[Secure-testing-commits] r7522 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Dec 5 21:14:13 UTC 2007


Author: joeyh
Date: 2007-12-05 21:14:11 +0000 (Wed, 05 Dec 2007)
New Revision: 7522

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-12-05 21:10:54 UTC (rev 7521)
+++ data/CVE/list	2007-12-05 21:14:11 UTC (rev 7522)
@@ -1,3 +1,99 @@
+CVE-2007-6259
+	RESERVED
+CVE-2007-6258
+	RESERVED
+CVE-2007-6257
+	RESERVED
+CVE-2007-6256
+	RESERVED
+CVE-2007-6255
+	RESERVED
+CVE-2007-6254
+	RESERVED
+CVE-2007-6253
+	RESERVED
+CVE-2007-6252
+	RESERVED
+CVE-2007-6251
+	RESERVED
+CVE-2007-6250
+	RESERVED
+CVE-2007-6249
+	RESERVED
+CVE-2007-6248
+	RESERVED
+CVE-2007-6247
+	RESERVED
+CVE-2007-6246
+	RESERVED
+CVE-2007-6245
+	RESERVED
+CVE-2007-6244
+	RESERVED
+CVE-2007-6243
+	RESERVED
+CVE-2007-6242
+	RESERVED
+CVE-2007-6241 (Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have ...)
+	TODO: check
+CVE-2007-6240 (SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 ...)
+	TODO: check
+CVE-2007-6239 (The "cache update reply processing" functionality in Squid 2.x before ...)
+	TODO: check
+CVE-2007-6238 (Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows ...)
+	TODO: check
+CVE-2007-6237 (cp.php in DeluxeBB 1.09 does not verify that the membercookie ...)
+	TODO: check
+CVE-2007-6236 (Microsoft Windows Media Player (WMP) allows remote attackers to cause ...)
+	TODO: check
+CVE-2007-6235 (A certain ActiveX control in RealNetworks RealPlayer 11 allows remote ...)
+	TODO: check
+CVE-2007-6234 (index.php in FTP Admin 0.1.0 allows remote attackers to bypass ...)
+	TODO: check
+CVE-2007-6233 (Directory traversal vulnerability in index.php in FTP Admin 0.1.0 ...)
+	TODO: check
+CVE-2007-6232 (Cross-site scripting (XSS) vulnerability in index.php in FTP Admin ...)
+	TODO: check
+CVE-2007-6231 (Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 ...)
+	TODO: check
+CVE-2007-6230 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2007-6229 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-6228 (Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ...)
+	TODO: check
+CVE-2007-6227 (QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating ...)
+	TODO: check
+CVE-2007-6226 (The American Power Conversion (APC) AP7932 0u 30amp Switched Rack ...)
+	TODO: check
+CVE-2007-6225 (Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used ...)
+	TODO: check
+CVE-2007-6224 (The RealNetworks RealAudioObjects.RealAudio ActiveX control in ...)
+	TODO: check
+CVE-2007-6223 (SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 ...)
+	TODO: check
+CVE-2007-6222 (The CheckCustomerAccess function in functions.php in CRM-CTT ...)
+	TODO: check
+CVE-2007-6221 (TuMusika Evolution 1.7R5 allows remote attackers to obtain ...)
+	TODO: check
+CVE-2007-6220 (typespeed before 0.6.4 allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2007-6219 (Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool ...)
+	TODO: check
+CVE-2007-6218 (Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 ...)
+	TODO: check
+CVE-2007-6217 (Multiple SQL injection vulnerabilities in login.asp in Irola My-Time ...)
+	TODO: check
+CVE-2007-6216 (Race condition in the Fibre Channel protocol (fcp) driver and Devices ...)
+	TODO: check
+CVE-2007-6215 (Multiple directory traversal vulnerabilities in play.php in Web-MeetMe ...)
+	TODO: check
+CVE-2007-6214 (Directory traversal vulnerability in include/file_download.php in ...)
