERVED
+CVE-2010-3302 (Buffer overflow in programs/pluto/xauth.c in the client in 
Openswan ...)
        - openswan 1:2.6.28+dfsg-2
        [lenny] - openswan <not-affected> (Introduced in version 2.6.25)
 CVE-2010-3301 (The IA32 system call emulation functionality in ...)
@@ -2838,8 +2935,8 @@
        NOT-FOR-US: BladeCenter software
 CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM 
...)
        NOT-FOR-US: BladeCenter software
-CVE-2010-2653
-       RESERVED
+CVE-2010-2653 (Race condition in the hvc_close function in 
drivers/char/hvc_console.c ...)
+       TODO: check
 CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook 
Pro ...)
        NOT-FOR-US: Online Guestbook Pro
 CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online 
Photo ...)
@@ -3152,8 +3249,8 @@
        [lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.29)
 CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq 
0.5 and ...)
        - rekonq 0.5.0-2 (bug #593300)
-CVE-2010-2535
-       RESERVED
+CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back 
End in ...)
+       TODO: check
 CVE-2010-2534 (The NetworkSyncCommandQueue function in 
network/network_command.cpp in ...)
        - openttd 1.0.3-1
        [lenny] - openttd <not-affected> (Introduced in 1.0.1)
@@ -6573,10 +6670,11 @@
 CVE-2010-1323
        RESERVED
 CVE-2010-1322 KDC uninitialized pointer crash in authorization data handling
-    - krb5 <unfixed> (bug #599237)
-    [lenny] - krb5 <not-affected> (Only affects 1.8)
-    [etch] - krb5 <not-affected> (Only affects 1.8)
-    NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txt
+       RESERVED
+       - krb5 <unfixed> (bug #599237)
+       [lenny] - krb5 <not-affected> (Only affects 1.8)
+       [etch] - krb5 <not-affected> (Only affects 1.8)
+       NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txt
 CVE-2010-1321 (The kg_accept_krb5 function in krb5/accept_sec_context.c in the 
...)
        {DSA-2052-1}
        - krb5 1.8.1+dfsg-3 (low; bug #582261)
@@ -9944,8 +10042,8 @@
        NOT-FOR-US: Wowd client
 CVE-2010-0219
        RESERVED
-CVE-2010-0218
-       RESERVED
+CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to 
restrict the ...)
+       TODO: check
 CVE-2010-0217
        RESERVED
 CVE-2010-0216


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r15430 - data/CVE

Reply via email to