[Secure-testing-commits] r6322 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Wed Aug 15 19:24:18 UTC 2007
Author: stef-guest
Date: 2007-08-15 19:24:17 +0000 (Wed, 15 Aug 2007)
New Revision: 6322
Modified:
data/CVE/list
Log:
new issues: linux, phpmyadmin
CVEified: serendipity
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-15 19:10:19 UTC (rev 6321)
+++ data/CVE/list 2007-08-15 19:24:17 UTC (rev 6322)
@@ -66,45 +66,45 @@
- fail2ban <unfixed> (medium)
NOTE: maybe fixed in 0.8.0-4, pinged maintainer (sf)
CVE-2007-4320 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Ncaster
CVE-2007-4319 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2007-4318 (Cross-site scripting (XSS) vulnerability in Forms/General_1 in the ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2007-4317 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2007-4316 (The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2007-4315 (The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows ...)
- TODO: check
+ NOT-FOR-US: ATI
CVE-2007-4314 (pixlie.php in Pixlie 1.7 allows remote attackers to trigger the ...)
- TODO: check
+ NOT-FOR-US: Pixlie
CVE-2007-4313 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Php Blue Dragon CMS
CVE-2007-4312 (SQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 ...)
- TODO: check
+ NOT-FOR-US: Php Blue Dragon CMS
CVE-2007-4311 (The xfer_secondary_pool function in drivers/char/random.c in the Linux ...)
- TODO: check
+ - kernel-source-2.4.27 <unfixed>
CVE-2007-4310 (The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2007-4309 (IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote ...)
- TODO: check
+ NOT-FOR-US: IBM Lotus Notes
CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI ...)
- TODO: check
+ - linux-2.6
CVE-2007-4307 (Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 ...)
- TODO: check
+ NOT-FOR-US: Storesprite
CVE-2007-4306 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
- TODO: check
+ - phpmyadmin <unfixed>
CVE-2007-4305 (Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail ...)
- TODO: check
+ NOT-FOR-US: NetBSD and OpenBSD
CVE-2007-4304 (CerbNG for FreeBSD 4.8 does not properly implement VM protection when ...)
- TODO: check
+ NOT-FOR-US: CerbNG for FreeBSD
CVE-2007-4303 (Multiple race conditions in (1) certain rules and (2) argument copying ...)
- TODO: check
+ NOT-FOR-US: CerbNG for FreeBSD
CVE-2007-4302 (Multiple race conditions in certain system call wrappers in Generic ...)
- TODO: check
+ NOT-FOR-US: Generic Software Wrappers Toolkit
CVE-2007-4301 (Multiple cross-site scripting (XSS) vulnerabilities in the management ...)
- TODO: check
+ NOT-FOR-US: WebCart
CVE-2007-4300
RESERVED
CVE-2007-4299
@@ -112,37 +112,38 @@
CVE-2007-4298
RESERVED
CVE-2007-4297 (Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp ...)
- TODO: check
+ NOT-FOR-US: Modulu
CVE-2007-4296 (Unspecified vulnerability in assp.pl in Anti-Spam SMTP Proxy Server ...)
- TODO: check
+ NOT-FOR-US: Anti-Spam SMTP Proxy Server
CVE-2007-4295 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4294 (Unspecified vulnerability in Cisco Unified Communications Manager ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4293 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4292 (Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4291 (Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4290 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Guestbook Script
CVE-2007-4289 (Sun Java System Portal Server 7.0 does not properly process XSLT ...)
- TODO: check
+ NOT-FOR-US: Sun Java System Portal Server
CVE-2007-4288 (Microsoft Windows Media Player 11 (wmplayer.exe) allows user-assisted ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-4287 (PHP remote file inclusion vulnerability in fc_functions/fc_example.php ...)
- TODO: check
+ NOT-FOR-US: FishCart
CVE-2007-4286 (Buffer overflow in the Next Hop Resolution Protocol (NHRP) ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4285 (Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4284 (Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2007-4283 (PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in ...)
- TODO: check
+ NOT-FOR-US: Coppermine Photo Gallery (CPG)
CVE-2007-4282 (The "Extended properties for entries" (entryproperties) plugin in ...)
- TODO: check
+ - serendipity 1.1.4-1
+ [etch] - serendipity <not-affected> (introduced in 1.1.x)
CVE-2007-4281 (Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source ...)
TODO: check
CVE-2007-4279 (PHP remote file inclusion vulnerability in config.php in ...)
@@ -178,9 +179,6 @@
TODO: check
CVE-2007-4264 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
TODO: check
-CVE-2007-XXXX [serendipity issue in Extended properties for entries plugin]
- - serendipity 1.1.4-1
- [etch] - serendipity <not-affected> (introduced in 1.1.x)
CVE-2007-4280 (The Skinny channel driver (chan_skinny) in Asterisk Open Source before ...)
- asterisk 1:1.4.10~dfsg-1
NOTE: http://ftp.digium.com/pub/asa/ASA-2007-019.html
More information about the Secure-testing-commits
mailing list