joeyh at alioth.debian.org
2009-Feb-16 21:14 UTC
[Secure-testing-commits] r11228 - data/CVE
Author: joeyh
Date: 2009-02-16 21:14:11 +0000 (Mon, 16 Feb 2009)
New Revision: 11228
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-02-16 07:36:42 UTC (rev 11227)
+++ data/CVE/list 2009-02-16 21:14:11 UTC (rev 11228)
@@ -1,3 +1,199 @@
+CVE-2009-0591
+ RESERVED
+CVE-2009-0590
+ RESERVED
+CVE-2009-0589
+ RESERVED
+CVE-2009-0588
+ RESERVED
+CVE-2009-0587
+ RESERVED
+CVE-2009-0586
+ RESERVED
+CVE-2009-0585
+ RESERVED
+CVE-2009-0584
+ RESERVED
+CVE-2009-0583
+ RESERVED
+CVE-2009-0582
+ RESERVED
+CVE-2009-0581
+ RESERVED
+CVE-2009-0580
+ RESERVED
+CVE-2009-0579
+ RESERVED
+CVE-2009-0578
+ RESERVED
+CVE-2009-0577
+ RESERVED
+CVE-2009-0576 (Unspecified vulnerability in Sun Java System Directory Server
5.2 p6 ...)
+ TODO: check
+CVE-2009-0575 (Cross-site scripting (XSS) vulnerability in the ...)
+ TODO: check
+CVE-2009-0574 (SQL injection vulnerability in index.php in Easy CafeEngine
allows ...)
+ TODO: check
+CVE-2009-0573 (Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb
6.0 ...)
+ TODO: check
+CVE-2009-0572 (PHP remote file inclusion vulnerability in include/flatnux.php
in ...)
+ TODO: check
+CVE-2009-0571 (admin.php in Ninja Designs Mailist 3.0 stores backup copies of
...)
+ TODO: check
+CVE-2009-0570 (Directory traversal vulnerability in send.php in Ninja Designs
Mailist ...)
+ TODO: check
+CVE-2009-0569 (Buffer overflow in Becky! Internet Mail 2.48.02 and earlier
allows ...)
+ TODO: check
+CVE-2009-0568
+ RESERVED
+CVE-2009-0567
+ RESERVED
+CVE-2009-0566
+ RESERVED
+CVE-2009-0565
+ RESERVED
+CVE-2009-0564
+ RESERVED
+CVE-2009-0563
+ RESERVED
+CVE-2009-0562
+ RESERVED
+CVE-2009-0561
+ RESERVED
+CVE-2009-0560
+ RESERVED
+CVE-2009-0559
+ RESERVED
+CVE-2009-0558
+ RESERVED
+CVE-2009-0557
+ RESERVED
+CVE-2009-0556
+ RESERVED
+CVE-2009-0555
+ RESERVED
+CVE-2009-0554
+ RESERVED
+CVE-2009-0553
+ RESERVED
+CVE-2009-0552
+ RESERVED
+CVE-2009-0551
+ RESERVED
+CVE-2009-0550
+ RESERVED
+CVE-2009-0549
+ RESERVED
+CVE-2009-0548 (Cross-site scripting (XSS) vulnerability in the Additional
Report ...)
+ TODO: check
+CVE-2009-0547 (Evolution 2.22.3.1 checks S/MIME signatures against a copy of
the ...)
+ TODO: check
+CVE-2009-0546 (Stack-based buffer overflow in NewsGator FeedDemon 2.7 and
earlier ...)
+ TODO: check
+CVE-2009-0545 (cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows
remote ...)
+ TODO: check
+CVE-2009-0544 (Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote
...)
+ TODO: check
+CVE-2009-0543 (ProFTPD Server 1.3.1, with NLS support enabled, allows remote
...)
+ TODO: check
+CVE-2009-0542 (SQL injection vulnerability in ProFTPD Server 1.3.1 through
1.3.2rc2 ...)
+ TODO: check
+CVE-2009-0541
+ RESERVED
+CVE-2009-0540
+ RESERVED
+CVE-2009-0539
+ RESERVED
+CVE-2009-0538
+ RESERVED
+CVE-2009-0537
+ RESERVED
+CVE-2009-0536 (at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and
6.1.0 ...)
+ TODO: check
+CVE-2009-0535 (Directory traversal vulnerability in export.php in Thyme 1.3 and
...)
+ TODO: check
+CVE-2009-0534 (SQL injection vulnerability in FlexCMS allows remote attackers
to ...)
+ TODO: check
+CVE-2009-0533 (Cross-site scripting (XSS) vulnerability in password.php in
Scripts ...)
+ TODO: check
+CVE-2009-0532 (Cross-site scripting (XSS) vulnerability in password.php in
Scripts ...)
+ TODO: check
+CVE-2009-0531 (SQL injection vulnerability in gallery/view.asp in A Better ...)
+ TODO: check
+CVE-2009-0530 (Multiple PHP remote file inclusion vulnerabilities in
SnippetMaster ...)
+ TODO: check
+CVE-2009-0529 (Cross-site scripting (XSS) vulnerability in index.php in
SnippetMaster ...)
