thr3ads.net - Secure testing commits - [Secure-testing-commits] r13710

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Jan-04 21:14 UTC
[Secure-testing-commits] r13710 - data/CVE

Author: joeyh
Date: 2010-01-04 21:14:24 +0000 (Mon, 04 Jan 2010)
New Revision: 13710

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-01-04 18:44:59 UTC (rev 13709)
+++ data/CVE/list	2010-01-04 21:14:24 UTC (rev 13710)
@@ -1,3 +1,207 @@
+CVE-2010-0115
+	RESERVED
+CVE-2010-0114
+	RESERVED
+CVE-2010-0113
+	RESERVED
+CVE-2010-0112
+	RESERVED
+CVE-2010-0111
+	RESERVED
+CVE-2010-0110
+	RESERVED
+CVE-2010-0109
+	RESERVED
+CVE-2010-0108
+	RESERVED
+CVE-2010-0107
+	RESERVED
+CVE-2010-0106
+	RESERVED
+CVE-2010-0105
+	RESERVED
+CVE-2010-0104
+	RESERVED
+CVE-2010-0103
+	RESERVED
+CVE-2010-0102
+	RESERVED
+CVE-2010-0101
+	RESERVED
+CVE-2010-0100
+	RESERVED
+CVE-2010-0099
+	RESERVED
+CVE-2010-0098
+	RESERVED
+CVE-2010-0097
+	RESERVED
+CVE-2010-0096
+	RESERVED
+CVE-2009-4538
+	RESERVED
+CVE-2009-4537
+	RESERVED
+CVE-2009-4536
+	RESERVED
+CVE-2009-4535 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the
...)
+	TODO: check
+CVE-2009-4534 (Open redirect vulnerability in the FAQ Ask module 5.x and 6.x
before ...)
+	TODO: check
+CVE-2009-4533 (The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a
module ...)
+	TODO: check
+CVE-2009-4532 (Cross-site scripting (XSS) vulnerability in the Webform module
5.x ...)
+	TODO: check
+CVE-2009-4531 (httpdx 1.4.4 and earlier allows remote attackers to obtain the
source ...)
+	TODO: check
+CVE-2009-4530 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the
...)
+	TODO: check
+CVE-2009-4529 (InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows
remote ...)
+	TODO: check
+CVE-2009-4528 (The Organic Groups (OG) Vocabulary module 6.x before 6.x-1.0 for
...)
+	TODO: check
+CVE-2009-4527 (The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x
before ...)
+	TODO: check
+CVE-2009-4526 (The Send by e-mail sub-module in the Print (aka Printer, e-mail
and ...)
+	TODO: check
+CVE-2009-4525 (Cross-site scripting (XSS) vulnerability in the Print (aka
Printer, ...)
+	TODO: check
+CVE-2009-4524 (Cross-site scripting (XSS) vulnerability in the RealName module
...)
+	TODO: check
+CVE-2009-4523 (Cross-site scripting (XSS) vulnerability in index.php in Zainu
1.0 ...)
+	TODO: check
+CVE-2009-4522 (Cross-site scripting (XSS) vulnerability in search.5.html in
...)
+	TODO: check
+CVE-2009-4521 (Cross-site scripting (XSS) vulnerability in birt-viewer/run in
Eclipse ...)
+	TODO: check
+CVE-2009-4520 (The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x
before ...)
+	TODO: check
+CVE-2009-4519 (Multiple unspecified vulnerabilities in Ortro before 1.3.4 have
...)
+	TODO: check
+CVE-2009-4518 (Cross-site scripting (XSS) vulnerability in the Insert Node
module 5.x ...)
+	TODO: check
+CVE-2009-4517 (Cross-site request forgery (CSRF) vulnerability in the FAQ Ask
module ...)
+	TODO: check
+CVE-2009-4516 (Cross-site scripting (XSS) vulnerability in the FAQ Ask module
5.x and ...)
+	TODO: check
+CVE-2009-4515 (The Storm module 6.x before 6.x-1.25 for Drupal does not enforce
...)
