Author: geissert Date: 2010-09-27 21:50:21 +0000 (Mon, 27 Sep 2010) New Revision: 15379 Modified: data/CVE/list Log: new issues: wireshark, quassel, poppler, slurm Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-09-27 21:14:47 UTC (rev 15378) +++ data/CVE/list 2010-09-27 21:50:21 UTC (rev 15379) @@ -1,3 +1,14 @@ +CVE-2010-XXXX [wireshark: BER dissector] + - wireshark <unfixed> + TODO: check + NOTE: http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html +CVE-2010-XXXX [poppler multiple issues] + - poppler <unfixed> + TODO: check poppler and embedders + NOTE: http://secunia.com/advisories/41596/ +CVE-2010-XXXX [quassel CTCP DoS] + - quassel 0.7.1-1 (bug #597853) + NOTE: https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/629774 CVE-2010-3608 (Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote ...) TODO: check CVE-2010-3607 (Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt ...) @@ -514,8 +525,11 @@ RESERVED CVE-2010-3381 RESERVED -CVE-2010-3380 +CVE-2010-3380 [slurm: insecure library loading] RESERVED + - slurm-llnl <unfixed> + NOTE: Debian package ships its own, also vulnerable, init script. NOT fixed in 2.1.14-1 + NOTE: http://sourceforge.net/projects/slurm/files//slurm/version_2.1/2.1.14/RELEASE_NOTES_2.1.14/view CVE-2010-3379 RESERVED CVE-2010-3378