thr3ads.net - Secure testing commits - [Secure-testing-commits] r17055

If this information is useful, please help other people find it:
Share via:
Joey Hess
2011-Aug-02 21:14 UTC
[Secure-testing-commits] r17055 - data/CVE

Author: joeyh
Date: 2011-08-02 21:14:16 +0000 (Tue, 02 Aug 2011)
New Revision: 17055

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-08-02 07:05:25 UTC (rev 17054)
+++ data/CVE/list	2011-08-02 21:14:16 UTC (rev 17055)
@@ -1,3 +1,97 @@
+CVE-2011-3005
+	RESERVED
+CVE-2011-3004
+	RESERVED
+CVE-2011-3003
+	RESERVED
+CVE-2011-3002
+	RESERVED
+CVE-2011-3001
+	RESERVED
+CVE-2011-3000
+	RESERVED
+CVE-2011-2999
+	RESERVED
+CVE-2011-2998
+	RESERVED
+CVE-2011-2997
+	RESERVED
+CVE-2011-2996
+	RESERVED
+CVE-2011-2995
+	RESERVED
+CVE-2011-2994
+	RESERVED
+CVE-2011-2993
+	RESERVED
+CVE-2011-2992
+	RESERVED
+CVE-2011-2991
+	RESERVED
+CVE-2011-2990
+	RESERVED
+CVE-2011-2989
+	RESERVED
+CVE-2011-2988
+	RESERVED
+CVE-2011-2987
+	RESERVED
+CVE-2011-2986
+	RESERVED
+CVE-2011-2985
+	RESERVED
+CVE-2011-2984
+	RESERVED
+CVE-2011-2983
+	RESERVED
+CVE-2011-2982
+	RESERVED
+CVE-2011-2981
+	RESERVED
+CVE-2011-2980
+	RESERVED
+CVE-2011-2979
+	RESERVED
+CVE-2011-2978
+	RESERVED
+CVE-2011-2977
+	RESERVED
+CVE-2011-2976
+	RESERVED
+CVE-2011-2975 (Double free vulnerability in the msAddImageSymbol function in
...)
+	TODO: check
+CVE-2011-2974
+	RESERVED
+CVE-2011-2973
+	RESERVED
+CVE-2011-2972
+	RESERVED
+CVE-2011-2971
+	RESERVED
+CVE-2011-2970
+	RESERVED
+CVE-2011-2969
+	RESERVED
+CVE-2011-2968
+	RESERVED
+CVE-2011-2967
+	RESERVED
+CVE-2011-2966
+	RESERVED
+CVE-2011-2965
+	RESERVED
+CVE-2011-2964 (foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic
4.0.6 ...)
+	TODO: check
+CVE-2011-2963 (TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084
does not ...)
+	TODO: check
+CVE-2011-2962 (Multiple stack-based buffer overflows in Invensys Wonderware
...)
+	TODO: check
+CVE-2011-2961 (Heap-based buffer overflow in AngelServer.exe 6.0.11.3 in Sunway
...)
+	TODO: check
+CVE-2011-2960 (Heap-based buffer overflow in httpsvr.exe 6.0.5.3 in Sunway ...)
+	TODO: check
+CVE-2011-2959 (Stack-based buffer overflow in the Open Database Connectivity
(ODBC) ...)
+	TODO: check
 CVE-2011-XXXX [acpid insecure umasks for calling external scripts]
 	- acpid 1:2.0.11-1
 CVE-2011-XXXX [TYPO3-SA-2011-001]
@@ -502,13 +596,11 @@
 	RESERVED
 	- glpi 0.80.2-1 (bug #635544; unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2011-2719 [PMASA-2011-12 phpMyAdmin Possible superglobal and local
variables manipulation in swekey authentication.]
-	RESERVED
+CVE-2011-2719 (libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x
before ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.2-1 (low)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2718 [PMASA-2011-11 phpMyAdmin Local file inclusion vulnerability and
code execution.]
-	RESERVED
+CVE-2011-2718 (Multiple directory traversal vulnerabilities in the relational
schema ...)
 	- phpmyadmin 4:3.4.3.2-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -547,12 +639,10 @@
 	- ruby1.8 <unfixed> (low; bug #635878)
 	- ruby1.9 <unfixed> (low)
 	- ruby1.9.1 <unfixed> (low)
-CVE-2011-2704 [mapserver buffer overflows in OGC filters]
-	RESERVED
+CVE-2011-2704 (Stack-based buffer overflow in MapServer before 4.10.7 and 5.x
before ...)
 	{DSA-2285-1}
 	- mapserver <unfixed>
-CVE-2011-2703 [mapserver sql injections in OGC filters]