+	TODO: check
+CVE-2009-4514 (Cross-site scripting (XSS) vulnerability in the OpenSocial ...)
+	TODO: check
+CVE-2009-4513 (Multiple cross-site scripting (XSS) vulnerabilities in the
Workflow ...)
+	TODO: check
+CVE-2009-4512 (Directory traversal vulnerability in index.php in Oscailt 3.3,
when ...)
+	TODO: check
+CVE-2009-4511
+	RESERVED
+CVE-2009-4510
+	RESERVED
+CVE-2009-4509
+	RESERVED
+CVE-2009-4508
+	RESERVED
+CVE-2009-4507
+	RESERVED
+CVE-2009-4506
+	RESERVED
+CVE-2009-4505
+	RESERVED
+CVE-2009-4504
+	RESERVED
+CVE-2009-4503
+	RESERVED
+CVE-2009-4502 (The NET_TCP_LISTEN function in net.c in Zabbix Agent before
1.6.7, ...)
+	TODO: check
+CVE-2009-4501 (The zbx_get_next_field function in libs/zbxcommon/str.c in
Zabbix ...)
+	TODO: check
+CVE-2009-4500 (The process_trap function in trapper/trapper.c in Zabbix Server
before ...)
+	TODO: check
+CVE-2009-4499 (SQL injection vulnerability in the get_history_lastid function
in the ...)
+	TODO: check
+CVE-2009-4498 (The node_process_command function in Zabbix Server before 1.8
allows ...)
+	TODO: check
+CVE-2009-4497
+	RESERVED
+CVE-2009-4496
+	RESERVED
+CVE-2009-4495
+	RESERVED
+CVE-2009-4494
+	RESERVED
+CVE-2009-4493
+	RESERVED
+CVE-2009-4492
+	RESERVED
+CVE-2009-4491
+	RESERVED
+CVE-2009-4490
+	RESERVED
+CVE-2009-4489
+	RESERVED
+CVE-2009-4488
+	RESERVED
+CVE-2009-4487
+	RESERVED
+CVE-2009-4486
+	RESERVED
+CVE-2009-4485
+	RESERVED
+CVE-2009-4484 (Buffer overflow in the server in MySQL 5.0.51a on Linux allows
remote ...)
+	TODO: check
+CVE-2009-4483 (Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows
...)
+	TODO: check
+CVE-2009-4482 (Buffer overflow in MediaServer.exe in TVersity 1.6 allows remote
...)
+	TODO: check
+CVE-2009-4481 (Unspecified vulnerability in radiusd in FreeRADIUS 1.1.7 allows
remote ...)
+	TODO: check
+CVE-2009-4480 (Buffer overflow in the web service in AzeoTech DAQFactory 5.77
might ...)
+	TODO: check
+CVE-2009-4479 (LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a
denial ...)
+	TODO: check
+CVE-2009-4478 (Multiple cross-site scripting (XSS) vulnerabilities in Xstate
Real ...)
+	TODO: check
+CVE-2009-4477 (SQL injection vulnerability in page.html in Xstate Real Estate
1.0 ...)
+	TODO: check
+CVE-2009-4476 (Stack-based buffer overflow in HAURI ViRobot Desktop 5.5 before
...)
+	TODO: check
+CVE-2009-4475 (SQL injection vulnerability in the Joomlub (com_joomlub)
component for ...)
+	TODO: check
+CVE-2009-4474 (SQL injection vulnerability in the Mike de Boer zoom (com_zoom)
...)
+	TODO: check
+CVE-2009-4473 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2009-4472 (Multiple PHP remote file inclusion vulnerabilities in PHPope
1.0.0 and ...)
+	TODO: check
+CVE-2009-4471 (Multiple PHP remote file inclusion vulnerabilities in FreeSchool
1.1.0 ...)
+	TODO: check
+CVE-2009-4470 (SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows
...)
+	TODO: check
+CVE-2009-4469 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2009-4468 (Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB
1.3 ...)
