thr3ads.net - Secure testing commits - [Secure-testing-commits] r11694

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Apr-22 21:14 UTC
[Secure-testing-commits] r11694 - data/CVE

Author: joeyh
Date: 2009-04-22 21:14:14 +0000 (Wed, 22 Apr 2009)
New Revision: 11694

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-04-22 18:53:18 UTC (rev 11693)
+++ data/CVE/list	2009-04-22 21:14:14 UTC (rev 11694)
@@ -1,4 +1,46 @@
-CVE-2009-1358 [apt misinterprets gpgv to accept expired sigs]
+CVE-2009-1357
+	RESERVED
+CVE-2009-1356 (Stack-based buffer overflow in Elecard AVC HD Player allows
remote ...)
+	TODO: check
+CVE-2009-1355 (Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and
6.1 ...)
+	TODO: check
+CVE-2009-1354 (Directory traversal vulnerability in Mongoose 2.4 allows remote
...)
+	TODO: check
+CVE-2009-1353 (Buffer overflow in the http_parse_hex function in libz/misc.c in
...)
+	TODO: check
+CVE-2009-1352 (Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows
remote ...)
+	TODO: check
+CVE-2009-1351 (Heap-based buffer overflow in Apollo 37zz allows remote
attackers to ...)
+	TODO: check
+CVE-2009-1350 (Unspecified vulnerability in xtagent.exe in Novell NetIdentity
Client ...)
+	TODO: check
+CVE-2009-1349 (Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3
...)
+	TODO: check
+CVE-2008-6742 (Foxy P2P software allows remote attackers to cause a denial of
service ...)
+	TODO: check
+CVE-2008-6741 (SQL injection vulnerability in Load.php in Simple Machines Forum
(SMF) ...)
+	TODO: check
+CVE-2008-6740 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2008-6739 (Todd Woolums ASP Download management script 1.03 does not
require ...)
+	TODO: check
+CVE-2008-6738 (MyShoutPro 1.2 allows remote attackers to bypass authentication
and ...)
+	TODO: check
+CVE-2008-6737 (Crysis 1.21 and earlier allows remote attackers to obtain
sensitive ...)
+	TODO: check
+CVE-2008-6736 (Flat Calendar 1.1 does not properly restrict access to
administrative ...)
+	TODO: check
+CVE-2008-6735 (Directory traversal vulnerability in qc/index.php in
ThaiQuickCart 3 ...)
+	TODO: check
+CVE-2008-6734 (Directory traversal vulnerability in Public/index.php in Keller
Web ...)
+	TODO: check
+CVE-2008-6733 (Cross-site scripting (XSS) vulnerability in the error handling
page in ...)
+	TODO: check
+CVE-2008-6732 (Cross-site scripting (XSS) vulnerability in the Language skin
object ...)
+	TODO: check
+CVE-2006-7238 (Cross-site scripting (XSS) vulnerability in MyShoutPro before
1.2 ...)
+	TODO: check
+CVE-2009-1358 (apt-get in apt before 0.7.21 does not check for the correct
error code ...)
 	- apt 0.7.21 (bug #433091)
 CVE-2009-XXXX [amule improper path sanitization]
 	- amule <unfixed> (low; bug #525078)
@@ -52,8 +94,8 @@
 CVE-2009-1331 (Integer overflow in Microsoft Windows Media Player (WMP) ...)
 	NOT-FOR-US: Windows Media Player
 CVE-2009-XXXX [linux-2.6: /dev/mem rootkit vulnerability]
-        - linux-2.6 2.6.29-1 (unimportant; bug #524373)
-        NOTE: This is about an additional hardening feature, not a security
issue
+	- linux-2.6 2.6.29-1 (unimportant; bug #524373)
+	NOTE: This is about an additional hardening feature, not a security issue
 CVE-2009-XXXX [pptp-linux: unrestrictive pptpsetup permissions]
 	- pptp-linux <unfixed> (low; bug #523476)
 CVE-2009-XXXX [slurm-llnl doesn''t drop supplementary groups]
@@ -296,8 +338,8 @@
 	- wireshark 1.0.7-1
 CVE-2009-1267 (Unspecified vulnerability in the LDAP dissector in Wireshark
0.99.2 ...)
 	- wireshark 1.0.7-1
-CVE-2009-1266
-	RESERVED
+CVE-2009-1266 (Unspecified vulnerability in Wireshark before 1.0.7-0.1-1 has
unknown ...)
+	TODO: check
 CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the
Linux ...)
 	- linux-2.6 <unfixed>
 CVE-2009-1264 (Frontend User Registration (sr_feuser_register) extension 2.5.20
and ...)
@@ -729,29 +771,29 @@
 	RESERVED
 CVE-2009-1183 [pdf vulnerabilities]
 	RESERVED
-        - poppler 0.10.6-1 (medium; bug #524806)
-        - xpdf <unfixed> (medium; bug #524809)
-        - kdegraphics 4.0-1 (medium; bug #524810)
+	- poppler 0.10.6-1 (medium; bug #524806)
+	- xpdf <unfixed> (medium; bug #524809)
+	- kdegraphics 4.0-1 (medium; bug #524810)
 CVE-2009-1182 [pdf vulnerabilites]
 	RESERVED
-        - poppler 0.10.6-1 (medium; bug #524806)
-        - xpdf <unfixed> (medium; bug #524809)
-        - kdegraphics 4.0-1 (medium; bug #524810)
+	- poppler 0.10.6-1 (medium; bug #524806)
+	- xpdf <unfixed> (medium; bug #524809)
+	- kdegraphics 4.0-1 (medium; bug #524810)
 CVE-2009-1181 [pdf vulnerabilities]
 	RESERVED
-        - poppler 0.10.6-1 (medium; bug #524806)
-        - xpdf <unfixed> (medium; bug #524809)
-        - kdegraphics 4.0-1 (medium; bug #524810)
+	- poppler 0.10.6-1 (medium; bug #524806)
+	- xpdf <unfixed> (medium; bug #524809)
+	- kdegraphics 4.0-1 (medium; bug #524810)
 CVE-2009-1180 [pdf vulnerabilities]
 	RESERVED
-        - poppler 0.10.6-1 (medium; bug #524806)
-        - xpdf <unfixed> (medium; bug #524809)
-        - kdegraphics 4.0-1 (medium; bug #524810)
+	- poppler 0.10.6-1 (medium; bug #524806)
+	- xpdf <unfixed> (medium; bug #524809)
+	- kdegraphics 4.0-1 (medium; bug #524810)
 CVE-2009-1179 [pdf vulnerabilities]
 	RESERVED
-        - poppler 0.10.6-1 (medium; bug #524806)
-        - xpdf <unfixed> (medium; bug #524809)
-        - kdegraphics 4.0-1 (medium; bug #524810)
+	- poppler 0.10.6-1 (medium; bug #524806)
+	- xpdf <unfixed> (medium; bug #524809)
+	- kdegraphics 4.0-1 (medium; bug #524810)
 CVE-2009-1178 (Unspecified vulnerability in the server in IBM Tivoli Storage
Manager ...)
 	NOT-FOR-US: Tivoli
 CVE-2009-1177 (Multiple stack-based buffer overflows in maptemplate.c in
mapserv in ...)
@@ -1997,14 +2039,14 @@
 	- squid3 <unfixed> (low; bug #521052)
 CVE-2009-0800 [pdf vulnerabilities]
 	RESERVED
-        - poppler 0.10.6-1 (medium; bug #524806)
-        - xpdf <unfixed> (medium; bug #524809)
-        - kdegraphics 4.0  (medium; bug #524810)
+	- poppler 0.10.6-1 (medium; bug #524806)
+	- xpdf <unfixed> (medium; bug #524809)
+	- kdegraphics 4.0  (medium; bug #524810)
 CVE-2009-0799 [pdf vulnerabilities]
 	RESERVED
-        - poppler 0.10.6-1 (medium; bug #524806)
-        - xpdf <unfixed> (medium; bug #524809)
-        - kdegraphics 4.0 (medium; bug #524810)
+	- poppler 0.10.6-1 (medium; bug #524806)
+	- xpdf <unfixed> (medium; bug #524809)
+	- kdegraphics 4.0 (medium; bug #524810)
 CVE-2009-0798
 	RESERVED
 CVE-2009-0797
@@ -2448,14 +2490,14 @@
 	RESERVED
 CVE-2009-0719
 	RESERVED
-CVE-2009-0718
-	RESERVED
-CVE-2009-0717
-	RESERVED
-CVE-2009-0716
-	RESERVED
-CVE-2009-0715
-	RESERVED
+CVE-2009-0718 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5
...)
+	TODO: check
+CVE-2009-0717 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5
...)
+	TODO: check
+CVE-2009-0716 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5
...)
+	TODO: check
+CVE-2009-0715 (Unspecified vulnerability in Secure NaviCLI in HP Storage
Essentials ...)
+	TODO: check
 CVE-2009-0714
 	RESERVED
 CVE-2009-0713 (Unspecified vulnerability in WMI Mapper for HP Systems Insight
Manager ...)
@@ -2567,6 +2609,7 @@
 	RESERVED
 CVE-2009-0664
 	RESERVED
+	{DSA-1778-1}
 CVE-2009-0663
 	RESERVED
 CVE-2009-0662
Secure testing commits - Apr 2009 - r11694 - data/CVE

[Secure-testing-commits] r11694 - data/CVE
