[Secure-testing-commits] r4365 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Tue Jul 11 00:58:49 UTC 2006
Author: alec-guest
Date: 2006-07-11 00:58:40 +0000 (Tue, 11 Jul 2006)
New Revision: 4365
Modified:
data/CVE/list
Log:
* CVE-2006-3419, CVE-2006-3418, CVE-2006-3417, CVE-2006-3416, CVE-2006-3415,
CVE-2006-3414, CVE-2006-3413, CVE-2006-3412, CVE-2006-3411, CVE-2006-3410,
CVE-2006-3409, CVE-2006-3408, CVE-2006-3407 (tor): fixed
* CVE-2006-3401 (quake3): itp
* CVE-2006-3390, CVE-2006-3389 (wordpress): open, unimportant
* CVE-2006-3388 (phpmyadmin): open, low
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-07-10 22:15:39 UTC (rev 4364)
+++ data/CVE/list 2006-07-11 00:58:40 UTC (rev 4365)
@@ -79,31 +79,31 @@
CVE-2006-3420 (Cross-site request forgery (CSRF) vulnerability in editpost.php in ...)
TODO: check
CVE-2006-3419 (Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3418 (Tor before 0.1.1.20 does not validate that a server descriptor's ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3417 (Tor client before 0.1.1.20 prefers entry points based on is_fast or ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3416 (** DISPUTED ** ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3415 (Tor before 0.1.1.20 uses improper logic to validate the "OR" ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3414 (Tor before 0.1.1.20 supports server descriptors that contain hostnames ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3413 (The privoxy configuration file in Tor before 0.1.1.20, when run on ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3412 (Tor before 0.1.1.20 does not sufficiently obey certain firewall ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3411 (TLS handshakes in Tor before 0.1.1.20 generate public-private keys ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3410 (Tor before 0.1.1.20 creates "internal circuits" primarily consisting ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3409 (Integer overflow in Tor before 0.1.1.20 allows remote attackers to ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3408 (Unspecified vulnerability in the directory server (dirserver) in Tor ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3407 (Tor before 0.1.1.20 allows remote attackers to spoof log entries or ...)
- TODO: check
+ - tor 0.1.1.20-1
CVE-2006-3406 (Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 ...)
TODO: check
CVE-2006-3405 (Cross-site scripting (XSS) vulnerability in qtofm.php in ...)
@@ -113,7 +113,7 @@
CVE-2006-3402 (SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers ...)
TODO: check
CVE-2006-3401 (Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: ...)
- TODO: check
+ - quake3 <itp> (bug #337937)
CVE-2006-3400 (Stack-based buffer overflow in the CG_ServerCommand function in Quake ...)
TODO: check
CVE-2006-3399 (Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki ...)
@@ -135,11 +135,11 @@
CVE-2006-3391 (The Execute function in iMBCContents ActiveX Control before 2.0.0.59 ...)
TODO: check
CVE-2006-3390 (WordPress 2.0.3 allows remote attackers to obtain the installation ...)
- TODO: check
+ - wordpress <unfixed> (bug filed; unimportant)
CVE-2006-3389 (index.php in WordPress 2.0.3 allows remote attackers to obtain ...)
- TODO: check
+ - wordpress <unfixed> (bug filed; unimportant)
CVE-2006-3388 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 ...)
- TODO: check
+ - phpmyadmin <unfixed> (bug filed; low)
CVE-2006-3387 (Directory traversal vulnerability in sources/post.php in Fusion News ...)
TODO: check
CVE-2006-3386 (index.php in Vincent Leclercq News 5.2 allows remote attackers to ...)
More information about the Secure-testing-commits
mailing list