joeyh at alioth.debian.org
2007-Jul-27 09:14 UTC
[Secure-testing-commits] r6185 - data/CVE
Author: joeyh
Date: 2007-07-27 09:14:07 +0000 (Fri, 27 Jul 2007)
New Revision: 6185
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-07-26 22:50:31 UTC (rev 6184)
+++ data/CVE/list 2007-07-27 09:14:07 UTC (rev 6185)
@@ -1,3 +1,25 @@
+CVE-2007-4029 (libvorbis 1.1.2, and possibly other versions before 1.2.0,
allows ...)
+ TODO: check
+CVE-2007-4028 (Absolute path traversal vulnerability in index.php in Webspell
4.01.02 ...)
+ TODO: check
+CVE-2007-4027 (Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might
allow ...)
+ TODO: check
+CVE-2007-4026 (epesi framework before 0.8.6 does not properly verify file
extensions, ...)
+ TODO: check
+CVE-2007-4025 (Unspecified vulnerability in Sun Java System (SJS) Application
Server ...)
+ TODO: check
+CVE-2007-4024 (Cross-site scripting (XSS) vulnerability in
W1L3D4_aramasonuc.asp in ...)
+ TODO: check
+CVE-2007-4023 (Cross-site scripting (XSS) vulnerability in the login CGI
program in ...)
+ TODO: check
+CVE-2007-4022 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2007-4021 (Multiple cross-site scripting (XSS) vulnerabilities in login.php
in ...)
+ TODO: check
+CVE-2007-4020 (Multiple cross-site scripting (XSS) vulnerabilities in login.php
in ...)
+ TODO: check
+CVE-2007-4019
+ RESERVED
CVE-2007-5645
REJECTED
TODO: check
@@ -29,10 +51,10 @@
TODO: check
CVE-2007-4005 (Stack-based buffer overflow in Mike Dubman Windows RSH daemon
(rshd) ...)
TODO: check
-CVE-2007-4004
- RESERVED
-CVE-2007-4003
- RESERVED
+CVE-2007-4004 (Buffer overflow in the ftp client in IBM AIX 5.3 SP6 allows
local ...)
+ TODO: check
+CVE-2007-4003 (pioout in IBM AIX 5.3 SP6 allows local users to execute
arbitrary code ...)
+ TODO: check
CVE-2007-4002
RESERVED
CVE-2007-4001
@@ -412,7 +434,7 @@
TODO: check
CVE-2007-3817 (Cross-site scripting (XSS) vulnerability in the LoginToboggan
module ...)
TODO: check
-CVE-2007-3816 (JWIG might allow context-dependent attackers to cause a denial
of ...)
+CVE-2007-3816 (** DISPUTED ** ...)
TODO: check
CVE-2007-3815 (Buffer overflow in pirs32.exe in Poslovni informator Republike
...)
TODO: check
@@ -946,8 +968,8 @@
TODO: check
CVE-2007-3567 (MySQLDumper 1.21b through 1.23 REV227 uses a "Limit
GET" statement in ...)
TODO: check
-CVE-2007-3566
- RESERVED
+CVE-2007-3566 (Stack-based buffer overflow in the database service
(ibserver.exe) in ...)
+ TODO: check
CVE-2007-3565
RESERVED
CVE-2007-3564 (libcurl 7.14.0 through 7.16.3, when built with GnuTLS support,
does ...)
@@ -1528,8 +1550,8 @@
NOT-FOR-US: PHPEcho CMS
CVE-2007-3334 (Multiple heap-based buffer overflows in the (1) Communications
Server ...)
NOT-FOR-US: Ingres
-CVE-2007-3333
- RESERVED
+CVE-2007-3333 (Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 allows
...)
+ TODO: check
CVE-2007-3332 (Directory traversal vulnerability in Satellite.php in Satel Lite
for ...)
NOT-FOR-US: Satel Lite for PhpNuke
CVE-2007-3331 (Cross-site request forgery (CSRF) vulnerability in STphp
EasyNews PRO ...)
@@ -2066,8 +2088,8 @@
RESERVED
CVE-2007-3107 (The signal handling in the Linux kernel 2.6.2 and later, when
run on ...)
- linux-2.6 <unfixed>
-CVE-2007-3106
- RESERVED
+CVE-2007-3106 (libvorbis 1.1.2, and possibly other versions before 1.2.0,
allows ...)
+ TODO: check
CVE-2007-3105
RESERVED
CVE-2007-3104 (The sysfs_readdir function in the Linux kernel in Red Hat
Enterprise ...)
@@ -2465,6 +2487,7 @@
CVE-2007-2927
RESERVED
CVE-2007-2926 (ISC BIND 9 through 9.5.0a5 uses a weak random number generator
during ...)
+ {DSA-1341-2}
- bind9 1:9.4.1-P1-1
CVE-2007-2925 (The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1,
and ...)
- bind9 1:9.4.1-P1-1 (medium)