[Secure-testing-commits] r2893 - data/CVE

[Stefan Fritsch]

Author: stef-guest
Date: 2005-11-29 22:40:49 +0000 (Tue, 29 Nov 2005)
New Revision: 2893

Modified:
   data/CVE/list
Log:
good old insecure quake 2

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-29 22:24:36 UTC (rev 2892)
+++ data/CVE/list	2005-11-29 22:40:49 UTC (rev 2893)
@@ -204,21 +204,23 @@
 CVE-2004-2600 (The firmware for Intelligent Platform Management Interface (IPMI) ...)
 	TODO: check
 CVE-2004-2599 (Multiple buffer overflows in Quake II server before R1Q2, as used in ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
+	NOTE: There is a big note in the quake2 package stating that it is not secure.
+	NOTE: Otherwise severity would be high.
 CVE-2004-2598 (Quake II server before R1Q2, as used in multiple products, allows ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2597 (Quake II server before R1Q2, as used in multiple products, allows ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2596 (Quake II server before R1Q2, as used in multiple products, allows ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2595 (Absolute path traversal vulnerability in Quake II server before R1Q2 ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2594 (Absolute path traversal vulnerability in Quake II server before R1Q2 ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2593 (Buffer overflow in command-packet processing of Quake II server before ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2592 (Quake II server before R1Q2, as used in multiple products, allows ...)
-	TODO: check
+	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2591 (The data-overwrite capability of ButtUglySoftware CleanCache 2.19 does ...)
 	TODO: check
 CVE-2004-2590 (Unspecified vulnerability in meindlSOFT Cute PHP Library (aka cphplib) ...)