Author: geissert Date: 2010-01-20 01:15:07 +0000 (Wed, 20 Jan 2010) New Revision: 13857 Modified: data/CVE/list Log: some issues CVEIfied, more to be processed later Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-01-19 22:33:23 UTC (rev 13856) +++ data/CVE/list 2010-01-20 01:15:07 UTC (rev 13857) @@ -63,22 +63,6 @@ - mydms <undetermined> (low) TODO: check NOTE: http://seclists.org/fulldisclosure/2010/Jan/267 -CVE-2010-XXXX [dokuwiki CSRF] - - dokuwiki 0.0.20090214b-3.1 (low) - [etch] - dokuwiki <not-affected> (Vulnerable code not present) - NOTE: http://secunia.com/advisories/38205/ - NOTE: CVE id requested -CVE-2010-XXXX [dokuwiki multiple issues] - - dokuwiki 0.0.20090214b-3.1 (medium; bug #565406) - [etch] - dokuwiki <not-affected> (Vulnerable code not present) - NOTE: http://bugs.splitbrain.org/index.php?do=details&task_id=1847 - NOTE: issue being exploited - NOTE: CVE id requested -CVE-2009-XXXX [gnome screensaver not locking second screen] - - gnome-screensaver <unfixed> (low) - NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca - NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616 - TODO: file bug, check affected versions CVE-2010-0350 (Directory traversal vulnerability in the Photo Book (goof_fotoboek) ...) NOT-FOR-US: TYPO3 third party extensions CVE-2010-0349 (Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 ...) @@ -174,10 +158,6 @@ TODO: check CVE-2009-4609 (The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote ...) TODO: check -CVE-2010-XXXX [typo3 openid auth bypass] - - typo3-src <unfixed> - TODO: check affected versions and report - NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/ CVE-2010-XXXX [zenoss sql injection] - zenoss <itp> (bug #361253) NOTE: http://seclists.org/fulldisclosure/2010/Jan/241 @@ -224,16 +204,30 @@ RESERVED CVE-2010-0290 RESERVED -CVE-2010-0289 +CVE-2010-0289 [dokuwiki CSRF] RESERVED -CVE-2010-0288 + - dokuwiki 0.0.20090214b-3.1 (low) + [etch] - dokuwiki <not-affected> (Vulnerable code not present) + NOTE: http://secunia.com/advisories/38205/ +CVE-2010-0288 [dokuwiki insufficient permissions checks, allowing attacker to change ACLs] RESERVED + - dokuwiki 0.0.20090214b-3.1 (medium; bug #565406) + [etch] - dokuwiki <not-affected> (Vulnerable code not present) + NOTE: http://bugs.splitbrain.org/index.php?do=details&task_id=1847 + NOTE: issue being exploited CVE-2010-0287 RESERVED -CVE-2010-0286 +CVE-2010-0286 [typo3 openid auth bypass] RESERVED -CVE-2010-0285 + - typo3-src <unfixed> + TODO: check affected versions and report + NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/ +CVE-2010-0285 [gnome screensaver not locking second screen] RESERVED + - gnome-screensaver <unfixed> (low) + NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616 + TODO: file bug, check affected versions CVE-2010-0284 RESERVED CVE-2010-0283