nion at alioth.debian.org
2009-Jan-28 20:30 UTC
[Secure-testing-commits] r11081 - data/CVE
Author: nion Date: 2009-01-28 20:30:17 +0000 (Wed, 28 Jan 2009) New Revision: 11081 Modified: data/CVE/list Log: cveify amaya and add the issues found by core security as well Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-01-28 20:22:10 UTC (rev 11080) +++ data/CVE/list 2009-01-28 20:30:17 UTC (rev 11081) @@ -1,3 +1,7 @@ +CVE-2009-0323 [multiple buffer overflows in amaya] + TODO: report bug + - amaya <unfixed> (medium) + NOTE: http://www.coresecurity.com/content/amaya-buffer-overflows CVE-2009-0282 [Integer overflow in Ralink SSID parsing] - rt2400 1.2.2+cvs20080623-3 (bug #512999) - rt2500 1:1.1.0-b4+cvs20080623-3 (bug #513000) @@ -568,7 +572,7 @@ - xrdp 0.4.0~dfsg-9 (bug #511641) CVE-2008-5902 (Buffer overflow in the xrdp_bitmap_invalidate function in ...) - xrdp 0.4.0~dfsg-9 (bug #511641) -CVE-2009-XXXX [amaya: stack based buffer overflow] +CVE-2008-6005 [amaya: stack based buffer overflow] - amaya <unfixed> (medium; bug #507587) NOTE: different vector than described in CVE-2008-5282, see 507587#15 CVE-2009-XXXX [openslp: insecure cert validation through openssl api misuse]