Author: jmm-guest Date: 2009-12-26 18:29:12 +0000 (Sat, 26 Dec 2009) New Revision: 13659 Modified: data/CVE/list Log: - wireshark CVEfied - one xfig issue unimportant Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-26 18:24:10 UTC (rev 13658) +++ data/CVE/list 2009-12-26 18:29:12 UTC (rev 13659) @@ -153,11 +153,15 @@ CVE-2010-0066 RESERVED CVE-2009-4378 (The IPMI dissector in Wireshark 1.2.0 through 1.2.4, when running on ...) - - wireshark 1.2.5-1 + - wireshark <not-affected> (Windows-specific) CVE-2009-4377 (The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 ...) - wireshark 1.2.5-1 + [lenny] - wireshark <no-dsa> (Minor issue) + [etch] - wireshark <no-dsa> (Minor issue) CVE-2009-4376 (Buffer overflow in the daintree_sna_read function in the Daintree SNA ...) - wireshark 1.2.5-1 + [lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x) + [etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x) CVE-2009-4375 (SQL injection vulnerability in repository/repository_attachment.php in ...) NOT-FOR-US: AlienVault Open Source Security Information Management CVE-2009-4374 (Directory traversal vulnerability in ...) @@ -267,18 +271,8 @@ CVE-2009-XXXX [libapache2-mod-php5: potential disclosure of private php files] - php5 5.2.11.dfsg.1-2 (low; bug #562006) NOTE: not sure if it should be treated as an issue, probably not -CVE-2009-XXXX [Wireshark: Daintree SNA buffer overflow] - - wireshark 1.2.5-1 - [lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x) - [etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x) CVE-2009-XXXX [libhaml-ruby XSS issue] - libhaml-ruby 2.2.8-1 -CVE-2009-XXXX [Wireshark: SMB and SMB2 dissectors could crash] - - wireshark 1.2.5-1 (low) - [lenny] - wireshark <no-dsa> (Minor issue) - [etch] - wireshark <no-dsa> (Minor issue) -CVE-2009-XXXX [Wireshark: IPMI dissector could crash on Windows] - - wireshark <not-affected> (Windows-specific) CVE-2009-XXXX [roundup: unspecified issue] - roundup 1.4.11-1 CVE-2009-XXXX [phpldapadmin local file inclusion vuln] @@ -689,10 +683,7 @@ CVE-2009-4225 (Stack-based buffer overflow in the PestPatrol ActiveX control ...) NOT-FOR-US: PestPatrol CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and ...) - - xfig <unfixed> - [lenny] - xfig <no-dsa> (Minor issue) - [etch] - xfig <no-dsa> (Minor issue) - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=543905 + - xfig <unfixed> (unimportant) CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in ...) - xfig 1:3.2.5.b-1 (low; bug #559274) [lenny] - xfig <no-dsa> (Minor issue)