thr3ads.net - Secure testing commits - [Secure-testing-commits] r9053

If this information is useful, please help other people find it:
Share via:
nion at alioth.debian.org
2008-Jun-12 13:36 UTC
[Secure-testing-commits] r9053 - data/CVE

Author: nion
Date: 2008-06-12 13:36:02 +0000 (Thu, 12 Jun 2008)
New Revision: 9053

Modified:
   data/CVE/list
Log:
NFUs
new linux-2.6 issue (CVE-2008-1673)
new net-snmp issue (CVE-2008-0960)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-06-12 13:12:08 UTC (rev 9052)
+++ data/CVE/list	2008-06-12 13:36:02 UTC (rev 9053)
@@ -1902,7 +1902,7 @@
 	RESERVED
 	- freetype <unfixed> (medium; bug #485841)
 CVE-2008-1805 (Incomplete blacklist vulnerability in Skype 3.6.0.248, and other
...)
-	TODO: check
+	NOT-FOR-US: Skype
 CVE-2008-1804 (preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does
not ...)
 	- snort <unfixed> (low; bug #483160)
 	[etch] - snort <not-affected> (Only 2.6 and 2.8 are affected)
@@ -2225,7 +2225,7 @@
 	RESERVED
 CVE-2008-1673 (The asn1 implementation in (a) the Linux kernel 2.4 before
2.4.36.6 ...)
 	{DSA-1592-1}
-	TODO: check
+	- linux-2.6 <unfixed> (bug #485944)
 CVE-2008-1672 (OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a
denial of ...)
 	{DTSA-136-1}
 	- openssl 0.9.8g-10.1 (bug #483379)
@@ -2418,15 +2418,15 @@
 CVE-2008-1586
 	RESERVED
 CVE-2008-1585 (Apple QuickTime before 7.5 allows remote attackers to execute
...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2008-1584 (Stack-based buffer overflow in Apple QuickTime before 7.5 allows
...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2008-1583 (Heap-based buffer overflow in Apple QuickTime before 7.5 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2008-1582 (Unspecified vulnerability in Apple QuickTime before 7.5 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2008-1581 (Heap-based buffer overflow in Apple QuickTime before 7.5 on
Windows ...)
-	TODO: check
+	NOT-FOR-US: Apple QuickTime
 CVE-2008-1580 (CFNetwork in Safari in Apple Mac OS X before 10.5.3
automatically ...)
 	NOT-FOR-US: CFNetwork Safari Apple Mac OS
 CVE-2008-1579 (Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote
...)
@@ -2724,11 +2724,11 @@
 CVE-2008-1454
 	RESERVED
 CVE-2008-1453 (The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and
Vista ...)
-	TODO: check
+	NOT-FOR-US: Windows Xp
 CVE-2008-1452
 	RESERVED
 CVE-2008-1451 (The WINS service on Microsoft Windows 2000 SP4, and Server 2003
SP1 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2008-1450
 	RESERVED
 CVE-2008-1449
@@ -2740,17 +2740,17 @@
 CVE-2008-1446
 	RESERVED
 CVE-2008-1445 (Active Directory on Microsoft Windows 2000 Server SP4, XP
Professional ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2008-1444 (Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on
...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2008-1443
 	RESERVED
 CVE-2008-1442 (Heap-based buffer overflow in the substringData method in
Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2008-1441 (Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista
Gold ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2008-1440 (Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2,
does ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows
 CVE-2008-1439
 	RESERVED
 CVE-2008-1438 (Unspecified vulnerability in Microsoft Malware Protection Engine
...)
@@ -3597,7 +3597,7 @@
 CVE-2008-1107
 	RESERVED
 CVE-2008-1106 (The management interface in Akamai Client (formerly Red Swoosh)
3322 ...)
-	TODO: check
+	NOT-FOR-US: Akamai Client
 CVE-2008-1105 (Heap-based buffer overflow in the receive_smb_raw function in
...)
 	{DSA-1590-1}
 	- samba 1:3.0.30-1 (medium; bug #483410)
@@ -3922,7 +3922,7 @@
 CVE-2008-0961 (EMV DiskXtender 6.20.060 has a hard-coded login and password,
which ...)
 	NOT-FOR-US: EMC DiskXtender
 CVE-2008-0960 (SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1,
5.3.x ...)
-	TODO: check
+	- net-snmp <unfixed> (medium; bug #485944)
 CVE-2008-0959 (Multiple stack-based buffer overflows in the Online Media
Technologies ...)
 	NOT-FOR-US: Online Media Technologies NCTSoft NCTAudioInformation2
 CVE-2008-0958 (Multiple stack-based buffer overflows in the Online Media
Technologies ...)
@@ -3930,7 +3930,7 @@
 CVE-2008-0957 (Multiple stack-based buffer overflows in the PhotoStockPlus
Uploader ...)
 	NOT-FOR-US: PhotoStockPlus Uploader Tool ActiveX control
 CVE-2008-0956 (Multiple stack-based buffer overflows in the BackWeb Lite
Install ...)
-	TODO: check
+	NOT-FOR-US: BackWeb Lite Install
 CVE-2008-0955 (Stack-based buffer overflow in the Creative Software AutoUpdate
Engine ...)
 	NOT-FOR-US: CTSUEng.ocx
 CVE-2008-0954
Secure testing commits - Jun 2008 - r9053 - data/CVE

[Secure-testing-commits] r9053 - data/CVE
