thr3ads.net - Secure testing commits - [Secure-testing-commits] r10427

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2008-Nov-19 21:14 UTC
[Secure-testing-commits] r10427 - data/CVE

Author: joeyh
Date: 2008-11-19 21:14:21 +0000 (Wed, 19 Nov 2008)
New Revision: 10427

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-11-19 19:45:45 UTC (rev 10426)
+++ data/CVE/list	2008-11-19 21:14:21 UTC (rev 10427)
@@ -1,3 +1,59 @@
+CVE-2008-5160 (Unspecified vulnerability in MyServer 0.8.11 allows remote
attackers ...)
+	TODO: check
+CVE-2008-5159 (Integer overflow in the remote administration protocol
processing in ...)
+	TODO: check
+CVE-2008-5158 (Client Software WinCom LPD Total 3.0.2.623 and earlier allows
remote ...)
+	TODO: check
+CVE-2008-5157 (tau 2.16.4 allows local users to overwrite arbitrary files via a
...)
+	TODO: check
+CVE-2008-5156 (si_mkbootserver in systemimager-server 3.6.3 allows local users
to ...)
+	TODO: check
+CVE-2008-5155 (mail2sms.sh in smsclient 2.0.8z allows local users to overwrite
...)
+	TODO: check
+CVE-2008-5154 (bluetooth.rc in p3nfs 5.19 allows local users to overwrite
arbitrary ...)
+	TODO: check
+CVE-2008-5153 (spell-check-logic.cgi in Moodle 1.8.2 allows local users to
overwrite ...)
+	TODO: check
+CVE-2008-5152 (inmail-show in mh-book 200605 allows local users to overwrite
...)
+	TODO: check
+CVE-2008-5151 (test_parser.py in mayavi 1.5 allows local users to overwrite
arbitrary ...)
+	TODO: check
+CVE-2008-5150 (sample.sh in maildirsync 1.1 allows local users to append data
to ...)
+	TODO: check
+CVE-2008-5149 (fwd_check.sh in libncbi6 6.1.20080302 allows local users to
overwrite ...)
+	TODO: check
+CVE-2008-5148 (sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to
overwrite ...)
+	TODO: check
+CVE-2008-5147 (test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local
users to ...)
+	TODO: check
+CVE-2008-5146 (add-accession-numbers in ctn 3.0.6 allows local users to
overwrite ...)
+	TODO: check
+CVE-2008-5145 (ltpmenu in ltp 20060918 allows local users to overwrite
arbitrary ...)
+	TODO: check
+CVE-2008-5144 (nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows
local ...)
+	TODO: check
+CVE-2008-5143 (mgt-helper in multi-gnome-terminal 1.6.2 allows local users to
...)
+	TODO: check
+CVE-2008-5142 (sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows
local ...)
+	TODO: check
+CVE-2008-5141 (flamethrower in flamethrower 0.1.8 allows local users to
overwrite ...)
+	TODO: check
+CVE-2008-5140 (trend-autoupdate.new in mailscanner 4.55.10 allows local users
to ...)
+	TODO: check
+CVE-2008-5139 (updatejail in jailer 0.4 allows local users to overwrite
arbitrary ...)
+	TODO: check
+CVE-2008-5138 (passwdehd in libpam-mount 0.43 allows local users to overwrite
...)
+	TODO: check
+CVE-2008-5137 (tkman in tkman 2.2 allows local users to overwrite arbitrary
files via ...)
+	TODO: check
+CVE-2008-5136 (tkusr in tkusr 0.82 allows local users to overwrite arbitrary
files ...)
+	TODO: check
+CVE-2008-5135 (** DISPUTED ** ...)
+	TODO: check
+CVE-2008-5134 (Buffer overflow in the lbs_process_bss function in ...)
+	TODO: check
+CVE-2008-5133 (ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before
snv_96, ...)
+	TODO: check
 CVE-2008-XXXX [cupsd crashes when more than 100 rss subscriptions are added]
 	- cups <unfixed> (bug #506180)
 CVE-2008-XXXX [no-ip DUC remote code execution]
@@ -216,9 +272,10 @@
 	NOTE: definitely fixed in 2.5.2-11.1 for lenny/unstable (svn-updates.dpatch)
 	NOTE: maybe fixed earlier, doko is not able to tell the exact version atm
 CVE-2008-5030 (Heap-based buffer overflow in the cddb_read_disc_data function
in ...)
+	{DSA-1665-1}
 	- libcdaudio 0.99.12p2-7 (bug #505478)
 CVE-2008-5024 (Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,
...)
- 	- iceweasel <unfixed>
+	- iceweasel <unfixed>
 	- xulrunner <unfixed>
 	- icedove <unfixed>
 	- iceape <unfixed>
@@ -227,7 +284,7 @@
 	- xulrunner <unfixed>
 	- iceape <unfixed>
 CVE-2008-5022 (The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x
...)
- 	- iceweasel <unfixed>
+	- iceweasel <unfixed>
 	- xulrunner <unfixed>
 	- icedove <unfixed>
 	- iceape <unfixed>
@@ -3528,7 +3585,7 @@
 	- drupal6 6.4-2 (low; bug #501058)
 	NOTE: drupal upstreams advise the users to set session.cookie_secure in the
php configuration
 	NOTE: to fix this has been documented in README.Debian
-CVE-2008-3660 (PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6, when used as a
...)
+CVE-2008-3660 (PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a
FastCGI ...)
 	{DSA-1647-1}
 	- php5 5.2.6-4 (medium)
 	- php4 <removed>
Secure testing commits - Nov 2008 - r10427 - data/CVE

[Secure-testing-commits] r10427 - data/CVE
