stef-guest at alioth.debian.org
2007-Aug-15 19:10 UTC
[Secure-testing-commits] r6321 - data/CVE
Author: stef-guest Date: 2007-08-15 19:10:19 +0000 (Wed, 15 Aug 2007) New Revision: 6321 Modified: data/CVE/list Log: new issues: flashplugin-nonfree, denyhosts, fail2ban NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-15 18:29:14 UTC (rev 6320) +++ data/CVE/list 2007-08-15 19:10:19 UTC (rev 6321) @@ -19,49 +19,52 @@ CVE-2007-4343 RESERVED CVE-2007-4342 (PHP remote file inclusion vulnerability in include.php in PHPCentral ...) - TODO: check + NOT-FOR-US: PHPCentral CVE-2007-4341 (PHP remote file inclusion vulnerability in adm/my_statistics.php in ...) - TODO: check + NOT-FOR-US: Omnistar Lib2 PHP CVE-2007-4340 (PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 ...) - TODO: check + NOT-FOR-US: phpDVD CVE-2007-4339 (Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll ...) - TODO: check + NOT-FOR-US: PHPCentral Poll Script CVE-2007-4338 (index.php in Ryan Haudenschilt Family Connections (FCMS) 0.6 and ...) - TODO: check + NOT-FOR-US: Family Connections CVE-2007-4337 (Buffer overflow in the httplib_parse_sc_header function in lib/http.c ...) - streamripper 1.62.2-1 (medium) CVE-2007-4336 (Buffer overflow in the Live Picture Corporation ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-4335 (Format string vulnerability in the SMTP server component in Qbik ...) - TODO: check + NOT-FOR-US: Qbik WinGate CVE-2007-4334 (Cross-site scripting (XSS) vulnerability in whois.php in Php-stats ...) - TODO: check + NOT-FOR-US: Php-stats CVE-2007-4333 (Multiple cross-site scripting (XSS) vulnerabilities in signup.php in ...) - TODO: check + NOT-FOR-US: Article Dashboard CVE-2007-4332 (SQL injection vulnerability in article.php in Article Dashboard, when ...) - TODO: check + NOT-FOR-US: Article Dashboard CVE-2007-4331 (PHP remote file inclusion vulnerability in index.php in FindNix allows ...) - TODO: check + NOT-FOR-US: FindNix CVE-2007-4330 (PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox ...) - TODO: check + NOT-FOR-US: Shoutbox CVE-2007-4329 (Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 ...) - TODO: check + NOT-FOR-US: Web News CVE-2007-4328 (Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder ...) - TODO: check + NOT-FOR-US: Bilder Galerie CVE-2007-4327 (Multiple PHP remote file inclusion vulnerabilities in File Uploader ...) - TODO: check + NOT-FOR-US: File Uploader CVE-2007-4326 (Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader ...) - TODO: check + NOT-FOR-US: Bilder Uploader CVE-2007-4325 (PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 ...) - TODO: check + NOT-FOR-US: Gaestebuch CVE-2007-4324 (ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0 allows remote ...) - TODO: check + - flashplugin-nonfree <unfixed> + [etch] - flashplugin-nonfree <no-dsa> (non-free not supported) + [sarge] - flashplugin-nonfree <no-dsa> (non-free not supported) CVE-2007-4323 (DenyHosts 2.6 does not properly parse sshd log files, which allows ...) - TODO: check + - denyhosts <unfixed> (bug #438162; medium) CVE-2007-4322 (BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) ...) - TODO: check + NOT-FOR-US: BlockHosts CVE-2007-4321 (fail2ban 0.8 and earlier does not properly parse sshd log files, which ...) - TODO: check + - fail2ban <unfixed> (medium) + NOTE: maybe fixed in 0.8.0-4, pinged maintainer (sf) CVE-2007-4320 (PHP remote file inclusion vulnerability in ...) TODO: check CVE-2007-4319 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...)