Author: nion Date: 2008-10-02 13:59:22 +0000 (Thu, 02 Oct 2008) New Revision: 9954 Modified: data/CVE/list Log: CVE-2008-4302 fixed in linux-2.6 2.6.22-4 CVE-2008-4210 fixed in linux-2.6 2.6.22-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-10-02 13:46:23 UTC (rev 9953) +++ data/CVE/list 2008-10-02 13:59:22 UTC (rev 9954) @@ -149,7 +149,7 @@ CVE-2008-4303 RESERVED CVE-2008-4302 (fs/splice.c in the splice subsystem in the Linux kernel before ...) - TODO: check + - linux-2.6 2.6.22-4 (low) CVE-2008-4301 (A certain ActiveX control in iisext.dll in Microsoft Internet ...) NOT-FOR-US: Microsoft CVE-2008-4300 (A certain ActiveX control in adsiis.dll in Microsoft Internet ...) @@ -330,7 +330,9 @@ CVE-2008-4211 RESERVED CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly strip ...) - TODO: check + - linux-2.6 2.6.22-1 + NOTE: easily exploitable but of limited use as the attacker already needs access to a + NOTE: directory that is setgid to the group he wants to get privileges for CVE-2008-4209 RESERVED CVE-2008-4208 (Unspecified vulnerability in OSADS Alliance Database before 2.1 has ...)