[Secure-testing-commits] r2523 - data/CVE

Joey Hess joeyh at costa.debian.org
Fri Oct 21 09:14:22 UTC 2005 

Author: joeyh
Date: 2005-10-21 09:14:16 +0000 (Fri, 21 Oct 2005)
New Revision: 2523

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-10-20 21:14:18 UTC (rev 2522)
+++ data/CVE/list	2005-10-21 09:14:16 UTC (rev 2523)
@@ -1,3 +1,39 @@
+CVE-2005-3276 (The sys_get_thread_area function in process.c in Linux 2.6 before ...)
+	TODO: check
+CVE-2005-3275 (The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in ...)
+	TODO: check
+CVE-2005-3274 (Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 ...)
+	TODO: check
+CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for ROSE in Linux 2.6 ...)
+	TODO: check
+CVE-2005-3272 (Linux kernel before 2.6.12 allows remote attackers to poison the ...)
+	TODO: check
+CVE-2005-3271 (Exec in Linux kernel 2.6 does not properly clear posix-timers in ...)
+	TODO: check
+CVE-2005-3270 (Untrusted search path vulnerability in DiskMountNotify for Symantec ...)
+	TODO: check
+CVE-2005-3269 (Unspecified "security exposure" in the HTTP Admin interface for Sun ...)
+	TODO: check
+CVE-2005-3268 (yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and ...)
+	TODO: check
+CVE-2005-3267
+	RESERVED
+CVE-2005-3266
+	RESERVED
+CVE-2005-3265
+	RESERVED
+CVE-2005-3264 (Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog ...)
+	TODO: check
+CVE-2005-3263 (Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 ...)
+	TODO: check
+CVE-2005-3262 (Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows ...)
+	TODO: check
+CVE-2005-3261 (getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the ...)
+	TODO: check
+CVE-2005-3260 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+	TODO: check
+CVE-2005-3259 (Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) ...)
+	TODO: check
 CVE-2005-XXXX [Insecure caching of user id in mantis]
 	- mantis <unfixed> (bug #330682; unknown)
 CVE-2005-XXXX [Filter information disclosure in mantis]
@@ -2,3 +38,3 @@
 	- mantis <unfixed> (bug #330682; low)
-CVE-2005-3258
+CVE-2005-3258 (The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and ...)
 	- squid <unfixed> (bug #334882; medium)
@@ -152,12 +188,12 @@
 	RESERVED
 CVE-2005-3186
 	RESERVED
-CVE-2005-3184
-	RESERVED
+CVE-2005-3184 (Buffer overflow vulnerability in the unicode_to_bytes in the Service ...)
+	TODO: check
 CVE-2005-3183 (The HTBoundary_put_block function in HTBound.c for W3C libwww ...)
 	- w3c-libwww <unfixed> (bug #334443; low)
-CVE-2005-3182
-	RESERVED
+CVE-2005-3182 (Buffer overflow in the HTTP management interface for GFI MailSecurity ...)
+	TODO: check
 CVE-2005-XXXX [unsafe temporary file creation in flexbackup default config]
 	- flexbackup <unfixed> (bug #334350; low)
 CVE-2005-XXXX [xscreensaver does not maintain screen locks during upgrade]
@@ -318,8 +354,7 @@
 	RESERVED
 CVE-2005-3122
 	RESERVED
-CVE-2005-3121 [Insecure temp file generation in module-assistant]
-	RESERVED
+CVE-2005-3121 (A rule file in module-assistant before 0.9.10 causes a temporary file ...)
 	{DSA-867-1}
 	- module-assistant 0.9.10
 	TODO: Check, whether this version really fixes the issue, it's not mentioned in the changelog
@@ -777,8 +812,7 @@
 CVE-2005-2972 [Further RTF buffer overflows in abiword]
 	RESERVED
 	- abiword 2.4.1-1 (bug #333740; medium)
-CVE-2005-2971 [Heap overflow in kword's RTF import]
-	RESERVED
+CVE-2005-2971 (Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 ...)
 	- koffice 1:1.3.5-5 (bug #333497; medium)
 CVE-2005-2970
 	RESERVED
@@ -1249,8 +1283,8 @@
 	RESERVED
 CVE-2005-2760
 	RESERVED
-CVE-2005-2759
-	RESERVED
+CVE-2005-2759 (** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton ...)
+	TODO: check
 CVE-2005-2758 (Integer signedness error in the administrative interface for Symantec ...)
 	NOT-FOR-US: Symantec Antivirus
 CVE-2005-2757
@@ -2368,8 +2402,8 @@
 	- netpbm 2:10.0-9 (bug #319757; low)
 CVE-2005-2470 (Buffer overflow in a &quot;core application plug-in&quot; for Adobe Reader 5.1 ...)
 	NOT-FOR-US: Adobe
-CVE-2005-2469
-	RESERVED
+CVE-2005-2469 (Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C ...)
+	TODO: check
 CVE-2005-2459 (The huft_build function in inflate.c in the zlib routines in the Linux ...)
 	{DTSA-16-1}
 	- linux-2.6 2.6.12-3 (bug #323173)

More information about the Secure-testing-commits mailing list