[Secure-testing-commits] r5735 - data/CVE
Florian Weimer
fw at alioth.debian.org
Thu Apr 26 07:20:52 UTC 2007
Author: fw
Date: 2007-04-26 07:20:48 +0000 (Thu, 26 Apr 2007)
New Revision: 5735
Modified:
data/CVE/list
Log:
NFUs
CVE-2007-2231: dovecot issue CVEified
CVE-2007-2243: new OpenSSH issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-04-26 07:10:08 UTC (rev 5734)
+++ data/CVE/list 2007-04-26 07:20:48 UTC (rev 5735)
@@ -35,9 +35,9 @@
CVE-2007-2245 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
TODO: check
CVE-2007-2244 (Multiple buffer overflows in Adobe Photoshop CS2 and CS3 allow ...)
- TODO: check
+ NOT-FOR-US: Adobe Photoshop
CVE-2007-2243 (OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is ...)
- TODO: check
+ - openssh <unfixed> (low)
CVE-2007-2242 (The IPv6 protocol allows remote attackers to cause a denial of service ...)
TODO: check
CVE-2007-2241
@@ -57,13 +57,14 @@
CVE-2007-2234 (include/common.php in PunBB 1.2.14 and earlier does not properly ...)
TODO: check
CVE-2007-2233 (cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: CoSign
CVE-2007-2232 (The CHECK command in Cosign 2.0.1 and earlier allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: CoSign
CVE-2007-2231 (Directory traversal vulnerability in index/mbox/mbox-storage.c in ...)
- TODO: check
+ - dovecot 1.0.rc29-1
+ [sarge] - dovecot <not-affected> (Vulnerable code not present)
CVE-2007-2230 (SQL injection vulnerability in CA Clever Path Portal allows remote ...)
- TODO: check
+ NOT-FOR-US: CA Clever Path
CVE-2007-2229
RESERVED
CVE-2007-2228
@@ -163,13 +164,13 @@
CVE-2007-2181 (PHP remote file inclusion vulnerability in admin/login.php in Webinsta ...)
TODO: check
CVE-2007-2180 (Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote ...)
- TODO: check
+ NOT-FOR-US: Nullsoft Winamp
CVE-2007-2179 (Multiple unspecified vulnerabilities in IXceedCompression in ...)
TODO: check
CVE-2007-2178 (Multiple unspecified vulnerabilities in Objective Development Sharity ...)
TODO: check
CVE-2007-2177 (Stack-based buffer overflow in the Microgaming Download Helper ActiveX ...)
- TODO: check
+ NOT-FOR-US: Microgaming Download Helper
CVE-2007-2176 (Unspecified vulnerability in Mozilla Firefox allows remote attackers ...)
TODO: check
CVE-2007-2175 (Unspecified vulnerability in Apple Safari allows remote attackers to ...)
@@ -179,13 +180,13 @@
CVE-2007-2173 (Eval injection vulnerability in (1) courier-imapd.indirect and (2) ...)
TODO: check
CVE-2007-2172 (A typo in Linux kernel 2.6 before 2.6.21-rc6 causes RTA_MAX to be used ...)
- TODO: check
+ - linux-2.6 <unfixed> (medium)
CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in ...)
- TODO: check
+ NOT-FOR-US: Novell GroupWise
CVE-2007-2170 (The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not ...)
- TODO: check
+ NOT-FOR-US: Oracle E-Business Suite
CVE-2007-2169 (Static code injection vulnerability in add.php in Mozzers SubSystem ...)
- TODO: check
+ NOT-FOR-US: Mozzers SubSystem
CVE-2007-2168 (Static code injection vulnerability in process.php in AimStats 3.2 and ...)
TODO: check
CVE-2007-2167 (Static code injection vulnerability in process.php in AimStats 3.2 ...)
@@ -903,9 +904,6 @@
RESERVED
CVE-2007-XXXX [initramfs-tools creates /dev/root world-readable]
- initramfs-tools 0.85g (low; bug #417995)
-CVE-2007-XXXX [dovecot zlib plugin directory traversal]
- - dovecot 1.0.rc29-1
- [sarge] - dovecot <not-affected> (Vulnerable code not present)
CVE-2007-1840 (lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not ...)
- ldap-account-manager <unfixed> (medium)
CVE-2007-1839 (Multiple PHP remote file inclusion vulnerabilities in CodeBB 1.1b3 and ...)
More information about the Secure-testing-commits
mailing list