Author: joeyh
Date: 2011-12-20 21:14:19 +0000 (Tue, 20 Dec 2011)
New Revision: 17837
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-20 20:23:33 UTC (rev 17836)
+++ data/CVE/list 2011-12-20 21:14:19 UTC (rev 17837)
@@ -1,3 +1,87 @@
+CVE-2011-4869 (validator/val_nsec3.c in Unbound before 1.4.13p2 does not
properly ...)
+ TODO: check
+CVE-2011-4868
+ RESERVED
+CVE-2011-4867
+ RESERVED
+CVE-2011-4866
+ RESERVED
+CVE-2011-4865
+ RESERVED
+CVE-2011-4864
+ RESERVED
+CVE-2011-4863
+ RESERVED
+CVE-2011-4862
+ RESERVED
+CVE-2011-4861 (The modbus_125_handler function in the Schneider Electric
Quantum ...)
+ TODO: check
+CVE-2011-4860 (The ComputePassword function in the Schneider Electric Quantum
...)
+ TODO: check
+CVE-2011-4859 (The Schneider Electric Quantum Ethernet Module, as used in the
Quantum ...)
+ TODO: check
+CVE-2011-4858
+ RESERVED
+CVE-2011-4857 (Heap-based buffer overflow in the in_mod.dll plugin in Winamp
before ...)
+ TODO: check
+CVE-2010-5080
+ RESERVED
+CVE-2010-5079
+ RESERVED
+CVE-2010-5078
+ RESERVED
+CVE-2010-5077
+ RESERVED
+CVE-2010-5076
+ RESERVED
+CVE-2009-5108
+ RESERVED
+CVE-2009-5107
+ RESERVED
+CVE-2009-5106
+ RESERVED
+CVE-2009-5105
+ RESERVED
+CVE-2009-5104
+ RESERVED
+CVE-2008-7308
+ RESERVED
+CVE-2008-7307
+ RESERVED
+CVE-2008-7306
+ RESERVED
+CVE-2008-7305
+ RESERVED
+CVE-2008-7304
+ RESERVED
+CVE-2007-6749
+ RESERVED
+CVE-2007-6748
+ RESERVED
+CVE-2007-6747
+ RESERVED
+CVE-2007-6746
+ RESERVED
+CVE-2007-6745
+ RESERVED
+CVE-2006-7251
+ RESERVED
+CVE-2006-7250
+ RESERVED
+CVE-2006-7249
+ RESERVED
+CVE-2006-7248
+ RESERVED
+CVE-2006-7247
+ RESERVED
+CVE-2005-4894
+ RESERVED
+CVE-2005-4893
+ RESERVED
+CVE-2005-4892
+ RESERVED
+CVE-2005-4891
+ RESERVED
CVE-2011-4856 (The Control Panel in Parallels Plesk Panel
10.4.4_build20111103.18 ...)
NOT-FOR-US: Plesk
CVE-2011-4855 (The Control Panel in Parallels Plesk Panel
10.4.4_build20111103.18 ...)
@@ -566,8 +650,8 @@
NOT-FOR-US: Plesk
CVE-2011-4724
RESERVED
-CVE-2011-4723
- RESERVED
+CVE-2011-4723 (The D-Link DIR-300 router stores cleartext passwords, which
allows ...)
+ TODO: check
CVE-2011-4722
RESERVED
CVE-2011-4721
@@ -578,8 +662,8 @@
TODO: check
CVE-2011-4718
RESERVED
-CVE-2011-4717
- RESERVED
+CVE-2011-4717 (Directory traversal vulnerability in zFTPServer Suite 6.0.0.52
allows ...)
+ TODO: check
CVE-2011-4716 (Directory traversal vulnerability in file in DreamBox DM800
1.6rc3, ...)
NOT-FOR-US: DreamBox
CVE-2011-4715 (Directory traversal vulnerability in cgi-bin/koha/mainpage.pl
in Koha ...)
@@ -964,10 +1048,10 @@
- linux-2.6 <unfixed>
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2011-4603
- RESERVED
-CVE-2011-4602
- RESERVED
+CVE-2011-4603 (The silc_channel_message function in ops.c in the SILC protocol
plugin ...)
+ TODO: check
+CVE-2011-4602 (The XMPP protocol plugin in libpurple in Pidgin before 2.10.1
does not ...)
+ TODO: check
CVE-2011-4601
RESERVED
CVE-2011-4600
@@ -1150,8 +1234,7 @@
RESERVED
CVE-2011-4529
RESERVED
-CVE-2011-4528 [multiple CNAME records crash Unbound]
- RESERVED
+CVE-2011-4528 (Unbound before 1.4.13p2 attempts to free unallocated memory
during ...)
- unbound <unfixed> (medium)
CVE-2011-4527
RESERVED
@@ -1550,8 +1633,7 @@
RESERVED
CVE-2011-4370
RESERVED
-CVE-2011-4369
- RESERVED
+CVE-2011-4369 (Unspecified vulnerability in the PRC component in Adobe Reader
and ...)
NOT-FOR-US: Adobe Acrobat Reader
CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development
...)
TODO: check
@@ -2309,8 +2391,8 @@
RESERVED
CVE-2011-4142
RESERVED
-CVE-2011-4141
- RESERVED
+CVE-2011-4141 (Untrusted search path vulnerability in EMC RSA SecurID Software
Token ...)
+ TODO: check
CVE-2011-4140 (The CSRF protection mechanism in Django through 1.2.7 and 1.3.x
...)
{DSA-2332-1}
- python-django 1.3.1-1 (bug #641405)
@@ -3328,8 +3410,8 @@
RESERVED
CVE-2011-3835
RESERVED
-CVE-2011-3834
- RESERVED
+CVE-2011-3834 (Multiple integer overflows in the in_avi.dll plugin in Winamp
before ...)
+ TODO: check
CVE-2011-3833
RESERVED
CVE-2011-3832
@@ -4708,8 +4790,8 @@
NOTE: this is technically a kernel bug. however this has been
workarounded specifically
NOTE: for vsftpd by adding a kernel check before using this feature,
see DSA-2304-1
NOTE: for details
-CVE-2011-3339
- RESERVED
+CVE-2011-3339 (Cross-site scripting (XSS) vulnerability in the Admin Control
Center ...)
+ TODO: check
CVE-2011-3338
RESERVED
CVE-2011-3337
@@ -8025,6 +8107,7 @@
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
[squeeze] - linux-2.6 2.6.32-36
CVE-2005-4890 [login: tty hijacking possible in "su" via TIOCSTI ioctl]
+ RESERVED
- shadow <unfixed> (bug #628843)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008
CVE-2011-2331 (Integer overflow in img.exe in HP Intelligent Management Center
(IMC) ...)
@@ -45878,7 +45961,7 @@
RESERVED
CVE-2008-4845
RESERVED
-CVE-2008-4844 (Use-after-free vulnerability in mshtml.dll in Microsoft
Internet ...)
+CVE-2008-4844 (Use-after-free vulnerability in the ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2008-4843
RESERVED
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
