joeyh at alioth.debian.org
2007-Aug-30 21:14 UTC
[Secure-testing-commits] r6447 - data/CVE
Author: joeyh
Date: 2007-08-30 21:14:07 +0000 (Thu, 30 Aug 2007)
New Revision: 6447
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-08-30 16:11:14 UTC (rev 6446)
+++ data/CVE/list 2007-08-30 21:14:07 UTC (rev 6447)
@@ -1063,6 +1063,7 @@
CVE-2007-4092 (Directory traversal vulnerability in index.php in iFoto 1.0.1
and ...)
NOT-FOR-US: iFoto
CVE-2007-4091 (Multiple off-by-one errors in the sender.c in rsync 2.6.9 might
allow ...)
+ {DSA-1360-1}
- rsync 2.6.9-5 (bug #438125; medium)
CVE-2007-4090 (Multiple cross-site scripting (XSS) vulnerabilities in
Vikingboard ...)
NOT-FOR-US: Vikingboard
@@ -1362,14 +1363,18 @@
CVE-2007-3951 (Multiple buffer overflows in Norman Antivirus 5.90 allow remote
...)
NOT-FOR-US: Norman Antivirus
CVE-2007-3950 (lighttpd 1.4.15, when run on 32 bit platforms, allows remote
attackers ...)
+ {DSA-1362-1}
- lighttpd 1.4.16-1 (bug #434888)
CVE-2007-3949 (mod_access.c in lighttpd 1.4.15 ignores trailing / (slash)
characters ...)
+ {DSA-1362-1}
- lighttpd 1.4.16-1 (bug #434888)
CVE-2007-3948 (connections.c in lighttpd before 1.4.16 might accept more
connections ...)
- lighttpd 1.4.16-1 (bug #434888)
CVE-2007-3947 (request.c in lighttpd 1.4.15 allows remote attackers to cause a
denial ...)
+ {DSA-1362-1}
- lighttpd 1.4.16-1 (bug #434888)
CVE-2007-3946 (mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote
...)
+ {DSA-1362-1}
- lighttpd 1.4.16-1 (bug #434888)
CVE-2007-3945 (Rule Set Based Access Control (RSBAC) before 1.3.5 does not
properly ...)
NOT-FOR-US: Rule Set Based Access Control (RSBAC)
@@ -1714,6 +1719,7 @@
CVE-2007-3792 (Multiple PHP remote file inclusion vulnerabilities in AzDG
Dating Gold ...)
NOT-FOR-US: AzDG Dating Gold
CVE-2007-3791 (Buffer overflow in the w_read function in sockets.c in Cami
Sardinha ...)
+ {DSA-1361-1}
- postfix-policyd 1.80-2.2 (bug #435735)
CVE-2007-3790 (The com_print_typeinfo function in the bz2 extension in PHP
5.2.3 ...)
- php5 <not-affected> (com_print_typeinfo is a windows only func)
@@ -5414,6 +5420,7 @@
CVE-2007-2232 (The CHECK command in Cosign 2.0.1 and earlier allows remote
attackers ...)
NOT-FOR-US: CoSign
CVE-2007-2231 (Directory traversal vulnerability in index/mbox/mbox-storage.c
in ...)
+ {DSA-1359-1}
- dovecot 1.0.rc29-1
[sarge] - dovecot <not-affected> (Vulnerable code not present)
CVE-2007-2230 (SQL injection vulnerability in CA Clever Path Portal allows
remote ...)