[Secure-testing-commits] r3460 - data/CVE
Joey Hess
joeyh at costa.debian.org
Fri Feb 10 21:14:29 UTC 2006
Author: joeyh
Date: 2006-02-10 21:14:23 +0000 (Fri, 10 Feb 2006)
New Revision: 3460
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-10 17:38:54 UTC (rev 3459)
+++ data/CVE/list 2006-02-10 21:14:23 UTC (rev 3460)
@@ -100,15 +100,19 @@
NOT-FOR-US: AutoCAD
CVE-2006-0598 [elog: buffer overflow in write_logfile]
RESERVED
+ {DSA-967-1}
- elog 2.6.1+r1642-1
CVE-2006-0597 [elog: remote DoS through overly long attributes]
RESERVED
+ {DSA-967-1}
- elog 2.6.1+r1642-1
CVE-2006-0599 [elog: information discloure in password denial]
RESERVED
+ {DSA-967-1}
- elog 2.6.1+r1642-1
CVE-2006-0600 [elog: remote DoS through endless loop]
RESERVED
+ {DSA-967-1}
- elog 2.6.1+r1642-1
CVE-2006-0593 (Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 ...)
TODO: check
@@ -729,8 +733,10 @@
CVE-2006-0349 (SQL injection vulnerability in eggblog 2.0 allows remote attackers to ...)
NOT-FOR-US: eggblog
CVE-2006-0348 (Format string vulnerability in the write_logfile function in ELOG ...)
+ {DSA-967-1}
- elog 2.6.1+r1642-1 (bug #349528; medium)
CVE-2006-0347 (Directory traversal vulnerability in ELOG before 2.6.1 allows remote ...)
+ {DSA-967-1}
- elog 2.6.1+r1642-1 (bug #349528; medium)
CVE-2006-0346 (Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows ...)
NOT-FOR-US: SaralBlog
@@ -1962,6 +1968,7 @@
TODO: check, whether this has ramifications on the kernel's VLAN implementation
TODO: or whether it's a generic unfixable protocol flaw
CVE-2005-4439 (Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to ...)
+ {DSA-967-1}
- elog 2.6.1+r1642-1 (bug #349528; high)
CVE-2005-4438 (Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in ...)
NOT-FOR-US: Dec2Rar
More information about the Secure-testing-commits
mailing list