thr3ads.net - Secure testing commits - [Secure-testing-commits] r15539

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Oct-29 21:15 UTC
[Secure-testing-commits] r15539 - data/CVE

Author: joeyh
Date: 2010-10-29 21:15:49 +0000 (Fri, 29 Oct 2010)
New Revision: 15539

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-10-29 07:02:13 UTC (rev 15538)
+++ data/CVE/list	2010-10-29 21:15:49 UTC (rev 15539)
@@ -1,3 +1,53 @@
+CVE-2010-4121 (** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli
Provisioning ...)
+	TODO: check
+CVE-2010-4120 (Multiple cross-site scripting (XSS) vulnerabilities in the TAM
console ...)
+	TODO: check
+CVE-2010-4119
+	RESERVED
+CVE-2010-4118
+	RESERVED
+CVE-2010-4117
+	RESERVED
+CVE-2010-4116
+	RESERVED
+CVE-2010-4115
+	RESERVED
+CVE-2010-4114
+	RESERVED
+CVE-2010-4113
+	RESERVED
+CVE-2010-4112
+	RESERVED
+CVE-2010-4111
+	RESERVED
+CVE-2010-4110
+	RESERVED
+CVE-2010-4109
+	RESERVED
+CVE-2010-4108
+	RESERVED
+CVE-2010-4107
+	RESERVED
+CVE-2010-4106
+	RESERVED
+CVE-2010-4105
+	RESERVED
+CVE-2010-4104
+	RESERVED
+CVE-2010-4103
+	RESERVED
+CVE-2010-4102
+	RESERVED
+CVE-2010-4101
+	RESERVED
+CVE-2010-4100
+	RESERVED
+CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is
...)
+	TODO: check
+CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote
commands, ...)
+	TODO: check
+CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
+	TODO: check
 CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti
...)
 	TODO: check
 CVE-2010-4094 (The Tomcat server in IBM Rational Quality Manager and Rational
Test ...)
@@ -68,8 +118,7 @@
 	TODO: check
 CVE-2010-4068 (Unspecified vulnerability in the Extension Manager in TYPO3
4.2.x ...)
 	TODO: check
-CVE-2010-4096
-	RESERVED
+CVE-2010-4096 (share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows
local ...)
 	- monkeysphere 0.31-3 (bug #600304)
 	NOTE: micah requested this CVE from mitre, issue has been fixed in debian
already
 CVE-2010-4067
@@ -166,20 +215,20 @@
 	RESERVED
 CVE-2010-4030
 	RESERVED
-CVE-2010-4029
-	RESERVED
-CVE-2010-4028
-	RESERVED
-CVE-2010-4027
-	RESERVED
-CVE-2010-4026
-	RESERVED
-CVE-2010-4025
-	RESERVED
-CVE-2010-4024
-	RESERVED
-CVE-2010-4023
-	RESERVED
+CVE-2010-4029 (Unspecified vulnerability in HP Storage Essentials before 6.3.0,
when ...)
+	TODO: check
+CVE-2010-4028 (Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP
...)
+	TODO: check
+CVE-2010-4027 (Unspecified vulnerability in the camera application in HP Palm
webOS ...)
+	TODO: check
+CVE-2010-4026 (Unspecified vulnerability in the service API in HP Palm webOS
1.4.1 ...)
+	TODO: check
+CVE-2010-4025 (Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1
allows ...)
+	TODO: check
+CVE-2010-4024 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Control ...)
+	TODO: check
+CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control
Power ...)
+	TODO: check
 CVE-2010-4022
 	RESERVED
 CVE-2010-4021
@@ -262,22 +311,22 @@
 	- python-pyftpdlib <not-affected> (Fixed before initial upload to the
archive)
 CVE-2010-3995
 	RESERVED
-CVE-2010-3994
-	RESERVED
-CVE-2010-3993
-	RESERVED
-CVE-2010-3992
-	RESERVED
-CVE-2010-3991
-	RESERVED
-CVE-2010-3990
-	RESERVED
-CVE-2010-3989
-	RESERVED
-CVE-2010-3988
-	RESERVED
-CVE-2010-3987
-	RESERVED
+CVE-2010-3994 (Cross-site scripting (XSS) vulnerability in HP Version Control
...)
+	TODO: check
+CVE-2010-3993 (Unspecified vulnerability in HP Insight Control Server Migration
...)
+	TODO: check