+ TODO: check
+CVE-2009-0528 (SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07
and ...)
+ TODO: check
+CVE-2009-0527 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2009-0526 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+ TODO: check
+CVE-2009-0525 (Cross-site scripting (XSS) vulnerability in the
sajax_get_common_js ...)
+ TODO: check
+CVE-2008-6141 (Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and
6.01.85 ...)
+ TODO: check
+CVE-2008-6140 (Unspecified vulnerability in the Session Initiation Protocol
(SIP) ...)
+ TODO: check
+CVE-2008-6139 (Directory traversal vulnerability in faqsupport/wce.download.php
in ...)
+ TODO: check
+CVE-2008-6138 (PHP remote file inclusion vulnerability in adminhead.php in ...)
+ TODO: check
+CVE-2008-6137 (EveryBlog 5.x and 6.x, a module for Drupal, allows remote
attackers to ...)
+ TODO: check
+CVE-2008-6136 (Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for
...)
+ TODO: check
+CVE-2008-6135 (Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and
6.x, a ...)
+ TODO: check
+CVE-2008-6134 (SQL injection vulnerability in EveryBlog 5.x and 6.x, a module
for ...)
+ TODO: check
+CVE-2008-6133 (SQL injection vulnerability in arsaprint.php in Full PHP Emlak
Script ...)
+ TODO: check
+CVE-2008-6132 (Eval injection vulnerability in reserve.php in phpScheduleIt
1.2.10 ...)
+ TODO: check
+CVE-2008-6131 (Session fixation vulnerability in moziloWiki 1.0.1 and earlier
allows ...)
+ TODO: check
+CVE-2008-6130 (Cross-site scripting (XSS) vulnerability in index.php in
moziloWiki ...)
+ TODO: check
+CVE-2008-6129 (Directory traversal vulnerability in print.php in moziloWiki
1.0.1 and ...)
+ TODO: check
+CVE-2008-6128 (Session fixation vulnerability in moziloCMS 1.10.2 and earlier
allows ...)
+ TODO: check
+CVE-2008-6127 (Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS
...)
+ TODO: check
+CVE-2008-6126 (Multiple directory traversal vulnerabilities in moziloCMS 1.10.2
and ...)
+ TODO: check
+CVE-2008-6125 (Unspecified vulnerability in the user editing interface in
Moodle ...)
+ TODO: check
+CVE-2008-6124 (SQL injection vulnerability in the
hotpot_delete_selected_attempts ...)
+ TODO: check
+CVE-2008-6123 (The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in
net-snmp ...)
+ TODO: check
+CVE-2008-6122 (The web management interface in Netgear WGR614v9 allows remote
...)
+ TODO: check
+CVE-2008-6121 (CRLF injection vulnerability in SocialEngine (SE) 2.7 and
earlier ...)
+ TODO: check
+CVE-2008-6120 (SQL injection vulnerability in profile_comments.php in
SocialEngine ...)
+ TODO: check
+CVE-2008-6119 (Static code injection vulnerability in ...)
+ TODO: check
+CVE-2008-6118 (win/content/upload.php in Goople CMS 1.7 allows remote attackers
to ...)
+ TODO: check
+CVE-2008-6117 (SQL injection vulnerability in homepage.php in PG Job Site Pro
allows ...)
+ TODO: check
+CVE-2008-6116 (SQL injection vulnerability in the EXtrovert Software Thyme ...)
+ TODO: check
+CVE-2008-6115 (SQL injection vulnerability in directory.php in Prozilla Hosting
Index ...)
+ TODO: check
+CVE-2008-6114 (SQL injection vulnerability in product_details.php in the
Mytipper ...)
+ TODO: check
+CVE-2008-6113 (Cross-site scripting (XSS) vulnerability in SemanticScuttle
before ...)
+ TODO: check
+CVE-2008-6112 (Multiple directory traversal vulnerabilities in Ez Ringtone
Manager ...)
+ TODO: check
+CVE-2008-6111 (SQL injection vulnerability in blog.php in NetArt Media Vlog
System ...)
+ TODO: check
CVE-2009-XXXX [nautilus: potential exploits via application launchers]
- nautilus <unfixed> (low; bug #515104)
NOTE: need to submit a request for CVE id
@@ -61,8 +257,8 @@
RESERVED
CVE-2009-0504
RESERVED
-CVE-2009-0503
- RESERVED
+CVE-2009-0503 (IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a
database ...)
+ TODO: check
CVE-2008-6110 (Unspecified vulnerability in SemanticScuttle before 0.90 has
unknown ...)
NOT-FOR-US: SemanticScuttle
CVE-2008-6109 (Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2
does not ...)
@@ -612,15 +808,14 @@
RESERVED
{DTSA-197-1}
- barnowl 1.0.5-1
-CVE-2009-0362 [fail2ban DoS through incorrect wuftpd log message parsing]
- RESERVED
+CVE-2009-0362 (filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular
...)
- fail2ban 0.8.3-2sid1 (low; bug #514163)
-CVE-2009-0361
- RESERVED
+CVE-2009-0361 (Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su
in ...)