-	RESERVED
+CVE-2011-2703 (Multiple SQL injection vulnerabilities in MapServer before
4.10.7, 5.x ...)
 	{DSA-2285-1}
 	- mapserver <unfixed>
 CVE-2011-2702
@@ -570,16 +660,14 @@
 	RESERVED
 	- wireshark 1.6.1-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see
README.Debian.security
-CVE-2011-2697
-	RESERVED
+CVE-2011-2697 (foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP)
3.11.5 ...)
 	- hplip <unfixed> (bug #635549; medium)
 CVE-2011-2696 (Integer overflow in libsndfile before 1.0.25 allows remote
attackers ...)
 	{DSA-2288-1}
 	- libsndfile 1.0.25-1 
 CVE-2011-2695 (Multiple off-by-one errors in the ext4 subsystem in the Linux
kernel ...)
 	- linux-2.6 3.0.0-1
-CVE-2011-2694 [Samba SWAT XSS]
-	RESERVED
+CVE-2011-2694 (Cross-site scripting (XSS) vulnerability in the chg_passwd
function in ...)
 	- samba 2:3.5.10~dfsg-1 (low)
 CVE-2011-2693
 	RESERVED
@@ -712,13 +800,11 @@
 	RESERVED
 CVE-2011-2644
 	RESERVED
-CVE-2011-2643 [PMASA-2011-10 Local file inclusion.]
-	RESERVED
+CVE-2011-2643 (Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x
...)
 	- phpmyadmin 4:3.4.3.2-1
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 	[lenny] - phpmyadmin <not-affected> (Vulnerable code not present)
-CVE-2011-2642 [PMASA-2011-9 XSS in table Print view.]
-	RESERVED
+CVE-2011-2642 (Multiple cross-site scripting (XSS) vulnerabilities in the table
Print ...)
 	{DSA-2286-1}
 	- phpmyadmin 4:3.4.3.2-1
 CVE-2011-XXXX [pyro: insecure use of temporary pid file]
@@ -1014,8 +1100,7 @@
 	- libsoup2.4 2.34.3-1 (bug #635837)
 CVE-2011-2523
 	RESERVED
-CVE-2011-2522 [Samba SWAT CSRF]
-	RESERVED
+CVE-2011-2522 (Multiple cross-site request forgery (CSRF) vulnerabilities in
the ...)
 	- samba 2:3.5.10~dfsg-1 (low)
 CVE-2011-2521
 	RESERVED
@@ -1295,16 +1380,16 @@
 	RESERVED
 CVE-2011-2404
 	RESERVED
-CVE-2011-2403
-	RESERVED
-CVE-2011-2402
-	RESERVED
-CVE-2011-2401
-	RESERVED
-CVE-2011-2400
-	RESERVED
-CVE-2011-2399
-	RESERVED
+CVE-2011-2403 (SQL injection vulnerability in HP Network Automation 7.2x, 7.5x,
7.6x, ...)
+	TODO: check
+CVE-2011-2402 (Cross-site scripting (XSS) vulnerability in HP Network
Automation ...)
+	TODO: check
+CVE-2011-2401 (Session fixation vulnerability in HP SiteScope 9.x, 10.x, and
11.x ...)
+	TODO: check
+CVE-2011-2400 (Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x,
10.x, ...)
+	TODO: check
+CVE-2011-2399 (Unspecified vulnerability in the Media Management Daemon (mmd)
in HP ...)
+	TODO: check
 CVE-2011-2398 (Unspecified vulnerability in the dynamic loader in HP HP-UX
B.11.11, ...)
 	NOT-FOR-US: HP-UX
 CVE-2011-2397
@@ -3117,12 +3202,12 @@
 CVE-2011-1745 (Integer overflow in the agp_generic_insert_memory function in
...)
 	{DSA-2264-1 DSA-2240-1}
 	- linux-2.6 2.6.38-5
-CVE-2011-1744
-	RESERVED
-CVE-2011-1743
-	RESERVED
-CVE-2011-1742
-	RESERVED
+CVE-2011-1744 (EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the
origin ...)
+	TODO: check
+CVE-2011-1743 (Cross-site scripting (XSS) vulnerability in EMC Captiva eInput
2.1.1 ...)
+	TODO: check
+CVE-2011-1742 (EMC Data Protection Advisor before 5.8.1 places cleartext
account ...)
+	TODO: check
 CVE-2011-1741 (Stack-based buffer overflow in ftserver.exe in the OpenText ...)
 	NOT-FOR-US: OpenText Hummingbird Client Connector
 CVE-2011-1740
Secure testing commits - Aug 2011 - r17055 - data/CVE

[Secure-testing-commits] r17055 - data/CVE
