Author: joeyh
Date: 2009-10-26 21:14:23 +0000 (Mon, 26 Oct 2009)
New Revision: 13099
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-10-26 19:41:30 UTC (rev 13098)
+++ data/CVE/list 2009-10-26 21:14:23 UTC (rev 13099)
@@ -1,3 +1,37 @@
+CVE-2009-3777
+ RESERVED
+CVE-2009-3776
+ RESERVED
+CVE-2009-3775
+ RESERVED
+CVE-2009-3774
+ RESERVED
+CVE-2009-3773
+ RESERVED
+CVE-2009-3772
+ RESERVED
+CVE-2009-3771
+ RESERVED
+CVE-2009-3770
+ RESERVED
+CVE-2009-3769
+ RESERVED
+CVE-2009-3768
+ RESERVED
+CVE-2009-3767 (libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used,
does not ...)
+ TODO: check
+CVE-2009-3766 (mutt_ssl.c in mutt 1.5.16, when OpenSSL is used, does not verify
the ...)
+ TODO: check
+CVE-2009-3765 (mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does
not ...)
+ TODO: check
+CVE-2009-3764
+ RESERVED
+CVE-2009-3763
+ RESERVED
+CVE-2009-3762
+ RESERVED
+CVE-2009-3761
+ RESERVED
CVE-2009-3760 (Static code injection vulnerability in config/writeconfig.php in
the ...)
NOT-FOR-US: Citrix XenCenterWeb
CVE-2009-3759 (Multiple cross-site request forgery (CSRF) vulnerabilities in
sample ...)
@@ -306,8 +340,7 @@
[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in
2.6.31)
- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
NOTE: fixed upstream in 2.6.32-rc1
-CVE-2009-3622 [wordpress: Trackback DoS]
- RESERVED
+CVE-2009-3622 (Algorithmic complexity vulnerability in wp-trackback.php in
WordPress ...)
- wordpress 2.8.5-1
[lenny] - wordpress <no-dsa> (Minor issue)
[etch] - wordpress <no-dsa> (Minor issue)
@@ -324,8 +357,8 @@
RESERVED
CVE-2009-3617 (Format string vulnerability in the AbstractCommand::onAbort
function ...)
- aria2 1.6.2-1 (low)
-CVE-2009-3616
- RESERVED
+CVE-2009-3616 (Multiple use-after-free vulnerabilities in vnc.c in the VNC
server in ...)
+ TODO: check
CVE-2009-3615 (The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3
and ...)
- pidgin 2.6.3-1
NOTE: http://pidgin.im/news/security/?id=41
@@ -4636,8 +4669,7 @@
RESERVED
CVE-2009-2266 (OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote
...)
NOT-FOR-US: OXID eShop
-CVE-2009-2281 [Heap-based buffer underflow in the readPostBody function in
cgiutil.c ...]
- RESERVED
+CVE-2009-2281 (Multiple heap-based buffer underflows in the readPostBody
function in ...)
{DSA-1914-1}
- mapserver 5.4.2-1 (medium; bug #535340)
NOTE: http://www.openwall.com/lists/oss-security/2009/06/22/2
@@ -7387,8 +7419,7 @@
RESERVED
CVE-2009-1298
RESERVED
-CVE-2009-1297
- RESERVED
+CVE-2009-1297 (iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1
and ...)
- open-iscsi <unfixed> (low; bug filed)
[lenny] - open-iscsi <no-dsa> (Minor issue)
[etch] - open-iscsi <not-affected> (Vulnerable script not yet present)