thr3ads.net - Secure testing commits - [Secure-testing-commits] r13686

If this information is useful, please help other people find it:
Share via:
Joey Hess
2009-Dec-31 09:15 UTC
[Secure-testing-commits] r13686 - data/CVE

Author: joeyh
Date: 2009-12-31 09:15:04 +0000 (Thu, 31 Dec 2009)
New Revision: 13686

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-12-31 07:12:22 UTC (rev 13685)
+++ data/CVE/list	2009-12-31 09:15:04 UTC (rev 13686)
@@ -1,3 +1,33 @@
+CVE-2009-4458 (Multiple cross-site scripting (XSS) vulnerabilities in FreePBX
2.5.2 ...)
+	TODO: check
+CVE-2009-4457 (Multiple unspecified vulnerabilities in the Vsftpd Webmin module
...)
+	TODO: check
+CVE-2009-4456 (SQL injection vulnerability in news_detail.php in Green Desktiny
...)
+	TODO: check
+CVE-2009-4455 (The default configuration of Cisco ASA 5500 Series Adaptive
Security ...)
+	TODO: check
+CVE-2009-4454 (vccleaner in VideoCache 1.9.2 allows local users with Squid
proxy user ...)
+	TODO: check
+CVE-2009-4453 (Insecure method vulnerability in SoftCab Sound Converter ActiveX
...)
+	TODO: check
+CVE-2009-4452 (Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x;
...)
+	TODO: check
+CVE-2009-4451 (Unrestricted file upload vulnerability in upper.php in kandalf
upper ...)
+	TODO: check
+CVE-2009-4450 (Multiple cross-site scripting (XSS) vulnerabilities in map.php
in ...)
+	TODO: check
+CVE-2009-4449 (Directory traversal vulnerability in MyBB (aka MyBulletinBoard)
...)
+	TODO: check
+CVE-2009-4448 (inc/functions_time.php in MyBB (aka MyBulletinBoard) 1.4.10, and
...)
+	TODO: check
+CVE-2009-4447 (Jax Guestbook 3.5.0 allows remote attackers to bypass
authentication ...)
+	TODO: check
+CVE-2009-4446 (Cross-site scripting (XSS) vulnerability in admin.php in ...)
+	TODO: check
+CVE-2009-4445 (Microsoft Internet Information Services (IIS), when used in ...)
+	TODO: check
+CVE-2009-4444 (Microsoft Internet Information Services (IIS) 5.x and 6.x uses
only ...)
+	TODO: check
 CVE-2009-4443 (Unspecified vulnerability in the psearch (aka persistent search)
...)
 	NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
 CVE-2009-4442 (Directory Proxy Server (DPS) in Sun Java System Directory Server
...)
@@ -3331,8 +3361,7 @@
 	{DSA-1912-2 DSA-1912-1}
 	- camlimages 1:3.0.1-5 (low)
 	- advi 1.6.0-15 (low; bug #551282)
-CVE-2009-3295 [null pointer dereference in MIT krb5]
-	RESERVED
+CVE-2009-3295 (The prep_reprocess_req function in kdc/do_tgs_req.c in the
cross-realm ...)
 	- krb5 1.7+dfsg-4 (medium)
 	[lenny] - krb5 <not-affected> (code introduced in 1.7)
 	[etch] - krb5 <not-affected> (code introduced in 1.7)
@@ -5383,7 +5412,7 @@
 	RESERVED
 CVE-2009-2744 (Unspecified vulnerability in IBM WebSphere Application Server
(WAS) ...)
 	NOT-FOR-US: IBM WebSphere Application Server
-CVE-2009-2743 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 does
not ...)
+CVE-2009-2743 (IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and
7.0 ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2009-2742 (Cross-site scripting (XSS) vulnerability in Eclipse Help in IBM
...)
 	NOT-FOR-US: IBM WebSphere Application Server
Secure testing commits - Dec 2009 - r13686 - data/CVE

[Secure-testing-commits] r13686 - data/CVE
