joeyh at alioth.debian.org
2008-Oct-14 21:14 UTC
[Secure-testing-commits] r10087 - data/CVE
Author: joeyh
Date: 2008-10-14 21:14:23 +0000 (Tue, 14 Oct 2008)
New Revision: 10087
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-10-14 18:05:24 UTC (rev 10086)
+++ data/CVE/list 2008-10-14 21:14:23 UTC (rev 10087)
@@ -1,3 +1,17 @@
+CVE-2008-4545 (Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and
7.x ...)
+ TODO: check
+CVE-2008-4544 (Unspecified vulnerability in an unspecified Microsoft API, as
used by ...)
+ TODO: check
+CVE-2008-4543 (Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and
7.x ...)
+ TODO: check
+CVE-2008-4542 (Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x
before ...)
+ TODO: check
+CVE-2008-4541 (Heap-based buffer overflow in the FTP subsystem in Sun Java
System Web ...)
+ TODO: check
+CVE-2008-4540 (Windows Mobile 6 on the HTC Hermes device makes WLAN passwords
...)
+ TODO: check
+CVE-2008-4539
+ RESERVED
CVE-2008-4538
RESERVED
CVE-2008-4537 (Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6
and ...)
@@ -196,6 +210,7 @@
CVE-2008-4438 (Cross-site scripting (XSS) vulnerability in search.php in
Datafeed ...)
NOT-FOR-US: Datafeed Studio
CVE-2008-4437 (Directory traversal vulnerability in importxml.pl in Bugzilla
before ...)
+ {DTSA-170-1}
- bugzilla 3.0.5.0-1 (low; bug #502019)
CVE-2008-4436 (SQL injection vulnerability in bblog_plugins/builtin.help.php in
bBlog ...)
NOT-FOR-US: bBlog
@@ -249,8 +264,8 @@
RESERVED
CVE-2008-4412
RESERVED
-CVE-2008-4411
- RESERVED
+CVE-2008-4411 (Cross-site scripting (XSS) vulnerability in HP System Management
...)
+ TODO: check
CVE-2008-4410 (The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in
the ...)
- linux-2.6 2.6.26-8
- linux-2.6.24 <not-affected> (Vulnerable code not present)
@@ -1729,7 +1744,7 @@
RESERVED
CVE-2008-3815
RESERVED
-CVE-2008-3814 (Unspecified vulnerability in Cisco Unity 4.x before 4.0ES161,
5.x ...)
+CVE-2008-3814 (Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161,
5.x ...)
NOT-FOR-US: Cisco
CVE-2008-3813 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the
L2TP ...)
NOT-FOR-US: Cisco IOS
@@ -2464,10 +2479,10 @@
NOT-FOR-US: Sun Solaris 10 and OpenSolaris
CVE-2008-3548 (Unspecified vulnerability in the Sun Netra T5220 Server with
firmware ...)
NOT-FOR-US: Sun Netra T5220 Server
-CVE-2008-3545
- RESERVED
-CVE-2008-3544
- RESERVED
+CVE-2008-3545 (Unspecified vulnerability in ovtopmd in HP OpenView Network Node
...)
+ TODO: check
+CVE-2008-3544 (Multiple stack-based buffer overflows in ovalarmsrv in HP
OpenView ...)
+ TODO: check
CVE-2008-3543 (Unspecified vulnerability in NFS / ONCplus B.11.31_04 and
earlier on ...)
NOT-FOR-US: HP-UX
CVE-2008-3542 (Unspecified vulnerability in HP Insight Diagnostics before
7.9.1.2402 ...)
@@ -2508,6 +2523,7 @@
- kfreebsd-6 6.3-7
- kfreebsd-7 7.0-5
CVE-2008-3529 (Heap-based buffer overflow in the xmlParseAttValueComplex
function in ...)
+ {DSA-1654-1}
- libxml2 2.6.32.dfsg-4 (bug #498768)
CVE-2008-3528 (The error-reporting functionality in (1) fs/ext2/dir.c, (2) ...)
TODO: check
@@ -3074,8 +3090,8 @@
- linux-2.6.24 2.6.24-6~etchnhalf.5
- linux-2.6 2.6.26-2
NOTE: 82e68f7ffec3800425f2391c8c86277606860442
-CVE-2008-3271
- RESERVED
+CVE-2008-3271 (Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote
attackers ...)
+ TODO: check
CVE-2008-3270 (yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not
verify ...)
NOT-FOR-US: Red Hat
CVE-2008-3269 (WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and
Full ...)