[Secure-testing-commits] r2813 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon Nov 21 16:01:42 UTC 2005
Author: jmm-guest
Date: 2005-11-21 16:01:37 +0000 (Mon, 21 Nov 2005)
New Revision: 2813
Modified:
data/CVE/list
Log:
new cscope issue
new unimportant xboard issue
new already fixed samba issue
lots of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-11-21 15:42:08 UTC (rev 2812)
+++ data/CVE/list 2005-11-21 16:01:37 UTC (rev 2813)
@@ -107,44 +107,43 @@
NOT-FOR-US: Just a "meta CVE" for all the IKE issues, will possibly be rejected
CVE-2005-3665
RESERVED
-begin claimed by jmm
CVE-2004-2558 (Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, ...)
- TODO: check
+ NOT-FOR-US: Tivoli
CVE-2004-2557 (NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a ...)
- TODO: check
+ NOT-FOR-US: Netgear hardware
CVE-2004-2556 (NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and ...)
- TODO: check
+ NOT-FOR-US: Netgear hardware
CVE-2004-2555 (Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses ...)
- TODO: check
+ NOT-FOR-US: FoolProof Security
CVE-2004-2554 (Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost ...)
- TODO: check
+ NOT-FOR-US: Novell Client Firewall
CVE-2004-2553 (The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows ...)
- TODO: check
+ NOT-FOR-US: ignitionServer
CVE-2004-2552 (Buffer overflow in XBoard 4.2.7 and earlier might allow local users to ...)
- TODO: check
+ - xboard <unfixed> (unimportant)
+ TODO: hardly exploitable, should be fixed anyway
CVE-2004-2551 (Multiple SQL injection vulnerabilities in Layton HelpBox 3.0.1 allow ...)
- TODO: check
+ NOT-FOR-US: Layton HelpBox
CVE-2004-2550 (Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...)
- TODO: check
+ NOT-FOR-US: SandSurfer
CVE-2004-2549 (Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 ...)
- TODO: check
+ NOT-FOR-US: Nortel hardware
CVE-2004-2548 (Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) ...)
- TODO: check
+ NOT-FOR-US: SurgeMail
CVE-2004-2547 (NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote ...)
- TODO: check
+ NOT-FOR-US: SurgeMail
CVE-2004-2546 (Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a ...)
- TODO: check
+ - samba 3.0.6-1
CVE-2004-2545 (Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote ...)
- TODO: check
+ NOT-FOR-US: Sidewinder G2
CVE-2004-2544 (Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 ...)
- TODO: check
+ NOT-FOR-US: Sidewinder G2
CVE-2004-2543 (Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote ...)
- TODO: check
+ NOT-FOR-US: Sidewinder G2
CVE-2004-2542 (Multiple SQL injection vulnerabilities in Dynix (formerly known as ...)
- TODO: check
+ NOT-FOR-US: Dynix WebPac
CVE-2004-2541 (Buffer overflow in Cscope 15.5, and possibly multiple overflows, ...)
- TODO: check
-end claimed by jmm
+ - cscope <unfixed> (bug filed; medium)
CVE-2005-XXXX [unsafe file permissions in vpnc]
- vpnc <unfixed> (bug #340105; medium)
CVE-2005-XXXX [Insecure tempfiles in libjpeg]
More information about the Secure-testing-commits
mailing list