{DSA-1722-1 DSA-1721-1}
-CVE-2009-0360
- RESERVED
+ TODO: check
+CVE-2009-0360 (Russ Allbery pam-krb5 before 3.13, when linked against MIT
Kerberos, ...)
{DSA-1721-1}
+ TODO: check
CVE-2009-0359 [Cross-site scripting via missing input sanitising]
RESERVED
{DTSA-194-1}
@@ -806,7 +1001,7 @@
RESERVED
CVE-2009-0306
RESERVED
-CVE-2009-0305 (Buffer overflow in the Research in Motion RIM AxLoader ActiveX
control ...)
+CVE-2009-0305 (Multiple stack-based buffer overflows in the Research in Motion
RIM ...)
NOT-FOR-US: ActiveX
CVE-2009-0304 (The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris
before ...)
NOT-FOR-US: Solaris
@@ -1155,8 +1350,8 @@
RESERVED
CVE-2009-0217
RESERVED
-CVE-2009-0216
- RESERVED
+CVE-2009-0216 (GE Fanuc iFIX 5.0 and earlier relies on client-side
authentication ...)
+ TODO: check
CVE-2009-0215
RESERVED
CVE-2009-0214 (Unspecified vulnerability in the WebFGServer application in
AREVA ...)
@@ -1326,18 +1521,18 @@
RESERVED
CVE-2009-0143
RESERVED
-CVE-2009-0142
- RESERVED
-CVE-2009-0141
- RESERVED
-CVE-2009-0140
- RESERVED
-CVE-2009-0139
- RESERVED
-CVE-2009-0138
- RESERVED
-CVE-2009-0137
- RESERVED
+CVE-2009-0142 (Race condition in AFP Server in Apple Mac OS X 10.5.6 allows
local ...)
+ TODO: check
+CVE-2009-0141 (XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit,
...)
+ TODO: check
+CVE-2009-0140 (Unspecified vulnerability in the SMB component in Apple Mac OS X
...)
+ TODO: check
+CVE-2009-0139 (Integer overflow in the SMB component in Apple Mac OS X 10.5.6
allows ...)
+ TODO: check
+CVE-2009-0138 (servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not
properly ...)
+ TODO: check
+CVE-2009-0137 (Multiple unspecified vulnerabilities in Safari RSS in Apple Mac
OS X ...)
+ TODO: check
CVE-2009-0134 (Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX
...)
NOT-FOR-US: EasyGrid.SGCtrl.32 ActiveX control
CVE-2008-5910 (Unspecified vulnerability in txzonemgr in Sun OpenSolaris has
unknown ...)
@@ -2252,8 +2447,8 @@
RESERVED
CVE-2009-0037
RESERVED
-CVE-2009-0036
- RESERVED
+CVE-2009-0036 (Buffer overflow in the proxyReadClientSocket function in ...)
+ TODO: check
CVE-2009-0035
RESERVED
CVE-2009-0034 (parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly
interpret ...)
@@ -2295,30 +2490,30 @@
CVE-2009-0021 (NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not
properly ...)
{DSA-1702-1}
- ntp 1:4.2.4p4+dfsg-8
-CVE-2009-0020
- RESERVED
-CVE-2009-0019
- RESERVED
-CVE-2009-0018
- RESERVED
-CVE-2009-0017
- RESERVED
+CVE-2009-0020 (Unspecified vulnerability in CarbonCore in Apple Mac OS X
10.4.11 and ...)
+ TODO: check
+CVE-2009-0019 (Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows
remote ...)
+ TODO: check
+CVE-2009-0018 (The Remote Apple Events server in Apple Mac OS X 10.4.11 and
10.5.6 ...)
+ TODO: check
+CVE-2009-0017 (csregprinter in the Printing component in Apple Mac OS X 10.4.11
and ...)
+ TODO: check
CVE-2009-0016
RESERVED
-CVE-2009-0015
- RESERVED
-CVE-2009-0014
- RESERVED
-CVE-2009-0013
- RESERVED
-CVE-2009-0012
- RESERVED
-CVE-2009-0011
- RESERVED
+CVE-2009-0015 (Unspecified vulnerability in fseventsd in the FSEvents framework
in ...)
+ TODO: check
+CVE-2009-0014 (Folder Manager in Apple Mac OS X 10.5.6 uses insecure default
...)
+ TODO: check
+CVE-2009-0013 (dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires
that ...)
+ TODO: check
+CVE-2009-0012 (Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6
allows ...)
+ TODO: check
+CVE-2009-0011 (Certificate Assistant in Apple Mac OS X 10.5.6 allows local
users to ...)
+ TODO: check
CVE-2009-0010
RESERVED
-CVE-2009-0009
- RESERVED
+CVE-2009-0009 (Unspecified vulnerability in the Pixlet codec in Apple Mac OS X
...)
+ TODO: check
CVE-2009-0008 (Unspecified vulnerability in Apple QuickTime MPEG-2 Playback
Component ...)
NOT-FOR-US: Apple QuickTime
CVE-2009-0007 (Heap-based buffer overflow in Apple QuickTime before 7.6 allows
remote ...)