thr3ads.net - Secure testing commits - [Secure-testing-commits] r15430

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Oct-06 21:14 UTC
[Secure-testing-commits] r15430 - data/CVE

Author: joeyh
Date: 2010-10-06 21:14:24 +0000 (Wed, 06 Oct 2010)
New Revision: 15430

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-10-06 09:34:48 UTC (rev 15429)
+++ data/CVE/list	2010-10-06 21:14:24 UTC (rev 15430)
@@ -1,3 +1,103 @@
+CVE-2010-3778
+	RESERVED
+CVE-2010-3777
+	RESERVED
+CVE-2010-3776
+	RESERVED
+CVE-2010-3775
+	RESERVED
+CVE-2010-3774
+	RESERVED
+CVE-2010-3773
+	RESERVED
+CVE-2010-3772
+	RESERVED
+CVE-2010-3771
+	RESERVED
+CVE-2010-3770
+	RESERVED
+CVE-2010-3769
+	RESERVED
+CVE-2010-3768
+	RESERVED
+CVE-2010-3767
+	RESERVED
+CVE-2010-3766
+	RESERVED
+CVE-2010-3765
+	RESERVED
+CVE-2010-3764
+	RESERVED
+CVE-2010-3763 (Cross-site scripting (XSS) vulnerability in core/summary_api.php
in ...)
+	TODO: check
+CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled,
does not ...)
+	TODO: check
+CVE-2010-3761 (Unspecified vulnerability in IBM Tivoli Storage Manager (TSM)
FastBack ...)
+	TODO: check
+CVE-2010-3760 (FastBackMount.exe in the Mount service in IBM Tivoli Storage
Manager ...)
+	TODO: check
+CVE-2010-3759 (FastBackMount.exe in the Mount service in IBM Tivoli Storage
Manager ...)
+	TODO: check
+CVE-2010-3758 (Multiple stack-based buffer overflows in FastBackServer.exe in
the ...)
+	TODO: check
+CVE-2010-3757 (Format string vulnerability in the _Eventlog function in ...)
+	TODO: check
+CVE-2010-3756 (The _CalcHashValueWithLength function in FastBackServer.exe in
the ...)
+	TODO: check
+CVE-2010-3755 (The _DAS_ReadBlockReply function in FastBackServer.exe in the
Server ...)
+	TODO: check
+CVE-2010-3754 (The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in
the ...)
+	TODO: check
+CVE-2010-3753 (programs/pluto/xauth.c in the client in Openswan 2.6.26 through
2.6.28 ...)
+	TODO: check
+CVE-2010-3752 (programs/pluto/xauth.c in the client in Openswan 2.6.25 through
2.6.28 ...)
+	TODO: check
+CVE-2010-3751
+	RESERVED
+CVE-2010-3750
+	RESERVED
+CVE-2010-3749
+	RESERVED
+CVE-2010-3748
+	RESERVED
+CVE-2010-3747
+	RESERVED
+CVE-2010-3746
+	RESERVED
+CVE-2010-3745
+	RESERVED
+CVE-2010-3744
+	RESERVED
+CVE-2010-3743
+	RESERVED
+CVE-2010-3742 (Multiple PHP remote file inclusion vulnerabilities in ...)
+	TODO: check
+CVE-2010-3741 (The offline backup mechanism in Research In Motion (RIM)
BlackBerry ...)
+	TODO: check
+CVE-2010-3740 (The Net Search Extender (NSE) implementation in the Text Search
...)
+	TODO: check
+CVE-2010-3739 (The audit facility in the Security component in IBM DB2 UDB 9.5
before ...)
+	TODO: check
+CVE-2010-3738 (The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT
...)
+	TODO: check
+CVE-2010-3737 (Memory leak in the Relational Data Services component in IBM DB2
UDB ...)
+	TODO: check
+CVE-2010-3736 (Memory leak in the Relational Data Services component in IBM DB2
UDB ...)
+	TODO: check
+CVE-2010-3735 (The &quot;Query Compiler, Rewrite, Optimizer&quot;
component in IBM DB2 UDB 9.5 ...)
+	TODO: check
+CVE-2010-3734 (The Install component in IBM DB2 UDB 9.5 before FP6a on Linux,
UNIX, ...)
+	TODO: check
+CVE-2010-3733 (The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a
uses ...)
+	TODO: check
+CVE-2010-3732 (The DRDA Services component in IBM DB2 UDB 9.5 before FP6a
allows ...)
+	TODO: check
+CVE-2010-3731 (Buffer overflow in the Administration Server component in IBM
DB2 UDB ...)
