Author: joeyh
Date: 2009-05-19 21:14:17 +0000 (Tue, 19 May 2009)
New Revision: 11933
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-05-19 18:32:51 UTC (rev 11932)
+++ data/CVE/list 2009-05-19 21:14:17 UTC (rev 11933)
@@ -1,3 +1,29 @@
+CVE-2009-1678 (Directory traversal vulnerability in the saveFeed function in
...)
+ TODO: check
+CVE-2009-1677 (Multiple static code injection vulnerabilities in the saveFeed
...)
+ TODO: check
+CVE-2009-1676 (The WebDAV implementation in Microsoft Internet Information
Services ...)
+ TODO: check
+CVE-2009-1675 (Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24
allows ...)
+ TODO: check
+CVE-2009-1674 (Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows
...)
+ TODO: check
+CVE-2009-1673 (The kernel in Sun Solaris 9 allows local users to cause a denial
of ...)
+ TODO: check
+CVE-2009-1672 (The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3
in ...)
+ TODO: check
+CVE-2009-1671 (Multiple buffer overflows in the Deployment Toolkit ActiveX
control in ...)
+ TODO: check
+CVE-2009-1670 (user/index.php in TCPDB 3.8 does not require administrative ...)
+ TODO: check
+CVE-2009-1669 (The smarty_function_math function in
libs/plugins/function.math.php in ...)
+ TODO: check
+CVE-2009-1668 (TYPSoft FTP Server 1.11 allows remote attackers to cause a
denial of ...)
+ TODO: check
+CVE-2009-1667 (Stack-based buffer overflow in Mini-stream CastRipper 2.50.70
allows ...)
+ TODO: check
+CVE-2009-1666 (Multiple unspecified vulnerabilities in CycloMedia
CycloScopeLite ...)
+ TODO: check
CVE-2009-XXXX [off-by-one in nsd]
- nsd3 <unfixed> (medium; bug #529418)
- nsd 2.3.7-3 (medium; bug #529420)
@@ -244,16 +270,20 @@
TODO: add after r2 [lenny] - system-tools-backends 2.6.0-2lenny3
[etch] - system-tools-backends <not-affected> (SHA was added to crypt(3)
post-etch)
CVE-2009-1581 (functions/mime.php in SquirrelMail before 1.4.18 does not
protect the ...)
+ {DSA-1802-1}
- squirrelmail 2:1.4.18-1 (low; bug #528528)
NOTE:
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13667
CVE-2009-1580 (Session fixation vulnerability in SquirrelMail before 1.4.18
allows ...)
+ {DSA-1802-1}
- squirrelmail 2:1.4.18-1 (low; bug #528528)
NOTE:
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13676
CVE-2009-1579 (The map_yp_alias function in functions/imap_general.php in ...)
+ {DSA-1802-1}
- squirrelmail 2:1.4.18-1 (medium; bug #528528)
NOTE:
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13674
NOTE: doesn''t affect every setup
CVE-2009-1578 (Multiple cross-site scripting (XSS) vulnerabilities in
SquirrelMail ...)
+ {DSA-1802-1}
- squirrelmail 2:1.4.18-1 (low; bug #528528)
NOTE:
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13670
CVE-2009-1577 (Multiple stack-based buffer overflows in the putstring function
in ...)
@@ -1359,6 +1389,8 @@
{DSA-1764-1}
- tunapie 2.1.17-1
CVE-2009-1252 [ntp authkey buffer overflow]
+ RESERVED
+ {DSA-1801-1}
- ntp <unfixed>
NOTE: VU#853097
CVE-2009-1251 (Heap-based buffer overflow in the cache manager in the client in
...)
@@ -3451,8 +3483,8 @@
- lcms 1.18.dfsg-1 (bug #522446)
CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News
1.0.0 ...)
NOT-FOR-US: Potato News
-CVE-2009-0721
- RESERVED
+CVE-2009-0721 (Unspecified vulnerability in Easy Login in the Sender module in
HP ...)
+ TODO: check
CVE-2009-0720 (Unspecified vulnerability in HP OpenView Network Node Manager
(OV NNM) ...)
NOT-FOR-US: HP OpenView Network Node Manager
CVE-2009-0719 (Unspecified vulnerability in useradd in HP HP-UX B.11.11,
B.11.23, and ...)
@@ -5617,6 +5649,7 @@
CVE-2009-0160 (QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before
10.5.7 ...)
TODO: check
CVE-2009-0159 (Stack-based buffer overflow in the cookedprint function in
ntpq/ntpq.c ...)
+ {DSA-1801-1}
- ntp <unfixed> (low; bug #525373)
[lenny] - ntp <no-dsa> (Minor issue)
[etch] - ntp <no-dsa> (Minor issue)