Author: joeyh Date: 2011-08-26 21:14:16 +0000 (Fri, 26 Aug 2011) New Revision: 17128 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-08-26 14:24:42 UTC (rev 17127) +++ data/CVE/list 2011-08-26 21:14:16 UTC (rev 17128) @@ -1,3 +1,9 @@ +CVE-2011-3269 + RESERVED +CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows ...) + TODO: check +CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log function, ...) + TODO: check CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.1, when the IKEv1 ...) TODO: check CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno ...) @@ -177,8 +183,7 @@ - linux-2.6 <unfixed> CVE-2011-3190 RESERVED -CVE-2011-3189 - RESERVED +CVE-2011-3189 (The crypt function in PHP 5.3.7, when the MD5 hash type is used, ...) - php5 5.3.8-1 [squeeze] - php5 <not-affected> (Introduced in 5.3.7) [lenny] - php5 <not-affected> (Introduced in 5.3.7) @@ -197,8 +202,8 @@ [squeeze] - pidgin <no-dsa> (Minor issue) CVE-2011-3183 RESERVED -CVE-2011-3182 - RESERVED +CVE-2011-3182 (PHP before 5.3.7 does not properly check the return values of the ...) + TODO: check CVE-2011-3181 [PMASA-2011-13 Multiple XSS in the Tracking feature.] RESERVED - phpmyadmin <unfixed> @@ -819,8 +824,8 @@ RESERVED CVE-2011-2941 RESERVED -CVE-2011-2940 - RESERVED +CVE-2011-2940 (stunnel 4.40 and 4.41 might allow remote attackers to execute ...) + TODO: check CVE-2011-2939 RESERVED CVE-2011-2938 @@ -1301,10 +1306,10 @@ RESERVED CVE-2011-2738 RESERVED -CVE-2011-2737 - RESERVED -CVE-2011-2736 - RESERVED +CVE-2011-2737 (RSA enVision 3.x and 4.x before 4 SP4 P3 allows remote attackers to ...) + TODO: check +CVE-2011-2736 (RSA enVision 4.x before 4 SP4 P3 places cleartext administrative ...) + TODO: check CVE-2011-2735 (Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before ...) TODO: check CVE-2011-2734 @@ -1967,8 +1972,7 @@ - gdk-pixbuf 2.23.3-3.1 (bug #631524) CVE-2011-2484 (The add_del_listener function in kernel/taskstats.c in the Linux ...) - linux-2.6 2.6.39-3 (low) -CVE-2011-2483 [openwall blowfish implementation weakness] - RESERVED +CVE-2011-2483 (crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain ...) - libcrypt-eksblowfish-perl <not-affected> (discovered and corrected in initial release in 2007) - php5-suhosin <unfixed> (bug #631283) - postgresql <unfixed> (bug #631285) @@ -4160,8 +4164,8 @@ NOTE: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8126d90480fa CVE-2011-1658 (ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier ...) TODO: check -CVE-2011-1657 - RESERVED +CVE-2011-1657 (The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions ...) + TODO: check CVE-2011-1656 RESERVED CVE-2011-1655 (The management.asmx module in the Management Web Service in the ...)