+	TODO: check
+CVE-2010-3730 (Google Chrome before 6.0.472.62 does not properly use
information ...)
+	TODO: check
+CVE-2010-3729 (The SPDY protocol implementation in Google Chrome before
6.0.472.62 ...)
+	TODO: check
 CVE-2010-3728
 	RESERVED
 CVE-2010-3727
@@ -1081,12 +1181,11 @@
 	- linux-2.6 <unfixed>
 CVE-2010-3309
 	RESERVED
-CVE-2010-3308
-	RESERVED
+CVE-2010-3308 (Buffer overflow in programs/pluto/xauth.c in the client in
Openswan ...)
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
-CVE-2010-3307
-	RESERVED
+CVE-2010-3307 (Multiple PHP remote file inclusion vulnerabilities in ...)
+	TODO: check
 CVE-2010-3305 [pixel CSRF]
 	RESERVED
 	- pixelpost <unfixed>
@@ -1094,13 +1193,11 @@
 	- dovecot 1.2.13-1
 	TODO: check whether this is true: [lenny] - dovecot <not-affected> (only
affects 1.2.x)
 	NOTE: http://www.dovecot.org/list/dovecot-news/2010-July/000163.html
-CVE-2010-3303 [mantis multiple XSS'']
-	RESERVED
+CVE-2010-3303 (Multiple cross-site scripting (XSS) vulnerabilities in MantisBT
before ...)
 	- mantis <unfixed>
 	TODO: check
 	NOTE: http://www.mantisbt.org/bugs/changelog_page.php?version_id=111
-CVE-2010-3302
-	RESERVED
+CVE-2010-3302 (Buffer overflow in programs/pluto/xauth.c in the client in
Openswan ...)
 	- openswan 1:2.6.28+dfsg-2
 	[lenny] - openswan <not-affected> (Introduced in version 2.6.25)
 CVE-2010-3301 (The IA32 system call emulation functionality in ...)
@@ -2838,8 +2935,8 @@
 	NOT-FOR-US: BladeCenter software
 CVE-2010-2654 (Multiple cross-site scripting (XSS) vulnerabilities on the IBM
...)
 	NOT-FOR-US: BladeCenter software
-CVE-2010-2653
-	RESERVED
+CVE-2010-2653 (Race condition in the hvc_close function in
drivers/char/hvc_console.c ...)
+	TODO: check
 CVE-2009-4935 (SQL injection vulnerability in ogp_show.php in Online Guestbook
Pro ...)
 	NOT-FOR-US: Online Guestbook Pro
 CVE-2009-4934 (Cross-site scripting (XSS) vulnerability in index.php in Online
Photo ...)
@@ -3152,8 +3249,8 @@
 	[lenny] - linux-2.6 <not-affected> (brtfs introduced in 2.6.29)
 CVE-2010-2536 (Multiple cross-site scripting (XSS) vulnerabilities in rekonq
0.5 and ...)
 	- rekonq 0.5.0-2 (bug #593300)
-CVE-2010-2535
-	RESERVED
+CVE-2010-2535 (Multiple cross-site scripting (XSS) vulnerabilities in the Back
End in ...)
+	TODO: check
 CVE-2010-2534 (The NetworkSyncCommandQueue function in
network/network_command.cpp in ...)
 	- openttd 1.0.3-1
 	[lenny] - openttd <not-affected> (Introduced in 1.0.1)
@@ -6573,10 +6670,11 @@
 CVE-2010-1323
 	RESERVED
 CVE-2010-1322 KDC uninitialized pointer crash in authorization data handling
-    - krb5 <unfixed> (bug #599237)
-    [lenny] - krb5 <not-affected> (Only affects 1.8)
-    [etch] - krb5 <not-affected> (Only affects 1.8)
-    NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txt
+	RESERVED
+	- krb5 <unfixed> (bug #599237)
+	[lenny] - krb5 <not-affected> (Only affects 1.8)
+	[etch] - krb5 <not-affected> (Only affects 1.8)
+	NOTE: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-006.txt
 CVE-2010-1321 (The kg_accept_krb5 function in krb5/accept_sec_context.c in the
...)
 	{DSA-2052-1}
 	- krb5 1.8.1+dfsg-3 (low; bug #582261)
@@ -9944,8 +10042,8 @@
 	NOT-FOR-US: Wowd client
 CVE-2010-0219
 	RESERVED
-CVE-2010-0218
-	RESERVED
+CVE-2010-0218 (ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to
restrict the ...)
+	TODO: check
 CVE-2010-0217
 	RESERVED
 CVE-2010-0216
Secure testing commits - Oct 2010 - r15430 - data/CVE

[Secure-testing-commits] r15430 - data/CVE
