Author: jmm-guest
Date: 2009-06-01 16:38:29 +0000 (Mon, 01 Jun 2009)
New Revision: 12012
Modified:
data/CVE/list
Log:
- new wireshark issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-06-01 14:41:52 UTC (rev 12011)
+++ data/CVE/list 2009-06-01 16:38:29 UTC (rev 12012)
@@ -1,3 +1,5 @@
+CVE-2009-1829 [wireshark PCNFSD DoS]
+ - wireshark <unfixed> (low)
CVE-2009-1808 (Microsoft Windows XP SP3 allows local users to cause a denial of
...)
NOT-FOR-US: Microsoft
CVE-2009-1807 (Unspecified vulnerability in Config.dll in Baofeng products
3.09.04.17 ...)
@@ -688,13 +690,11 @@
CVE-2009-1528
RESERVED
CVE-2009-1527 (Race condition in the ptrace_attach function in kernel/ptrace.c
in the ...)
- - linux-2.6 <unfixed> (high)
+ - linux-2.6 2.6.29-5 (high)
[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.29)
[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in
2.6.29)
NOTE: vulnerability introduced in commit d84f4f99, which has only been
included in the kernel since 2.6.29
NOTE: However, d84f4f99 was introduced on 13th Nov 2008, so must''ve
been included in 2.6.28 at least?
- NOTE: it has been confirmed that an exploit in the wild is making use of this
vulnerability
- TODO: Verify exploit on earlier kernels
CVE-2009-1526 (JBMC Software DirectAdmin before 1.334 allows local users to
create or ...)
NOT-FOR-US: Directadmin
CVE-2009-1525 (CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote
...)
@@ -27903,7 +27903,7 @@
CVE-2007-4048 (Cross-site scripting (XSS) vulnerability in index.php in
phpSysInfo ...)
{DTSA-58-1}
- phpsysinfo 2.5.1-6.1 (unimportant; bug #435935)
- - phpgroupware 0.9.16.012-1 (low; bug #435936)
+ - phpgroupware 0.9.16.012-1 (low; bug #435936; bug #472685)
[etch] - phpgroupware <not-affected> (Affected code is not used in
phpgroupware)
- egroupware 1.2.107-2.dfsg-1.1 (low; bug #435937)
NOTE: phpsysinfo alone doesn''t maintain any data, which makes this an
issue