stef-guest at alioth.debian.org
2007-Aug-31 21:57 UTC
[Secure-testing-commits] r6458 - data/CVE
Author: stef-guest Date: 2007-08-31 21:57:29 +0000 (Fri, 31 Aug 2007) New Revision: 6458 Modified: data/CVE/list Log: new teamspeak-server issues NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-31 21:14:07 UTC (rev 6457) +++ data/CVE/list 2007-08-31 21:57:29 UTC (rev 6458) @@ -26,17 +26,17 @@ CVE-2007-4619 RESERVED CVE-2007-4618 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-4617 (Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-4616 (The SSL server implementation in BEA WebLogic Server 7.0 Gold through ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-4615 (The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-4614 (BEA WebLogic Server 9.1 does not properly handle propagation of an ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-4613 (SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold ...) - TODO: check + NOT-FOR-US: BEA WebLogic CVE-2007-4612 (CRLF injection vulnerability in contact.php in Moonware (aka Dale ...) TODO: check CVE-2007-4611 (SQL injection vulnerability in viewevent.php in Moonware (aka Dale ...) @@ -44,11 +44,11 @@ CVE-2007-4610 (Unrestricted file upload vulnerability in config/upload.php in ...) TODO: check CVE-2007-4609 (eyeOS uses predictable checksum values in the checknum parameter for ...) - TODO: check + NOT-FOR-US: eyeOS CVE-2007-4608 (PHP remote file inclusion vulnerability in protection.php in ...) TODO: check CVE-2007-4607 (Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll ...) - TODO: check + NOT-FOR-US: EasyMailSMTPObj ActiveX control CVE-2007-4606 (PHP remote file inclusion vulnerability in convert/mvcw_conver.php in ...) TODO: check CVE-2007-4605 (PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual ...) @@ -64,7 +64,7 @@ CVE-2007-4599 RESERVED CVE-2007-4598 (IBM SurePOS 500 has (1) a default password of "12345" for the manager ...) - TODO: check + NOT-FOR-US: IBM CVE-2007-4597 (SQL injection vulnerability in index.php in TurnkeyWebTools SunShop ...) TODO: check CVE-2007-4596 (The perl extension in PHP does not follow safe_mode restrictions, ...) @@ -74,11 +74,11 @@ CVE-2007-4594 (Entrust Entelligence Security Provider (ESP) 8 does not properly ...) TODO: check CVE-2007-4593 (Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 ...) - TODO: check + NOT-FOR-US: VMWare Workstation CVE-2007-4592 RESERVED CVE-2007-4591 (vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a ...) - TODO: check + NOT-FOR-US: VMWare Workstation CVE-2007-4590 (The get_system_info command in Ignite-UX C.7.0 through C.7.3, and ...) TODO: check CVE-2007-4589 (Multiple cross-site scripting (XSS) vulnerabilities in InterWorx ...) @@ -211,8 +211,12 @@ CVE-2007-4531 (Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and ...) NOT-FOR-US: Soldat game server CVE-2007-4530 (Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak ...) + - teamspeak-server <unfixed> + NOTE: likely fixed in 2.0.23.19-1 TODO: check CVE-2007-4529 (The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote ...) + - teamspeak-server <unfixed> + NOTE: likely fixed in 2.0.23.19-1 TODO: check CVE-2007-4528 (The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not ...) NOT-FOR-US: ffi extension for php @@ -236,31 +240,22 @@ NOTE: the backend will be enabled in future uploads with a fixed package. CVE-2007-4520 RESERVED - TODO: check CVE-2007-4519 RESERVED - TODO: check CVE-2007-4518 RESERVED - TODO: check CVE-2007-4517 RESERVED - TODO: check CVE-2007-4516 RESERVED - TODO: check CVE-2007-4515 RESERVED - TODO: check CVE-2007-4514 RESERVED - TODO: check CVE-2007-4513 RESERVED - TODO: check CVE-2007-4512 RESERVED - TODO: check CVE-2007-4511 (The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply ...) NOT-FOR-US: Sun Application Server CVE-2007-4510 (ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and ...)