thr3ads.net - Secure testing commits - [Secure-testing-commits] r16622

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-May-03 21:15 UTC
[Secure-testing-commits] r16622 - data/CVE

Author: joeyh
Date: 2011-05-03 21:15:29 +0000 (Tue, 03 May 2011)
New Revision: 16622

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-05-01 21:15:02 UTC (rev 16621)
+++ data/CVE/list	2011-05-03 21:15:29 UTC (rev 16622)
@@ -1,3 +1,41 @@
+CVE-2011-1843 (Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow
...)
+	TODO: check
+CVE-2011-1842 (dbus_backend/lsd.py in the D-Bus backend in language-selector
before ...)
+	TODO: check
+CVE-2011-1841 (Cross-site scripting (XSS) vulnerability in the link_to helper
in ...)
+	TODO: check
+CVE-2011-1840
+	RESERVED
+CVE-2011-1839 (IBM Rational Build Forge 7.1.0 uses the HTTP GET method during
...)
+	TODO: check
+CVE-2011-1838
+	RESERVED
+CVE-2011-1837
+	RESERVED
+CVE-2011-1836
+	RESERVED
+CVE-2011-1835
+	RESERVED
+CVE-2011-1834
+	RESERVED
+CVE-2011-1833
+	RESERVED
+CVE-2011-1832
+	RESERVED
+CVE-2011-1831
+	RESERVED
+CVE-2011-1830
+	RESERVED
+CVE-2011-1829
+	RESERVED
+CVE-2011-1828
+	RESERVED
+CVE-2010-4803 (Mojolicious before 0.999927 does not properly implement HMAC-MD5
...)
+	TODO: check
+CVE-2010-4802 (Commands.pm in Mojolicious before 0.999928 does not properly
perform ...)
+	TODO: check
+CVE-2009-5074 (Unspecified vulnerability in the MojoX::Dispatcher::Static ...)
+	TODO: check
 CVE-2011-XXXX [spip DoS]
 	- spip <unfixed>
 	[squeeze] - spip 2.1.1-3squeeze1
@@ -585,19 +623,15 @@
 	RESERVED
 CVE-2011-1593
 	RESERVED
-CVE-2011-1592 [wireshark NFS DoS]
-	RESERVED
+CVE-2011-1592 (The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark
1.4.x ...)
 	- wireshark <not-affected> (Windows-specific)
-CVE-2011-1591 [wireshark DECT buffer overflow]
-	RESERVED
+CVE-2011-1591 (Stack-based buffer overflow in the DECT dissector in ...)
 	- wireshark 1.4.5-1
 	[squeeze] - wireshark <not-affected> (Only affects 1.4.x)
 	[lenny] - wireshark <not-affected> (Only affects 1.4.x)
-CVE-2011-1590 [wireshark x509 DoS]
-	RESERVED
+CVE-2011-1590 (The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x
...)
 	- wireshark 1.4.5-1 (unimportant)
-CVE-2011-1589 [mojoicous directory traversal]
-	RESERVED
+CVE-2011-1589 (Directory traversal vulnerability in Path.pm in Mojolicious
before ...)
 	{DSA-2221-1}
 	- libmojolicious-perl 1.16-1
 CVE-2011-1588
@@ -727,24 +761,24 @@
 	RESERVED
 CVE-2011-1544
 	RESERVED
-CVE-2011-1543
-	RESERVED
-CVE-2011-1542
-	RESERVED
-CVE-2011-1541
-	RESERVED
-CVE-2011-1540
-	RESERVED
+CVE-2011-1543 (Cross-site request forgery (CSRF) vulnerability in HP Systems
Insight ...)
+	TODO: check
+CVE-2011-1542 (Cross-site scripting (XSS) vulnerability in HP Systems Insight
Manager ...)
+	TODO: check
+CVE-2011-1541 (Unspecified vulnerability in HP System Management Homepage (SMH)
...)
+	TODO: check
+CVE-2011-1540 (Unspecified vulnerability in HP System Management Homepage (SMH)
...)
+	TODO: check
 CVE-2011-1539
 	RESERVED
 CVE-2011-1538
 	RESERVED
 CVE-2011-1537
 	RESERVED
-CVE-2011-1536
-	RESERVED
-CVE-2011-1535
-	RESERVED
+CVE-2011-1536 (Unspecified vulnerability in HP Performance Insight 5.0, 5.1x.
5.2x, ...)
+	TODO: check
+CVE-2011-1535 (Unspecified vulnerability in HP Insight Control for Linux (aka
...)
+	TODO: check
 CVE-2011-1534 (Unspecified vulnerability in HP Network Node Manager i (NNMi)
9.0x ...)
 	NOT-FOR-US: HP Network Node Manager
 CVE-2011-1533 (Cross-site scripting (XSS) vulnerability on the HP Photosmart
D110 and ...)
@@ -859,8 +893,7 @@
 	RESERVED
 CVE-2011-1500 (PreferencesPithosDialog.py in Pithos 0.3.7 does not properly
restrict ...)
 	- pithos 0.3.8-1 (low)
-CVE-2011-1499
-	RESERVED
+CVE-2011-1499 (acl.c in Tinyproxy before 1.8.3, when an Allow configuration
setting ...)
 	{DSA-2222-1}
 	- tinyproxy 1.8.2-2 (bug #621493)
 	[lenny] - tinyproxy <not-affected> (Vulnerable code not present)
@@ -3098,8 +3131,8 @@
 	NOT-FOR-US: IBM DB2
 CVE-2011-0730
 	RESERVED
-CVE-2011-0729
-	RESERVED
+CVE-2011-0729 (dbus_backend/ls-dbus-backend in the D-Bus backend in
language-selector ...)
+	TODO: check
 CVE-2011-0728 (Cross-site scripting (XSS) vulnerability in templatefunctions.py
in ...)
 	- loggerhead 1.18.1-1
 CVE-2011-0727 (GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users
to ...)
@@ -3454,7 +3487,7 @@
 	RESERVED
 CVE-2011-0612
 	RESERVED
-CVE-2011-0611 (Adobe Flash Player 10.2.153.1 and earlier for Windows,
Macintosh, ...)
+CVE-2011-0611 (Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X,
Linux, and ...)
 	NOT-FOR-US: Adobe Flash Player / Acrobat Reader
 CVE-2011-0610
 	RESERVED
Secure testing commits - May 2011 - r16622 - data/CVE

[Secure-testing-commits] r16622 - data/CVE
