stef-guest at alioth.debian.org
2007-Aug-15 19:24 UTC
[Secure-testing-commits] r6322 - data/CVE
Author: stef-guest Date: 2007-08-15 19:24:17 +0000 (Wed, 15 Aug 2007) New Revision: 6322 Modified: data/CVE/list Log: new issues: linux, phpmyadmin CVEified: serendipity NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-15 19:10:19 UTC (rev 6321) +++ data/CVE/list 2007-08-15 19:24:17 UTC (rev 6322) @@ -66,45 +66,45 @@ - fail2ban <unfixed> (medium) NOTE: maybe fixed in 0.8.0-4, pinged maintainer (sf) CVE-2007-4320 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Ncaster CVE-2007-4319 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...) - TODO: check + NOT-FOR-US: Zyxel CVE-2007-4318 (Cross-site scripting (XSS) vulnerability in Forms/General_1 in the ...) - TODO: check + NOT-FOR-US: Zyxel CVE-2007-4317 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...) - TODO: check + NOT-FOR-US: Zyxel CVE-2007-4316 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...) - TODO: check + NOT-FOR-US: Zyxel CVE-2007-4315 (The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows ...) - TODO: check + NOT-FOR-US: ATI CVE-2007-4314 (pixlie.php in Pixlie 1.7 allows remote attackers to trigger the ...) - TODO: check + NOT-FOR-US: Pixlie CVE-2007-4313 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Php Blue Dragon CMS CVE-2007-4312 (SQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 ...) - TODO: check + NOT-FOR-US: Php Blue Dragon CMS CVE-2007-4311 (The xfer_secondary_pool function in drivers/char/random.c in the Linux ...) - TODO: check + - kernel-source-2.4.27 <unfixed> CVE-2007-4310 (The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows ...) - TODO: check + NOT-FOR-US: Solaris CVE-2007-4309 (IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote ...) - TODO: check + NOT-FOR-US: IBM Lotus Notes CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI ...) - TODO: check + - linux-2.6 CVE-2007-4307 (Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 ...) - TODO: check + NOT-FOR-US: Storesprite CVE-2007-4306 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...) - TODO: check + - phpmyadmin <unfixed> CVE-2007-4305 (Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail ...) - TODO: check + NOT-FOR-US: NetBSD and OpenBSD CVE-2007-4304 (CerbNG for FreeBSD 4.8 does not properly implement VM protection when ...) - TODO: check + NOT-FOR-US: CerbNG for FreeBSD CVE-2007-4303 (Multiple race conditions in (1) certain rules and (2) argument copying ...) - TODO: check + NOT-FOR-US: CerbNG for FreeBSD CVE-2007-4302 (Multiple race conditions in certain system call wrappers in Generic ...) - TODO: check + NOT-FOR-US: Generic Software Wrappers Toolkit CVE-2007-4301 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...) - TODO: check + NOT-FOR-US: WebCart CVE-2007-4300 RESERVED CVE-2007-4299 @@ -112,37 +112,38 @@ CVE-2007-4298 RESERVED CVE-2007-4297 (Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp ...) - TODO: check + NOT-FOR-US: Modulu CVE-2007-4296 (Unspecified vulnerability in assp.pl in Anti-Spam SMTP Proxy Server ...) - TODO: check + NOT-FOR-US: Anti-Spam SMTP Proxy Server CVE-2007-4295 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4294 (Unspecified vulnerability in Cisco Unified Communications Manager ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4293 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4292 (Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4291 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4290 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Guestbook Script CVE-2007-4289 (Sun Java System Portal Server 7.0 does not properly process XSLT ...) - TODO: check + NOT-FOR-US: Sun Java System Portal Server CVE-2007-4288 (Microsoft Windows Media Player 11 (wmplayer.exe) allows user-assisted ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2007-4287 (PHP remote file inclusion vulnerability in fc_functions/fc_example.php ...) - TODO: check + NOT-FOR-US: FishCart CVE-2007-4286 (Buffer overflow in the Next Hop Resolution Protocol (NHRP) ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4285 (Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4284 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...) - TODO: check + NOT-FOR-US: Cisco CVE-2007-4283 (PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in ...) - TODO: check + NOT-FOR-US: Coppermine Photo Gallery (CPG) CVE-2007-4282 (The "Extended properties for entries" (entryproperties) plugin in ...) - TODO: check + - serendipity 1.1.4-1 + [etch] - serendipity <not-affected> (introduced in 1.1.x) CVE-2007-4281 (Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source ...) TODO: check CVE-2007-4279 (PHP remote file inclusion vulnerability in config.php in ...) @@ -178,9 +179,6 @@ TODO: check CVE-2007-4264 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) TODO: check -CVE-2007-XXXX [serendipity issue in Extended properties for entries plugin] - - serendipity 1.1.4-1 - [etch] - serendipity <not-affected> (introduced in 1.1.x) CVE-2007-4280 (The Skinny channel driver (chan_skinny) in Asterisk Open Source before ...) - asterisk 1:1.4.10~dfsg-1 NOTE: http://ftp.digium.com/pub/asa/ASA-2007-019.html