+	TODO: check
+CVE-2009-4467 (misc.php in DeluxeBB 1.3 allows remote attackers to register
accounts ...)
+	TODO: check
+CVE-2009-4466 (DeluxeBB 1.3 allows remote attackers to obtain sensitive
information ...)
+	TODO: check
+CVE-2009-4465 (DeluxeBB 1.3 stores sensitive information under the web root
with ...)
+	TODO: check
+CVE-2009-4464 (Cross-site scripting (XSS) vulnerability in searchadvance.asp in
...)
+	TODO: check
+CVE-2009-4463 (The firmware for Intellicom NetBiter WebSCADA uses hard-coded
...)
+	TODO: check
+CVE-2009-4462 (Stack-based buffer overflow in NetBiterConfig.exe 1.3.0 in
Intellicom ...)
+	TODO: check
+CVE-2009-4461 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress
0.909 ...)
+	TODO: check
+CVE-2009-4460 (Multiple cross-site scripting (XSS) vulnerabilities in Auto-Surf
...)
+	TODO: check
+CVE-2009-4459 (Redmine 0.8.7 and earlier uses the title tag before defining the
...)
+	TODO: check
+CVE-2008-7250 (Cross-site scripting (XSS) vulnerability in Squid Analysis
Report ...)
+	TODO: check
+CVE-2008-7249 (Buffer overflow in Squid Analysis Report Generator (Sarg)
2.2.3.1, and ...)
+	TODO: check
 CVE-2009-XXXX [sendmail ssl cert spoofing via NUL character]
 	- sendmail <unfixed>
 	TODO: check
@@ -11195,7 +11399,7 @@
 	NOT-FOR-US: phpFoX
 CVE-2009-0968 (SQL injection vulnerability in fmoblog.php in the fMoblog plugin
2.1 ...)
 	NOT-FOR-US: fMoblog plugin for WordPress
-CVE-2009-0967 (The FTP server in Serv-U 7.4.0.1 allows remote authenticated
users to ...)
+CVE-2009-0967 (The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote
...)
 	NOT-FOR-US: Serv-U
 CVE-2009-0966 (PHP remote file inclusion vulnerability in cross.php in YABSoft
Mega ...)
 	NOT-FOR-US: YABSoft Mega File Hosting
@@ -18305,9 +18509,9 @@
 	NOT-FOR-US: Flash CS3 Professional
 CVE-2008-4502 (Multiple PHP remote file inclusion vulnerabilities in
DataFeedFile ...)
 	NOT-FOR-US: DataFeedFile PHP Framework API
-CVE-2008-4501 (Directory traversal vulnerability in the FTP server in Serv-U
7.3, and ...)
+CVE-2008-4501 (Directory traversal vulnerability in the FTP server in Serv-U
7.0.0.1 ...)
 	NOT-FOR-US: Serv-U
-CVE-2008-4500 (Serv-U 7.3, and 7.2.0.1 and earlier, allows remote authenticated
users ...)
+CVE-2008-4500 (Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote
...)
 	NOT-FOR-US: Serv-U
 CVE-2008-4499 (Multiple directory traversal vulnerabilities in PHP Web Explorer
0.99b ...)
 	NOT-FOR-US: PHP Web Explorer
@@ -20272,7 +20476,7 @@
 	{DTSA-166-1}
 	- vlc 0.8.6.h-2
 	[etch] - vlc <not-affected> (TTA module not present)
-CVE-2008-3731 (Unspecified vulnerability in Serv-U File Server 7.x before
7.2.0.1 ...)
+CVE-2008-3731 (Unspecified vulnerability in Serv-U File Server 7.0.0.1, and
other ...)
 	NOT-FOR-US: Serv-U File
 CVE-2008-3730 (Cross-site scripting (XSS) vulnerability in Nordicwind Document
...)
 	NOT-FOR-US: NOAH
Secure testing commits - Jan 2010 - r13710 - data/CVE

[Secure-testing-commits] r13710 - data/CVE
