Author: fw Date: 2007-03-24 10:15:59 +0000 (Sat, 24 Mar 2007) New Revision: 5580 Modified: data/CVE/list Log: asterisk and php5 candidates Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-03-24 10:11:37 UTC (rev 5579) +++ data/CVE/list 2007-03-24 10:15:59 UTC (rev 5580) @@ -56,8 +56,6 @@ TODO: check CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and ...) TODO: check -CVE-2007-1561 (Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers ...) - TODO: check CVE-2007-1560 (The clientProcessRequest() function in squid/src/client_side.c in ...) TODO: check CVE-2007-1559 @@ -137,9 +135,9 @@ CVE-2007-1523 (Heap-based buffer overflow in the kernel in NetBSD 3.0, certain ...) TODO: check CVE-2007-1522 (Double free vulnerability in the session extension in PHP 5.2.0 and ...) - TODO: check + - php5 <unfixed> CVE-2007-1521 (Double free vulnerability in PHP 5.2.1 and earlier allows ...) - TODO: check + - php5 <unfixed> CVE-2007-1520 (The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 does ...) TODO: check CVE-2007-1519 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...) @@ -156,7 +154,7 @@ TODO: check CVE-2003-1322 (Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR ...) TODO: check -CVE-2007-XXXX [Single-packet SIP INVITE DoS in asterisk] +CVE-2007-1561 [Single-packet SIP INVITE DoS in asterisk] - asterisk <unfixed> (bug #415466; medium) NOTE: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html CVE-2007-XXXX [Asterisk segfault on SIP response code 0]