Author: geissert Date: 2010-01-05 00:46:05 +0000 (Tue, 05 Jan 2010) New Revision: 13714 Modified: data/CVE/list Log: some NFUs, Zabbix issues CVEIfied Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-05 00:36:43 UTC (rev 13713) +++ data/CVE/list 2010-01-05 00:46:05 UTC (rev 13714) @@ -45,7 +45,7 @@ CVE-2009-4536 RESERVED CVE-2009-4535 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Mongoose CVE-2009-4534 (Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before ...) TODO: check CVE-2009-4533 (The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module ...) @@ -53,11 +53,11 @@ CVE-2009-4532 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...) TODO: check CVE-2009-4531 (httpdx 1.4.4 and earlier allows remote attackers to obtain the source ...) - TODO: check + NOT-FOR-US: httpdx CVE-2009-4530 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...) - TODO: check + NOT-FOR-US: Mongoose CVE-2009-4529 (InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote ...) - TODO: check + NOT-FOR-US: InterVations NaviCOPA Web Server CVE-2009-4528 (The Organic Groups (OG) Vocabulary module 6.x before 6.x-1.0 for ...) TODO: check CVE-2009-4527 (The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before ...) @@ -69,15 +69,15 @@ CVE-2009-4524 (Cross-site scripting (XSS) vulnerability in the RealName module ...) TODO: check CVE-2009-4523 (Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 ...) - TODO: check + NOT-FOR-US: Zainu CVE-2009-4522 (Cross-site scripting (XSS) vulnerability in search.5.html in ...) - TODO: check + NOT-FOR-US: BloofoxCMS CVE-2009-4521 (Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse ...) TODO: check CVE-2009-4520 (The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before ...) TODO: check CVE-2009-4519 (Multiple unspecified vulnerabilities in Ortro before 1.3.4 have ...) - TODO: check + NOT-FOR-US: Ortro CVE-2009-4518 (Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x ...) TODO: check CVE-2009-4517 (Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module ...) @@ -111,15 +111,15 @@ CVE-2009-4503 RESERVED CVE-2009-4502 (The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, ...) - TODO: check + - zabbix <unfixed> (bug #562613) CVE-2009-4501 (The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix ...) - TODO: check + - zabbix <unfixed> (bug #562613) CVE-2009-4500 (The process_trap function in trapper/trapper.c in Zabbix Server before ...) - TODO: check + - zabbix <unfixed> (bug #562613) CVE-2009-4499 (SQL injection vulnerability in the get_history_lastid function in the ...) - TODO: check + - zabbix <unfixed> (bug #562613) CVE-2009-4498 (The node_process_command function in Zabbix Server before 1.8 allows ...) - TODO: check + - zabbix <unfixed> (bug #562613) CVE-2009-4497 RESERVED CVE-2009-4496 @@ -806,9 +806,6 @@ RESERVED CVE-2009-4267 RESERVED -CVE-2009-XXXX [Zabbix Server multiple remote vulnerabilities] - - zabbix <unfixed> (bug filed) - NOTE: Sent mail to oss-security, entry can be split once CVE IDs have been assigned CVE-2009-XXXX [gnome-screensaver vulnerability] - gnome-screensaver <unfixed> (low; bug #560895) CVE-2009-XXXX [gif2png multiple buffer overflows parsing CLI arguments]