thr3ads.net - Secure testing commits - [Secure-testing-commits] r9745

If this information is useful, please help other people find it:
Share via:

nion at alioth.debian.org

2008-Sep-04 11:54 UTC

[Secure-testing-commits] r9745 - data/CVE

Author: nion
Date: 2008-09-04 11:54:41 +0000 (Thu, 04 Sep 2008)
New Revision: 9745

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-389{5,6} non-issues


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-09-04 11:38:59 UTC (rev 9744)
+++ data/CVE/list	2008-09-04 11:54:41 UTC (rev 9745)
@@ -7,25 +7,27 @@
 CVE-2008-3901 (Software suspend 2 2-2.2.1, when used with the Linux kernel
2.6.16, ...)
 	TODO: check
 CVE-2008-3900 (Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot
...)
-	TODO: check
+	NOT-FOR-US: Intel firmware
 CVE-2008-3899 (TrueCrypt 5.0 stores pre-boot authentication passwords in the
BIOS ...)
-	TODO: check
+	NOT-FOR-US: TrueCrypt
 CVE-2008-3898 (Secu Star DriveCrypt Plus Pack 3.9 stores pre-boot
authentication ...)
-	TODO: check
+	NOT-FOR-US: Secu Star DriveCrypt
 CVE-2008-3897 (DiskCryptor 0.2.6 on Windows stores pre-boot authentication
passwords ...)
-	TODO: check
+	NOT-FOR-US: DiskCryptor
 CVE-2008-3896 (Grub Legacy 0.97 and earlier stores pre-boot authentication
passwords ...)
-	TODO: check
+	- grub <unfixed> (unimportant)
+	NOTE: you need to be root on linux to do this, root can easily edit menu.lst
anyway
 CVE-2008-3895 (LILO 22.6.1 and earlier stores pre-boot authentication passwords
in ...)
-	TODO: check
+	- lilo <unfixed> (unimportant)
+	NOTE: you need to be root on linux to do this, root can edit the configuration
anyway
 CVE-2008-3894 (IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication
...)
-	TODO: check
+	NOT-FOR-US: IBM Lenovo firmware
 CVE-2008-3893 (Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot
...)
-	TODO: check
+	NOT-FOR-US: Bitlocker
 CVE-2008-3892 (Buffer overflow in a certain ActiveX control in the COM API in
VMware ...)
-	TODO: check
+	NOT-FOR-US: VMware COM API
 CVE-2008-3891 (The SAML Single Sign-On (SSO) Service for Google Apps allows
remote ...)
-	TODO: check
+	NOT-FOR-US: SAML Service for Google Apps
 CVE-2008-3890
 	RESERVED
 CVE-2008-3888 (SQL injection vulnerability in members.asp in Mini-NUKE Freehost
2.3 ...)
@@ -39,7 +41,7 @@
 CVE-2008-3884 (Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN)
1.9.7 and ...)
 	NOT-FOR-US: Blogn
 CVE-2008-3883 (configvar in Caudium 1.4.12 allows local users to overwrite
arbitrary ...)
-	- caudium 1.4.12-11.1 (low; bug #496404)
+	- caudium <unfixed> (low; bug #496404)
 CVE-2008-3882 (ZoneMinder 1.23.3 and earlier allows remote attackers to execute
...)
 	- zoneminder <unfixed> (bug #497640)
 CVE-2008-3881 (Multiple cross-site scripting (XSS) vulnerabilities in
ZoneMinder ...)

Secure testing commits - Sep 2008 - r9745 - data/CVE

[Secure-testing-commits] r9745 - data/CVE