atomo64-guest at alioth.debian.org
2008-Dec-11 02:42 UTC
[Secure-testing-commits] r10672 - data/CVE
Author: atomo64-guest
Date: 2008-12-11 02:42:37 +0000 (Thu, 11 Dec 2008)
New Revision: 10672
Modified:
data/CVE/list
Log:
NFUs, shadow issue CVEified, twiki issue already reported
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-12-10 21:14:14 UTC (rev 10671)
+++ data/CVE/list 2008-12-11 02:42:37 UTC (rev 10672)
@@ -1,9 +1,9 @@
CVE-2008-5420 (The SAN Manager Master Agent service (aka msragent.exe) in EMC
Control ...)
- TODO: check
+ NOT-FOR-US: SAN Manager Master Agent
CVE-2008-5419 (Stack-based buffer overflow in SAN Manager Master Agent service
(aka ...)
- TODO: check
+ NOT-FOR-US: SAN Manager Master Agent
CVE-2008-5418 (Directory traversal vulnerability in login.php in the PunPortal
module ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2008-5417 (HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha
platform uses ...)
TODO: check
CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000
8.00.2050, ...)
@@ -50,8 +50,6 @@
TODO: check
CVE-2008-5395 (The parisc_show_stack function in arch/parisc/kernel/traps.c in
the ...)
TODO: check
-CVE-2008-5394 (/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably
other ...)
- TODO: check
CVE-2008-5393 (UPR-Kernel in Ubuntu Privacy Remix (UPR) before 8.04_r1 includes
...)
TODO: check
CVE-2008-5392
@@ -250,7 +248,7 @@
CVE-2008-5305 (Eval injection vulnerability in TWiki before 4.2.4 allows remote
...)
TODO: check
CVE-2008-5304 (Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4
allows ...)
- TODO: check
+ - twiki <unfixed> (bug #508256)
CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
{DSA-1678-1}
- perl 5.10.0-18
@@ -498,7 +496,7 @@
NOT-FOR-US: eSHOP100
CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a
denial ...)
- wireshark <unfixed> (low; bug #506741)
-CVE-2008-XXXX [race condition in shadow could lead to gaining ownership or
changing mode of arbitrary files]
+CVE-2008-5394 [race condition in shadow could lead to gaining ownership or
changing mode of arbitrary files]
- shadow 1:4.1.1-6 (bug #505271)
CVE-2008-XXXX [verlihub remote command execution and the possibility of attack
with the help of symlinks]
- verlihub <unfixed> (low; bug #506530)