Author: joeyh Date: 2009-10-06 21:14:19 +0000 (Tue, 06 Oct 2009) New Revision: 12946 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-10-06 21:12:25 UTC (rev 12945) +++ data/CVE/list 2009-10-06 21:14:19 UTC (rev 12946) @@ -1,3 +1,53 @@ +CVE-2009-3566 + RESERVED +CVE-2009-3565 + RESERVED +CVE-2009-3564 + RESERVED +CVE-2009-3563 + RESERVED +CVE-2009-3562 (Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 ...) + TODO: check +CVE-2009-3561 (Directory traversal vulnerability in Xerver HTTP Server 4.32 allows ...) + TODO: check +CVE-2009-3560 + RESERVED +CVE-2009-3559 + RESERVED +CVE-2009-3558 + RESERVED +CVE-2009-3557 + RESERVED +CVE-2009-3556 + RESERVED +CVE-2009-3555 + RESERVED +CVE-2009-3554 + RESERVED +CVE-2009-3553 + RESERVED +CVE-2009-3552 + RESERVED +CVE-2009-3551 + RESERVED +CVE-2009-3550 + RESERVED +CVE-2009-3549 + RESERVED +CVE-2009-3548 + RESERVED +CVE-2009-3547 + RESERVED +CVE-2009-3546 + RESERVED +CVE-2009-3545 (DataWizard Technologies FtpXQ FTP Server 3.0 allows remote ...) + TODO: check +CVE-2009-3544 (Xerver HTTP Server 4.32 allows remote attackers to obtain the source ...) + TODO: check +CVE-2009-3527 + RESERVED +CVE-2009-3526 + RESERVED CVE-2009-XXXX [php5''s pear is vulnerable to symlink attacks] - php5 <unfixed> (low; bug #546164) NOTE: side-effect reported to upstream: http://bugs.php.net/44354 @@ -11,40 +61,40 @@ CVE-2009-XXXX [kfreebsd: kqueue pipe race conditions] - kfreebsd-6 <removed> [lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported) -CVE-2009-3543 +CVE-2009-3543 (SQL injection vulnerability in _phenotype/admin/login.php in Phenotype ...) NOT-FOR-US: Phenotype CMS -CVE-2009-3542 +CVE-2009-3542 (Directory traversal vulnerability in ls.php in LittleSite (aka LS or ...) NOT-FOR-US: LittleSite -CVE-2009-3541 +CVE-2009-3541 (PHP remote file inclusion vulnerability in CoupleDB.php in ...) NOT-FOR-US: PHPGenealogy -CVE-2009-3540 +CVE-2009-3540 (Cross-site scripting (XSS) vulnerability in listads.php in ...) NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro -CVE-2009-3539 +CVE-2009-3539 (Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld ...) NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro -CVE-2009-3538 +CVE-2009-3538 (Directory traversal vulnerability in thumb.php in Clear Content 1.1 ...) NOT-FOR-US: Clear Content -CVE-2009-3537 +CVE-2009-3537 (Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 ...) NOT-FOR-US: EpicDJSoftware EpicDJ -CVE-2009-3536 +CVE-2009-3536 (Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 ...) NOT-FOR-US: EpicDJSoftware EpicVJ -CVE-2009-3535 +CVE-2009-3535 (Directory traversal vulnerability in image.php in Clear Content 1.1 ...) NOT-FOR-US: Clear Content -CVE-2009-3534 +CVE-2009-3534 (Directory traversal vulnerability in index.php in LionWiki 3.0.3, when ...) NOT-FOR-US: LionWiki -CVE-2009-3533 +CVE-2009-3533 (SQL injection vulnerability in report.php in Meeting Room Booking ...) NOT-FOR-US: Meeting Room Booking System -CVE-2009-3532 +CVE-2009-3532 (Multiple SQL injection vulnerabilities in login.asp (aka the login ...) NOT-FOR-US: LogRover -CVE-2009-3531 +CVE-2009-3531 (SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows ...) NOT-FOR-US: Universe CMS -CVE-2009-3530 +CVE-2009-3530 (Cross-site scripting (XSS) vulnerability in storefront.php in ...) NOT-FOR-US: RadScripts RadBids Gold -CVE-2009-3529 +CVE-2009-3529 (SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 ...) NOT-FOR-US: RadScripts RadBids Gold -CVE-2009-3528 +CVE-2009-3528 (SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows ...) NOT-FOR-US: MyMsg -CVE-2009-3525 - RESERVED +CVE-2009-3525 (The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not ...) + TODO: check CVE-2009-XXXX [buffer overflow in overkill] - overkill <unfixed> (bug #549310; low) [lenny] - overkill <no-dsa> (Minor issue) @@ -2824,8 +2874,8 @@ NOT-FOR-US: HP ProCurve Identity Driven Manager CVE-2009-2680 (Unspecified vulnerability in the Remote Management Interface (RMI) for ...) NOT-FOR-US: HP StorageWorks -CVE-2009-2679 - RESERVED +CVE-2009-2679 (Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and ...) + TODO: check CVE-2009-2678 RESERVED CVE-2009-2677 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)