thr3ads.net - Secure testing commits - [Secure-testing-commits] r12046

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Jun-04 21:14 UTC
[Secure-testing-commits] r12046 - data/CVE

Author: joeyh
Date: 2009-06-04 21:14:31 +0000 (Thu, 04 Jun 2009)
New Revision: 12046

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-06-04 19:23:21 UTC (rev 12045)
+++ data/CVE/list	2009-06-04 21:14:31 UTC (rev 12046)
@@ -1,3 +1,25 @@
+CVE-2009-1906 (The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5
before ...)
+	TODO: check
+CVE-2009-1905 (The Common Code Infrastructure component in IBM DB2 8 before
FP17, 9.1 ...)
+	TODO: check
+CVE-2009-1904
+	RESERVED
+CVE-2009-1903 (The PDF XSS protection feature in ModSecurity before 2.5.8
allows ...)
+	TODO: check
+CVE-2009-1902 (The multipart processor in ModSecurity before 2.5.9 allows
remote ...)
+	TODO: check
+CVE-2009-1901 (The Security component in IBM WebSphere Application Server (WAS)
6.0.2 ...)
+	TODO: check
+CVE-2009-1900 (The Configservice APIs in the Administrative Console component
in IBM ...)
+	TODO: check
+CVE-2009-1899 (Unspecified vulnerability in the System Management/Repository
...)
+	TODO: check
+CVE-2009-1898 (The secure login page in the Administrative Console component in
IBM ...)
+	TODO: check
+CVE-2008-6821 (Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1
before ...)
+	TODO: check
+CVE-2008-6820 (The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and
9.5 ...)
+	TODO: check
 CVE-2009-XXXX [dokuwiki local file inclusion]
 	- dokuwiki <unfixed> (unimportant)
 	NOTE: we don''t support setups with register_globals enabled
@@ -3167,14 +3189,14 @@
 	RESERVED
 CVE-2009-0900
 	RESERVED
-CVE-2009-0899
-	RESERVED
+CVE-2009-0899 (IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and
7.0 ...)
+	TODO: check
 CVE-2009-0898
 	RESERVED
 CVE-2009-0897 (IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and
6.1.1 ...)
 	NOT-FOR-US: IBM WebSphere
-CVE-2009-0896
-	RESERVED
+CVE-2009-0896 (Buffer overflow in the queue manager in IBM WebSphere MQ 6.x
before ...)
+	TODO: check
 CVE-2009-0895
 	RESERVED
 CVE-2009-0894 (Heap-based buffer overflow in the decoder_create function in the
...)
@@ -4891,7 +4913,7 @@
 	RESERVED
 CVE-2009-0509
 	RESERVED
-CVE-2009-0508 (The Servlet Engine/Web Container component in IBM WebSphere ...)
+CVE-2009-0508 (The Servlet Engine/Web Container and JSP components in IBM
WebSphere ...)
 	NOT-FOR-US: IBM WebSphere
 CVE-2009-0507 (IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2
before ...)
 	NOT-FOR-US: IBM WebSphere
@@ -6131,9 +6153,9 @@
 	[lenny] - libmikmod <no-dsa> (Minor issue)
 	- sdl-mixer1.2 1.2.8-1 (low; bug #422021)
 	[etch] - sdl-mixer1.2 <no-dsa> (Minor issue)
-CVE-2009-0173 (Unspecified vulnerability in the server in IBM DB2 9.1 before
FP6a and ...)
+CVE-2009-0173 (Unspecified vulnerability in the server in IBM DB2 8 before
FP17a, 9.1 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2009-0172 (Unspecified vulnerability in IBM DB2 9.1 before FP6a and 9.5
before ...)
+CVE-2009-0172 (Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before
FP6a, ...)
 	NOT-FOR-US: IBM DB2 9.1
 CVE-2009-0171 (The Sun SPARC Enterprise M4000 and M5000 Server, within a
certain ...)
 	NOT-FOR-US: Sun SPARC Enterprise M4000 and M5000 Server
@@ -7203,6 +7225,7 @@
 	NOTE: Fixed in 2.6.24 before initial upload
 CVE-2009-0023
 	RESERVED
+	{DSA-1812-1}
 CVE-2009-0022 (Samba 3.2.0 through 3.2.6, when registry shares are enabled,
allows ...)
 	- samba 2:3.2.5-3
 	[etch] - samba <not-affected> (Only 3.2.x affected)
@@ -11516,7 +11539,7 @@
 	NOT-FOR-US: IBM DB2
 CVE-2008-3857 (The Base Service Utilities component in IBM DB2 9.1 before
Fixpak 5 ...)
 	NOT-FOR-US: IBM DB2
-CVE-2008-3856 (The routine infrastructure component in IBM DB2 9.1 before
Fixpak 5, ...)
+CVE-2008-3856 (The routine infrastructure component in IBM DB2 8 before FP17,
9.1 ...)
 	NOT-FOR-US: IBM DB2
 CVE-2008-3855 (Unspecified vulnerability in the DB2 Administration Server (DAS)
in ...)
 	NOT-FOR-US: IBM DB2
@@ -15621,8 +15644,8 @@
 	RESERVED
 CVE-2008-2155
 	RESERVED
-CVE-2008-2154
-	RESERVED
+CVE-2008-2154 (IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2
provides an ...)
+	TODO: check
 CVE-2008-2153
 	RESERVED
 CVE-2008-2152 (Integer overflow in the rtl_allocateMemory function in ...)
Secure testing commits - Jun 2009 - r12046 - data/CVE

[Secure-testing-commits] r12046 - data/CVE
