Author: nion Date: 2008-07-28 21:50:57 +0000 (Mon, 28 Jul 2008) New Revision: 9456 Modified: data/CVE/list Log: swat NFU, it''s the game... CVE-2008-3233, CVE-2008-3259 do not affect Debian CVE-2008-3214 fixed in clamav 0.93.1.dfsg-1.1 CVE-2008-3214 fixed in dnsmasq 2.44-1 joomla itp Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-07-28 19:29:00 UTC (rev 9455) +++ data/CVE/list 2008-07-28 21:50:57 UTC (rev 9456) @@ -98,7 +98,7 @@ CVE-2008-3287 (retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows ...) NOT-FOR-US: EMC Dantz Retrospect Backup Client CVE-2008-3286 (SWAT 4 1.1 and earlier allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: SWAT 4 CVE-2008-3285 (The Filesys::SmbClientParser module 2.7 and earlier for Perl allows ...) NOT-FOR-US: Filesys::SmbClientParser CVE-2008-3284 @@ -154,7 +154,7 @@ CVE-2008-3260 (Multiple cross-site scripting (XSS) vulnerabilities in Claroline ...) NOT-FOR-US: Claroline CVE-2008-3259 (OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the ...) - TODO: check + - openssh <not-affected> (linux check that the effective userid matches or that bind addresses dont overlap on rebind) CVE-2008-3258 (Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow ...) - zoph 0.7.1-1 NOTE: http://sourceforge.net/project/shownotes.php?group_id=69353&release_id=614672 @@ -209,7 +209,7 @@ CVE-2008-3234 (sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH ...) TODO: check CVE-2008-3233 (Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN ...) - TODO: check + - wordpress <not-affected> (Code was only present in svn versions) CVE-2008-3232 (Unspecified vulnerability in dotclear before 1.2.8 has unknown impact ...) NOT-FOR-US: dotclear CVE-2008-3231 (xine allows user-assisted attackers to cause a denial of service ...) @@ -217,21 +217,21 @@ CVE-2008-3230 (The ffmpeg lavf demuxer allows user-assisted attackers to cause a ...) TODO: check CVE-2008-3228 (Joomla! before 1.5.4 does not configure .htaccess to apply certain ...) - TODO: check + - joomla <itp> (bug #326398) CVE-2008-3227 (Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact ...) - TODO: check + - joomla <itp> (bug #326398) CVE-2008-3226 (The file caching implementation in Joomla! before 1.5.4 allows ...) - TODO: check + - joomla <itp> (bug #326398) CVE-2008-3225 (Joomla! before 1.5.4 allows attackers to access administration ...) - TODO: check + - joomla <itp> (bug #326398) CVE-2008-3217 (PowerDNS Recursor before 3.1.6 does not always use the strongest ...) TODO: check CVE-2008-3215 (libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to ...) - TODO: check + - clamav 0.93.1.dfsg-1.1 (medium) CVE-2008-3214 (dnsmasq 2.25 allows remote attackers to cause a denial of service (1) ...) - TODO: check + - dnsmasq 2.44-1 (medium) CVE-2008-3213 (SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS ...) - TODO: check + NOT-FOR-US: WebCMS CVE-2008-3212 (Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting ...) NOT-FOR-US: Scripteen Free Image Hosting CVE-2008-3211 (Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote ...)