thr3ads.net - Secure testing commits - [Secure-testing-commits] r7361

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2007-Nov-20 21:14 UTC
[Secure-testing-commits] r7361 - data/CVE

Author: joeyh
Date: 2007-11-20 21:14:09 +0000 (Tue, 20 Nov 2007)
New Revision: 7361

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-11-20 17:39:47 UTC (rev 7360)
+++ data/CVE/list	2007-11-20 21:14:09 UTC (rev 7361)
@@ -1,4 +1,62 @@
-CVE-2007-6035 [sql injection in cacti]
+CVE-2007-6038 (PHP remote file inclusion vulnerability in xajax_functions.php
in the ...)
+	TODO: check
+CVE-2007-6037 (Cross-site scripting (XSS) vulnerability in
ws/generic_api_call.pl in ...)
+	TODO: check
+CVE-2007-6036 (The parseRTSPRequestString function in LIVE555 Media Server
2007.11.01 ...)
+	TODO: check
+CVE-2007-6034 (ngIRCd before 0.10.3 allows remote attackers to cause a denial
of ...)
+	TODO: check
+CVE-2007-6033 (Invensys Wonderware InTouch 8.0 creates a NetDDE share with
insecure ...)
+	TODO: check
+CVE-2007-6032 (SQL injection vulnerability in calendar/page.asp in Aleris Web
...)
+	TODO: check
+CVE-2007-6031 (Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote
...)
+	TODO: check
+CVE-2007-6030 (Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has
...)
+	TODO: check
+CVE-2007-6029 (Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows
remote ...)
+	TODO: check
+CVE-2007-6028 (Multiple stack-based buffer overflows in the
VSFlexGrid.VSFlexGridL ...)
+	TODO: check
+CVE-2007-6027 (PHP remote file inclusion vulnerability in admin.jjgallery.php
in the ...)
+	TODO: check
+CVE-2007-6026 (Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0
(aka ...)
+	TODO: check
+CVE-2007-6025 (Stack-based buffer overflow in driver_wext.c in wpa_supplicant
0.6.0 ...)
+	TODO: check
+CVE-2007-6024
+	RESERVED
+CVE-2007-6023
+	RESERVED
+CVE-2007-6022
+	RESERVED
+CVE-2007-6021
+	RESERVED
+CVE-2007-6020
+	RESERVED
+CVE-2007-6019
+	RESERVED
+CVE-2007-6018
+	RESERVED
+CVE-2007-6017
+	RESERVED
+CVE-2007-6016
+	RESERVED
+CVE-2007-6015
+	RESERVED
+CVE-2007-6014
+	RESERVED
+CVE-2007-6013 (Wordpress 1.5 to 2.3.1 uses cookie values based on the MD5 hash
of a ...)
+	TODO: check
+CVE-2007-6012 (SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0
allows ...)
+	TODO: check
+CVE-2004-2757 (Cross-site scripting (XSS) vulnerability in the failed login
page in ...)
+	TODO: check
+CVE-2004-2756 (Cross-site scripting (XSS) vulnerability in viewtopic.php in
Xoops ...)
+	TODO: check
+CVE-2002-2426 (Cross-site request forgery (CSRF) vulnerability in Citrix
Presentation ...)
+	TODO: check
+CVE-2007-6035 (SQL injection vulnerability in Cacti before 0.8.7a allows remote
...)
 	- cacti 0.8.7a-1 (medium; bug #452085)
 CVE-2007-6011 (Unspecified vulnerability in main.php of BugHotel Reservation
System ...)
 	NOT-FOR-US: BugHotel
@@ -1099,7 +1157,7 @@
 CVE-2007-5671
 	RESERVED
 CVE-2007-5670
-	RESERVED
+	REJECTED
 CVE-2007-5669
 	RESERVED
 CVE-2007-5668
@@ -1797,8 +1855,8 @@
 	- linux-2.6 <unfixed> (high)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in
2.6.21)
 	NOTE:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=96a2d41a3e495734b63bff4e5dd0112741b93b38
-CVE-2007-5500
-	RESERVED
+CVE-2007-5500 (The wait_task_stopped function in the Linux kernel before
2.6.23.8 ...)
+	TODO: check
 CVE-2007-5499
 	RESERVED
 CVE-2007-5498
@@ -2043,8 +2101,7 @@
 	RESERVED
 CVE-2007-5399
 	RESERVED
-CVE-2007-5398 [remote code execution in samba when running nmbd as WINS server]
-	RESERVED
+CVE-2007-5398 (Stack-based buffer overflow in the reply_netbios_packet function
in ...)
 	- samba 3.0.27-1 (high)
 CVE-2007-5397
 	RESERVED
@@ -4234,8 +4291,7 @@
 CVE-2007-4573 (The IA32 system call emulation functionality in Linux kernel
2.4.x and ...)
 	{DSA-1381-2 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.22-5 (medium)
-CVE-2007-4572 [buffer overflow in nmbd when processing GETDC logon server
requests]
-	RESERVED
+CVE-2007-4572 (Stack-based buffer overflow in nmbd in Samba 3.0.0 through
3.0.26a, ...)
 	- samba 3.0.27-1 (high; bug #451385)
 CVE-2007-4571 (The snd_mem_proc_read function in sound/core/memalloc.c in the
...)
 	- linux-2.6 2.6.22-5 (low; bug #444571)
@@ -35885,7 +35941,7 @@
 CVE-2005-3239 (The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1
allows ...)
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (bug #333566; medium)
-CVE-2005-3181 (The audit system in Linux kernel before 2.6.13.4, when ...)
+CVE-2005-3181 (The audit system in Linux kernel 2.6.6, and other versions
before ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental1 (low)
 	- kernel-source-2.4.27 <not-affected> (2.4 kernels don''t have
CONFIG_AUDITSYSCALL)
Secure testing commits - Nov 2007 - r7361 - data/CVE

[Secure-testing-commits] r7361 - data/CVE
