Author: enerv-guest
Date: 2007-01-12 21:58:04 +0100 (Fri, 12 Jan 2007)
New Revision: 5257
Modified:
data/CVE/list
Log:
Changed severity in CVEs
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-01-12 20:14:11 UTC (rev 5256)
+++ data/CVE/list 2007-01-12 20:58:04 UTC (rev 5257)
@@ -1117,7 +1117,7 @@
CVE-2006-6611 (PHP remote file inclusion vulnerability in interface.php in
Barman ...)
NOT-FOR-US: Barman
CVE-2006-6610 (clientcommands in Nexuiz before 2.2.1 has unknown impact and
remote ...)
- - nexuiz 2.2.1-1
+ - nexuiz 2.2.1-1 (high)
CVE-2006-6609 (Nexuiz before 2.2.1 allows remote attackers to cause a denial of
...)
- nexuiz 2.2.1-1
CVE-2006-6608 (Unspecified vulnerability in SSH key based authentication in HP
...)
@@ -2195,7 +2195,7 @@
CVE-2006-6144 (The "mechglue" abstraction interface of the
GSS-API library for ...)
- krb5 <not-affected> (Only 1.5 onwards are vulnerable)
CVE-2006-6143 (The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through
...)
- - krb5 1.4.4-6
+ - krb5 1.4.4-6 (high)
[sarge] - krb5 <not-affected>
CVE-2006-6142 (Multiple cross-site scripting (XSS) vulnerabilities in
SquirrelMail ...)
{DSA-1241-1}
@@ -2565,7 +2565,7 @@
CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in
comments.asp in ...)
NOT-FOR-US: BlogMe
CVE-2006-5974 (fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a
message ...)
- - fetchmail 6.3.6-1
+ - fetchmail 6.3.6-1 (low)
CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through
1.0.rc14, and ...)
- dovecot 1.0.rc15-1
[sarge] - dovecot <not-affected> (Vulnerable code not present)
@@ -2884,10 +2884,10 @@
CVE-2006-5825 (Cross-site scripting (XSS) vulnerability in index.php in Kayako
...)
NOT-FOR-US: Kayako SupportSuite
CVE-2006-5824 (Integer overflow in the ffs_rdextattr function in FreeBSD 6.1
allows ...)
- - kfreebsd-5 <unfixed>
+ - kfreebsd-5 <unfixed> (low)
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
CVE-2006-5823 (The zlib_inflate function in Linux kernel 2.6.x allows local
users to ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 <unfixed> (low)
CVE-2006-5822 (Stack-based buffer overflow in the NetBackup bpcd daemon
(bpcd.exe) in ...)
NOT-FOR-US: Symantec Veritas NetBackup
CVE-2006-5821 (Heap-based buffer overflow in the IMA_SECURE_DecryptData1
function in ...)
@@ -3208,7 +3208,7 @@
CVE-2006-5680 (The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and
before ...)
- libarchive 1.3.1-1 (unimportant)
CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1
allows ...)
- - kfreebsd-5 <unfixed>
+ - kfreebsd-5 <unfixed> (medium)
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
CVE-2006-5678 (** DISPUTED ** ...)
NOT-FOR-US: Les Visiteurs
@@ -3482,7 +3482,7 @@
CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might
allow ...)
NOT-FOR-US: QK SMTP
CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to
cause ...)
- - kfreebsd-5 <unfixed>
+ - kfreebsd-5 <unfixed> (low)
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
CVE-2006-5549 (** DISPUTED ** ...)
NOT-FOR-US: Adobe PHP SDK
@@ -3635,10 +3635,10 @@
CVE-2006-5484 (SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager
2.2.0 ...)
NOT-FOR-US: SSH Tectia
CVE-2006-5483 (p1003_1b.c in FreeBSD 6.1 allows local users to cause an
unspecified ...)
- - kfreebsd-5 <unfixed>
+ - kfreebsd-5 <unfixed> (low)
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
CVE-2006-5482 (ufs_vnops.c in FreeBSD 6.1 allows local users to cause an
unspecified ...)
- - kfreebsd-5 <unfixed>
+ - kfreebsd-5 <unfixed> (low)
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in Castor
1.1.1 ...)
NOT-FOR-US: Castor
@@ -5090,7 +5090,7 @@
CVE-2006-4815
RESERVED
CVE-2006-4814 (The mincore function in the Linux kernel before 2.4.33.6 does
not ...)
- - linux-2.6 2.6.18-9
+ - linux-2.6 2.6.18-9 (low)
CVE-2006-4813 (The __block_prepare_write function in fs/buffer.c for Linux
kernel ...)
{DSA-1233}
- linux-2.6 2.6.13-1
@@ -5627,7 +5627,7 @@
{DSA-1202-1}
- screen 4.0.3-0.1 (bug #395225; bug #395999; medium)
CVE-2006-4572 (ip6_tables in netfilter in the Linux kernel before 2.6.16.31
allows ...)
- - linux-2.6 2.6.18-9
+ - linux-2.6 2.6.18-9 (high)
CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7,
...)
{DSA-1210 DSA-1192-1 DSA-1191-1}
NOTE: MFSA-2006-64
@@ -5787,7 +5787,7 @@
CVE-2006-4517 (Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a
...)
NOT-FOR-US: Novell iManager
CVE-2006-4516 (Integer signedness error in FreeBSD 6.0-RELEASE allows local
users to ...)
- - kfreebsd-5 <unfixed>
+ - kfreebsd-5 <unfixed> (low)
[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
CVE-2006-4515
RESERVED