atomo64-guest at alioth.debian.org
2008-Nov-11 01:53 UTC
[Secure-testing-commits] r10359 - data/CVE
Author: atomo64-guest Date: 2008-11-11 01:53:46 +0000 (Tue, 11 Nov 2008) New Revision: 10359 Modified: data/CVE/list Log: processed some TODO: check items and add the new trac issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-10 21:14:14 UTC (rev 10358) +++ data/CVE/list 2008-11-11 01:53:46 UTC (rev 10359) @@ -1,7 +1,7 @@ +CVE-2008-XXXX [Trac Multiple Vulnerabilities] + - trac <unfixed> (bug #505197) CVE-2008-5008 (Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or ...) TODO: check -CVE-2008-5007 (create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to ...) - TODO: check CVE-2008-5006 (smtp.c in the c-client library in University of Washington IMAP ...) TODO: check CVE-2008-5005 (Multiple stack-based buffer overflows in (1) University of Washington ...) @@ -18,18 +18,10 @@ TODO: check CVE-2008-4999 (Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to ...) TODO: check -CVE-2008-4998 (** DISPUTED ** ...) - TODO: check CVE-2008-4997 (** DISPUTED ** ...) - TODO: check + - datafreedom-perl <unfixed> (unimportant; bug #496429) CVE-2008-4996 (** DISPUTED ** ...) - TODO: check -CVE-2008-4995 (redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary ...) - TODO: check -CVE-2008-4994 (The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local ...) - TODO: check -CVE-2008-4993 (qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary ...) - TODO: check + - initramfs-tools <unfixed> (unimportant; bug #496386) CVE-2008-4992 (The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and ...) TODO: check CVE-2008-XXXX [ClamAV get_unicode_name() off-by-one buffer overflow] @@ -1332,7 +1324,7 @@ CVE-2008-4474 (freeradius-dialupadmin in freeradius 2.0.4 allows local users to ...) - freeradius 2.0.4+dfsg-6 (low; bug #496389) [etch] - freeradius <no-dsa> (Minor issue) -CVE-2008-XXXX [bk2site: insecure temp file] +CVE-2008-4995 [bk2site: insecure temp file] - bk2site <unfixed> (unimportant; bug #496430) NOTE: Only debug code, script needs to be edited to exploit this CVE-2008-4983 (scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a ...) @@ -2938,11 +2930,11 @@ CVE-2008-4972 (mailgo in mgt 2.31 allows local users to overwrite arbitrary files via ...) - mgt 2.31-6 (low; bug #496434) [etch] - mgt <no-dsa> (Minor issue) -CVE-2008-XXXX [twiki: insecure temp file] +CVE-2008-4998 [twiki: insecure temp file] - twiki 1:4.1.2-4 (low; bug #494648) CVE-2008-4971 (mafft-homologs in mafft 6.240 allows local users to overwrite ...) - mafft 6.240-2 (low; bug #496366) -CVE-2008-XXXX [xen-3: insecure temp file] +CVE-2008-4993 [xen-3: insecure temp file] - xen-3 <unfixed> (low; bug #496367) [etch] - xen-3 <no-dsa> (Minor issue) CVE-2008-4936 (faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary ...) @@ -2976,7 +2968,7 @@ - dtc 0.29.10-1 (low; bug #496362) CVE-2008-XXXX [liguidsoap: insecure temp file] - liguidsoap <unfixed> (low; bug #496360) -CVE-2008-XXXX [xmcd: insecure temp file] +CVE-2008-4994 [xmcd: insecure temp file] - xmcd 2.6-21 (low; bug #496416) [etch] - xmcd <no-dsa> (Minor issue) CVE-2008-4988 (pscal in xcal 4.1 allows local users to overwrite arbitrary files via ...) @@ -3005,7 +2997,7 @@ CVE-2008-4985 (vdrleaktest in vdr 1.6.0 allows local users to overwrite arbitrary ...) - vdr 1.6.0-6 (low; bug #496421) [etch] - vdr <not-affected> (Vulnerable code not present) -CVE-2008-XXXX [lazarus: insecure temp file] +CVE-2008-5007 [lazarus: insecure temp file] - lazarus 0.9.24-0-11 (unimportant; bug #496377) NOTE: vulnerable script only called when updating the source NOTE: thus neither actively used nor invoked automatically