thr3ads.net - Secure testing commits - [Secure-testing-commits] r11977

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-May-26 21:14 UTC
[Secure-testing-commits] r11977 - data/CVE

Author: joeyh
Date: 2009-05-26 21:14:12 +0000 (Tue, 26 May 2009)
New Revision: 11977

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-26 15:35:38 UTC (rev 11976)
+++ data/CVE/list	2009-05-26 21:14:12 UTC (rev 11977)
@@ -1,3 +1,51 @@
+CVE-2009-1785 (Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual
Desktop ...)
+	TODO: check
+CVE-2009-1784 (The AVG parsing engine 8.5 323, as used in multiple AVG
anti-virus ...)
+	TODO: check
+CVE-2009-1783 (Multiple FRISK Software F-Prot anti-virus products, including
...)
+	TODO: check
+CVE-2009-1782 (Multiple F-Secure anti-virus products, including Anti-Virus for
...)
+	TODO: check
+CVE-2009-1781 (Static code injection vulnerability in admin.php in Frax.dk Php
...)
+	TODO: check
+CVE-2009-1780 (admin.php in Frax.dk Php Recommend 1.3 and earlier does not
require ...)
+	TODO: check
+CVE-2009-1779 (PHP remote file inclusion vulnerability in admin.php in Frax.dk
Php ...)
+	TODO: check
+CVE-2009-1778 (SQL injection vulnerability in the new user registration feature
in ...)
+	TODO: check
+CVE-2009-1777 (CRLF injection vulnerability in FormMail.pl in Matt Wright
FormMail ...)
+	TODO: check
+CVE-2009-1776 (Multiple cross-site scripting (XSS) vulnerabilities in
FormMail.pl in ...)
+	TODO: check
+CVE-2009-1775 (Multiple cross-site scripting (XSS) vulnerabilities in Ulteo
Open ...)
+	TODO: check
+CVE-2009-1774 (Directory traversal vulnerability in plugins/ddb/foot.php in
...)
+	TODO: check
+CVE-2009-1773 (activeCollab 2.1 Corporate allows remote attackers to obtain
sensitive ...)
+	TODO: check
+CVE-2009-1772 (Cross-site scripting (XSS) vulnerability in activeCollab 2.1
Corporate ...)
+	TODO: check
+CVE-2009-1771 (index.php in Flyspeck CMS 6.8 does not require administrative
...)
+	TODO: check
+CVE-2009-1770 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2009-1769 (The web interface in OCS Inventory NG 1.01 generates different
error ...)
+	TODO: check
+CVE-2009-1768 (Directory traversal vulnerability in download.php in Rama Zaiten
CMS ...)
+	TODO: check
+CVE-2009-1767 (admin/edituser.php in 2daybiz Template Monster Clone does not
require ...)
+	TODO: check
+CVE-2009-1766 (SQL injection vulnerability in index.php in LightOpenCMS 0.1
allows ...)
+	TODO: check
+CVE-2009-1765 (Multiple directory traversal vulnerabilities in pluck 4.6.2,
when ...)
+	TODO: check
+CVE-2009-1764 (SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows
...)
+	TODO: check
+CVE-2009-1763 (Unspecified vulnerability in the Solaris Secure Digital slot
driver ...)
+	TODO: check
+CVE-2009-1762 (Multiple cross-site scripting (XSS) vulnerabilities in the
WebAccess ...)
+	TODO: check
 CVE-2009-XXXX [radare-common insecure temp files handling]
 	- radare-common (low)
 	TODO: file bug
@@ -169,7 +217,7 @@
 	NOT-FOR-US: phpWebNews
 CVE-2008-6812 (SQL injection vulnerability in bukutamu.php in phpWebNews 0.2
allows ...)
 	NOT-FOR-US: phpWebNews
-CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 includes places the X authority
magic ...)
+CVE-2009-1756 (SLiM Simple Login Manager 1.3.0 places the X authority magic
cookie ...)
 	- slim <unfixed> (low; bug #529306)
 CVE-2009-1755 (Off-by-one error in the packet_read_query_section function in
packet.c ...)
 	{DSA-1803-1}
@@ -284,8 +332,8 @@
 	[lenny] - kdebase <not-affected> (vulnerability introduced in konqueror
4)
 CVE-2009-1636
 	RESERVED
-CVE-2009-1635
-	RESERVED
+CVE-2009-1635 (Cross-site scripting (XSS) vulnerability in the WebAccess login
page ...)
+	TODO: check
 CVE-2009-1634
 	RESERVED
 CVE-2009-1633 [CIFS Unicode issue]
@@ -433,7 +481,8 @@
 	NOT-FOR-US: phPhotoGallery
 CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS
before ...)
 	NOT-FOR-US: Vivvo CMS
-CVE-2008-6800 (Race condition in the winbind daemon (aka winbindd) in Samba
before ...)
+CVE-2008-6800
+	REJECTED
 	- samba 3.2.0~pre2-1 (low; bug #527894)
 CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to
bypass ...)
 	NOT-FOR-US: FlashChat
@@ -1000,8 +1049,7 @@
 	RESERVED
 CVE-2009-1382
 	RESERVED
-CVE-2009-1381 [incomplete fix for CVE-2009-1579]
-	RESERVED
+CVE-2009-1381 (The map_yp_alias function in functions/imap_general.php in ...)
 	{DSA-1802-2}
 	- squirrelmail 2:1.4.19-1
 CVE-2009-1380
Secure testing commits - May 2009 - r11977 - data/CVE

[Secure-testing-commits] r11977 - data/CVE
