[Secure-testing-commits] r4899 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Mon Oct 30 20:40:57 UTC 2006
Author: stef-guest
Date: 2006-10-30 21:40:56 +0100 (Mon, 30 Oct 2006)
New Revision: 4899
Modified:
data/CVE/list
Log:
- CVE-2006-5601/2: new xsupplicant remote code execution issue
- CVE-2006-4513: new wvware issue
- marking CVE-2003-1307 as unimportant
- new wireshark issues: CVE-2006-5740, -5468, -5469, -4805, -4574
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-30 17:05:21 UTC (rev 4898)
+++ data/CVE/list 2006-10-30 20:40:56 UTC (rev 4899)
@@ -1,3 +1,9 @@
+CVE-2006-5740 [wireshark LDAP dissector issue]
+ - wireshark <unfixed> (bug filed; medium)
+CVE-2006-5602 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability]
+ - xsupplicant <unfixed> (bug #396204; medium)
+CVE-2006-5601 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability]
+ - xsupplicant <unfixed> (bug #396204; medium)
CVE-2006-XXXX [several possible mysql 5.0 local DoS vulnerabilities]
- mysql-dfsg-5.0 5.0.26-1 (low)
CVE-2006-5512 (Cross-site scripting (XSS) vulnerability in article.htm in Zwahlen ...)
@@ -86,10 +92,12 @@
NOT-FOR-US: Softerra PHP Developer Library
CVE-2006-5470
RESERVED
-CVE-2006-5469
+CVE-2006-5469 [Wireshark WBXML dissector issue]
RESERVED
-CVE-2006-5468
+ - wireshark <unfixed> (bug filed; medium)
+CVE-2006-5468 [Wireshark HTTP dissector issue]
RESERVED
+ - wireshark <unfixed> (bug filed; medium)
CVE-2006-5467
RESERVED
CVE-2006-5466
@@ -276,8 +284,10 @@
NOTE: why you have lost as soon as an attacker can execute arbitrary
NOTE: php scripts.
NOTE: http://www.securityfocus.com/bid/9302
- - apache <unfixed>
- - apache2 <unfixed>
+ NOTE: Probably an unfixable design flaw. But if you can execute a malicious
+ NOTE: program, you can do $BADSTUFF anyway.
+ - apache <unfixed> (unimportant)
+ - apache2 <unfixed> (unimportant)
CVE-2006-XXXX [unspecified steam cache vulnerability]
- steam 2.2.31-1
[sarge] - steam <not-affected> (Sarge version doesn't implement caching)
@@ -1488,8 +1498,9 @@
RESERVED
CVE-2006-4806
RESERVED
-CVE-2006-4805
+CVE-2006-4805 [wireshark XOT dissector issue]
RESERVED
+ - wireshark <unfixed> (bug filed; medium)
CVE-2006-4804
RESERVED
CVE-2006-4803 (The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager ...)
@@ -1989,8 +2000,9 @@
RESERVED
CVE-2006-4575
RESERVED
-CVE-2006-4574
+CVE-2006-4574 [Wireshark MIME Multipart dissector issue]
RESERVED
+ - wireshark <unfixed> (bug filed; medium)
CVE-2006-4573 (Multiple unspecified vulnerabilities in the "utf8 combining characters ...)
- screen 4.0.3-0.1 (bug #395225; medium)
CVE-2006-4572
@@ -2162,8 +2174,9 @@
RESERVED
CVE-2006-4514
RESERVED
-CVE-2006-4513
+CVE-2006-4513 [wvware Multiple Integer Overflow Vulnerabilities]
RESERVED
+ - wv <unfixed> (bug filed; medium)
CVE-2006-4512
RESERVED
CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows ...)
More information about the Secure-testing-commits
mailing list