Author: stef-guest Date: 2006-07-19 18:47:52 +0000 (Wed, 19 Jul 2006) New Revision: 4414 Modified: data/CVE/list Log: - CVE-2006-2450: critical vnc auth hole affects also libvncserver - CVE-2004-1294: tnftp fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-07-18 12:04:50 UTC (rev 4413) +++ data/CVE/list 2006-07-19 18:47:52 UTC (rev 4414) @@ -2638,7 +2638,7 @@ - linux-2.6 2.6.17-3 (high) - linux-2.6.16 2.6.16-17 (high) CVE-2006-2450 (auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass ...) - TODO: check + - libvncserver 0.8.2-1 (high; bug #376824) CVE-2006-2449 (KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users ...) - kdebase 4:3.5.2-2 (bug #374002; medium) CVE-2006-2448 (Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, ...) @@ -24562,7 +24562,7 @@ CVE-2004-1295 (The slip_down function in slip.c for the uml_net program in ...) - uml-utilities <not-affected> (uml_net is only executable by users in group uml-net) CVE-2004-1294 (The mget function in cmds.c for tnftp 20030825 allows remote FTP ...) - - tnftp <unfixed> (bug #285902; medium) + - tnftp 20050625-0.1 (bug #285902; medium) CVE-2004-1293 (Buffer overflow in the ReadFontTbl function in reader.c for ...) NOT-FOR-US: rtf2latex2e CVE-2004-1292 (Buffer overflow in the parse_emelody function in parse_emelody.c for ...)