thr3ads.net - Secure testing commits - [Secure-testing-commits] r11994

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-May-29 21:14 UTC
[Secure-testing-commits] r11994 - data/CVE

Author: joeyh
Date: 2009-05-29 21:14:11 +0000 (Fri, 29 May 2009)
New Revision: 11994

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-05-29 19:20:57 UTC (rev 11993)
+++ data/CVE/list	2009-05-29 21:14:11 UTC (rev 11994)
@@ -1,3 +1,29 @@
+CVE-2009-1808 (Microsoft Windows XP SP3 allows local users to cause a denial of
...)
+	TODO: check
+CVE-2009-1807 (Unspecified vulnerability in Config.dll in Baofeng products
3.09.04.17 ...)
+	TODO: check
+CVE-2009-1806 (Unspecified vulnerability in IBM Hardware Management Console
(HMC) 7 ...)
+	TODO: check
+CVE-2009-1805
+	RESERVED
+CVE-2009-1804 (Multiple SQL injection vulnerabilities in admin/index.php in
...)
+	TODO: check
+CVE-2009-1803 (FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x
versions, ...)
+	TODO: check
+CVE-2009-1802 (Multiple cross-site request forgery (CSRF) vulnerabilities in
FreePBX ...)
+	TODO: check
+CVE-2009-1801 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX
2.5.1, ...)
+	TODO: check
+CVE-2009-1800 (Stack-based buffer overflow in the Chinagames CGAgent ActiveX
control ...)
+	TODO: check
+CVE-2009-1799 (Multiple SQL injection vulnerabilities in the getGalleryImage
function ...)
+	TODO: check
+CVE-2008-6816 (Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows
...)
+	TODO: check
+CVE-2008-6815 (mykdownload.php in MyKtools 2.4 does not require administrative
...)
+	TODO: check
+CVE-2008-6814 (Unrestricted file upload vulnerability in image_upload.php in
the ...)
+	TODO: check
 CVE-2009-XXXX [cacti: xss vulnerability]
 	- cacti 0.8.7b-1 (low; bug #530919)
 	NOTE: cve id requested, but seems to be in limbo; see bug report for
discussion
@@ -364,8 +390,7 @@
 	NOT-FOR-US: Novell GroupWise
 CVE-2009-1634 (The WebAccess component in Novell GroupWise 7.x before 7.03 HP3
and ...)
 	NOT-FOR-US: Novell GroupWise
-CVE-2009-1633 [CIFS Unicode issue]
-	RESERVED
+CVE-2009-1633 (Multiple buffer overflows in the cifs subsystem in the Linux
kernel ...)
 	- linux-2.6 <unfixed>
 	- linux-2.6.24 <removed>
 CVE-2009-1632 (Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote
...)
@@ -1071,8 +1096,8 @@
 	RESERVED
 CVE-2009-1385
 	RESERVED
-CVE-2009-1384
-	RESERVED
+CVE-2009-1384 (pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise
Linux ...)
+	TODO: check
 CVE-2009-1383
 	RESERVED
 CVE-2009-1382
@@ -1977,8 +2002,7 @@
 	RESERVED
 CVE-2009-1196
 	RESERVED
-CVE-2009-1195 [apache2: Apache HTTP Server AllowOverride Options Security
Bypass]
-	RESERVED
+CVE-2009-1195 (The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not
...)
 	- apache2 <unfixed> (low; bug #530834)
 CVE-2009-1194 (Integer overflow in the pango_glyph_string_set_size function in
...)
 	{DSA-1798-1}
Secure testing commits - May 2009 - r11994 - data/CVE

[Secure-testing-commits] r11994 - data/CVE
