Author: joeyh
Date: 2005-10-21 09:14:16 +0000 (Fri, 21 Oct 2005)
New Revision: 2523
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-10-20 21:14:18 UTC (rev 2522)
+++ data/CVE/list 2005-10-21 09:14:16 UTC (rev 2523)
@@ -1,3 +1,39 @@
+CVE-2005-3276 (The sys_get_thread_area function in process.c in Linux 2.6
before ...)
+ TODO: check
+CVE-2005-3275 (The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c
in ...)
+ TODO: check
+CVE-2005-3274 (Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13
and 2.4 ...)
+ TODO: check
+CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for ROSE in Linux 2.6
...)
+ TODO: check
+CVE-2005-3272 (Linux kernel before 2.6.12 allows remote attackers to poison the
...)
+ TODO: check
+CVE-2005-3271 (Exec in Linux kernel 2.6 does not properly clear posix-timers in
...)
+ TODO: check
+CVE-2005-3270 (Untrusted search path vulnerability in DiskMountNotify for
Symantec ...)
+ TODO: check
+CVE-2005-3269 (Unspecified "security exposure" in the HTTP
Admin interface for Sun ...)
+ TODO: check
+CVE-2005-3268 (yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as
root and ...)
+ TODO: check
+CVE-2005-3267
+ RESERVED
+CVE-2005-3266
+ RESERVED
+CVE-2005-3265
+ RESERVED
+CVE-2005-3264 (Cross-site scripting (XSS) vulnerability in thread.php for
Zeroblog ...)
+ TODO: check
+CVE-2005-3263 (Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR
2.90 ...)
+ TODO: check
+CVE-2005-3262 (Format string vulnerability in RARLAB WinRAR 2.90 through 3.50
allows ...)
+ TODO: check
+CVE-2005-3261 (getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists
the ...)
+ TODO: check
+CVE-2005-3260 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2005-3259 (Multiple SQL injection vulnerabilities in versatileBulletinBoard
(vBB) ...)
+ TODO: check
CVE-2005-XXXX [Insecure caching of user id in mantis]
- mantis <unfixed> (bug #330682; unknown)
CVE-2005-XXXX [Filter information disclosure in mantis]
@@ -2,3 +38,3 @@
- mantis <unfixed> (bug #330682; low)
-CVE-2005-3258
+CVE-2005-3258 (The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11
and ...)
- squid <unfixed> (bug #334882; medium)
@@ -152,12 +188,12 @@
RESERVED
CVE-2005-3186
RESERVED
-CVE-2005-3184
- RESERVED
+CVE-2005-3184 (Buffer overflow vulnerability in the unicode_to_bytes in the
Service ...)
+ TODO: check
CVE-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww
...)
- w3c-libwww <unfixed> (bug #334443; low)
-CVE-2005-3182
- RESERVED
+CVE-2005-3182 (Buffer overflow in the HTTP management interface for GFI
MailSecurity ...)
+ TODO: check
CVE-2005-XXXX [unsafe temporary file creation in flexbackup default config]
- flexbackup <unfixed> (bug #334350; low)
CVE-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]
@@ -318,8 +354,7 @@
RESERVED
CVE-2005-3122
RESERVED
-CVE-2005-3121 [Insecure temp file generation in module-assistant]
- RESERVED
+CVE-2005-3121 (A rule file in module-assistant before 0.9.10 causes a temporary
file ...)
{DSA-867-1}
- module-assistant 0.9.10
TODO: Check, whether this version really fixes the issue, it''s not
mentioned in the changelog
@@ -777,8 +812,7 @@
CVE-2005-2972 [Further RTF buffer overflows in abiword]
RESERVED
- abiword 2.4.1-1 (bug #333740; medium)
-CVE-2005-2971 [Heap overflow in kword''s RTF import]
- RESERVED
+CVE-2005-2971 (Heap-based buffer overflow in the KWord RTF importer for KOffice
1.2.0 ...)
- koffice 1:1.3.5-5 (bug #333497; medium)
CVE-2005-2970
RESERVED
@@ -1249,8 +1283,8 @@
RESERVED
CVE-2005-2760
RESERVED
-CVE-2005-2759
- RESERVED
+CVE-2005-2759 (** SPLIT ** The jlucaller program in LiveUpdate for Symantec
Norton ...)
+ TODO: check
CVE-2005-2758 (Integer signedness error in the administrative interface for
Symantec ...)
NOT-FOR-US: Symantec Antivirus
CVE-2005-2757
@@ -2368,8 +2402,8 @@
- netpbm 2:10.0-9 (bug #319757; low)
CVE-2005-2470 (Buffer overflow in a "core application
plug-in" for Adobe Reader 5.1 ...)
NOT-FOR-US: Adobe
-CVE-2005-2469
- RESERVED
+CVE-2005-2469 (Stack-based buffer overflow in the NMAP Agent for Novell NetMail
3.52C ...)
+ TODO: check
CVE-2005-2459 (The huft_build function in inflate.c in the zlib routines in the
Linux ...)
{DTSA-16-1}
- linux-2.6 2.6.12-3 (bug #323173)