+CVE-2010-3992 (Unspecified vulnerability in HP Insight Control Server Migration
...)
+	TODO: check
+CVE-2010-3991 (Cross-site scripting (XSS) vulnerability in HP Insight Control
Server ...)
+	TODO: check
+CVE-2010-3990 (Unspecified vulnerability in HP Virtual Server Environment
before 6.2 ...)
+	TODO: check
+CVE-2010-3989 (Cross-site request forgery (CSRF) vulnerability in HP Insight
Control ...)
+	TODO: check
+CVE-2010-3988 (Unspecified vulnerability in HP Insight Control Virtual Machine
...)
+	TODO: check
+CVE-2010-3987 (Cross-site scripting (XSS) vulnerability in HP Insight Control
Virtual ...)
+	TODO: check
 CVE-2010-3986 (Unspecified vulnerability in HP Virtual Connect Enterprise
Manager ...)
 	TODO: check
 CVE-2010-3985 (Cross-site scripting (XSS) vulnerability in HP Operations ...)
@@ -384,8 +433,8 @@
 	RESERVED
 CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device
Software ...)
 	NOT-FOR-US: BlackBerry Device Software
-CVE-2010-3933
-	RESERVED
+CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested
...)
+	TODO: check
 CVE-2010-3932
 	RESERVED
 CVE-2010-3931
@@ -583,8 +632,7 @@
 	RESERVED
 	- ettercap <unfixed> (unimportant; bug #600130)
 	NOTE: Very far-fetched attack vector
-CVE-2010-3842
-	RESERVED
+CVE-2010-3842 (Absolute path traversal vulnerability in curl 7.20.0 through
7.21.1, ...)
 	- curl <not-affected> (Doesn''t affect POSIX systems)
 CVE-2010-3841 (Multiple cross-site scripting (XSS) vulnerabilities in
lib/TWiki.pm in ...)
 	NOT-FOR-US: TWiki
@@ -774,8 +822,7 @@
 	RESERVED
 CVE-2010-3766
 	RESERVED
-CVE-2010-3765
-	RESERVED
+CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11,
when ...)
 	- xulrunner <removed>
 	- iceweasel 3.5.15-1
 	[lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses
Xulrunner from the xulrunner source pkg)
@@ -900,12 +947,11 @@
 CVE-2010-3714 (The jumpUrl (aka access tracking) implementation in ...)
 	{DSA-2121-1}
 	- typo3-src 4.3.7-1
-CVE-2010-3713
-	RESERVED
-CVE-2010-3712
-	RESERVED
-CVE-2010-3711
-	RESERVED
+CVE-2010-3713 (rss.php in UseBB before 1.0.11 does not properly handle forum
...)
+	TODO: check
+CVE-2010-3712 (Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before
...)
+	TODO: check
+CVE-2010-3711 (libpurple in Pidgin before 2.7.4 does not properly validate the
return ...)
 	- pidgin 2.7.4-1
 	[squeeze] - pidgin 2.7.3-1+squeeze1
 CVE-2010-3710 (Stack consumption vulnerability in the filter_var function in
PHP ...)
@@ -3077,8 +3123,7 @@
 	RESERVED
 CVE-2010-2892
 	RESERVED
-CVE-2010-2891
-	RESERVED
+CVE-2010-2891 (Buffer overflow in the smiGetNode function in lib/smi.c in
libsmi ...)
 	- libsmi 0.4.8+dfsg2-3
 CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on
...)
 	NOT-FOR-US: Adobe Reader and Acrobat
@@ -6496,7 +6541,7 @@
 	- pidgin 2.7.0-1 (low)
 	[lenny] - pidgin 2.4.3-4lenny6
 	NOTE: MSN support was disabled in 2.4.3-4lenny6
-CVE-2010-1623 (The apr_brigade_split_line function in buckets/apr_brigade.c in
the ...)
+CVE-2010-1623 (Memory leak in the apr_brigade_split_line function in ...)
 	{DSA-2117-1}
 	- apr-util 1.3.9+dfsg-4 (medium)
 	- apache2 2.2.16-3
@@ -11267,8 +11312,8 @@
 	RESERVED
 CVE-2010-0113
 	RESERVED
-CVE-2010-0112
-	RESERVED
+CVE-2010-0112 (Multiple SQL injection vulnerabilities in the Administrative
Interface ...)
+	TODO: check
 CVE-2010-0111
 	RESERVED
 CVE-2010-0110
Secure testing commits - Oct 2010 - r15539 - data/CVE

[Secure-testing-commits] r15539 - data/CVE