+	TODO: check
+CVE-2007-6213 (Multiple directory traversal vulnerabilities in mod/chat/index.php in ...)
+	TODO: check
+CVE-2007-6212 (Directory traversal vulnerability in region.php in KML share 1.1 ...)
+	TODO: check
 CVE-2008-0010
 	RESERVED
 CVE-2008-0009
@@ -35,13 +131,14 @@
 	NOTE: apache 1.3 is not vulnerable
 CVE-2007-6208 (sylprint.pl in claws mail tools (claws-mail-tools) allows local users ...)
 	- claws-mail 3.1.0-2 (low; bug #454089)
-CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX runs "UserParameter" scripts with gid 0, ...)
+CVE-2007-6210 (zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" ...)
+	{DSA-1420-1}
 	- zabbix <unfixed> (bug #452682)
 CVE-2007-6202 (SQL injection vulnerability in plugins/search/search.php in Neocrome ...)
 	NOT-FOR-US: Neocrome Seditio CMS
-CVE-2007-6211 (Send Nasty ICMP Garbage (sing) on Debian GNU/Linux allows local users ...)
+CVE-2007-6211 (Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users ...)
 	- sing 1.1-16 (low; bug #454167)
-CVE-2007-6209 (difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...)
+CVE-2007-6209 (Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary ...)
 	- zsh 4.3.4-dev-3-2 (low; bug #454073)
 	[etch] - zsh <no-dsa> (Minor issue)
 	[sarge] - zsh <no-dsa> (Minor issue)
@@ -461,8 +558,8 @@
 	RESERVED
 CVE-2007-6015
 	RESERVED
-CVE-2007-6014
-	RESERVED
+CVE-2007-6014 (SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and ...)
+	TODO: check
 CVE-2007-6013 (Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash ...)
 	- wordpress <unfixed> (low; bug #452251)
 	NOTE: if untrusted people are allowed to read the database they could still
@@ -1844,12 +1941,12 @@
 	NOT-FOR-US: VMware Player
 CVE-2007-5616
 	RESERVED
-CVE-2007-5615
-	RESERVED
-CVE-2007-5614
-	RESERVED
-CVE-2007-5613
-	RESERVED
+CVE-2007-5615 (CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows ...)
+	TODO: check
+CVE-2007-5614 (Mortbay Jetty before 6.1.6rc1 does not properly handle &quot;certain quote ...)
+	TODO: check
+CVE-2007-5613 (Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay ...)
+	TODO: check
 CVE-2007-5612 (CIM Server in IBM Director 5.20.1 and earlier allows remote attackers ...)
 	NOT-FOR-US: IBM Director
 CVE-2007-5611
@@ -2785,8 +2882,8 @@
 	RESERVED
 CVE-2007-5356
 	RESERVED
-CVE-2007-5355
-	RESERVED
+CVE-2007-5355 (The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet ...)
+	TODO: check
 CVE-2007-5354
 	RESERVED
 CVE-2007-5353
@@ -4472,7 +4569,7 @@
 	NOT-FOR-US: Apple Mac OS X
 CVE-2007-4687 (The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 ...)
 	NOT-FOR-US: Apple Mac OS X
-CVE-2007-4686 (The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users ...)
+CVE-2007-4686 (Integer signedness error in the ttioctl function in bsd/kern/tty.c in ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2007-4685 (The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users ...)
 	NOT-FOR-US: Apple Mac OS X
@@ -4745,6 +4842,7 @@
 	RESERVED
 CVE-2007-4575
 	RESERVED
+	{DSA-1419-1}
 	- openoffice.org 2.3.1~rc1-1 (medium; bug #454463)
 	- hsqldb 1.8.0.9-1
 CVE-2007-4574 (Unspecified vulnerability in the &quot;stack unwinder fixes&quot; in kernel in ...)
@@ -8275,7 +8373,7 @@
 CVE-2007-3105 (Stack-based buffer overflow in the random number generator (RNG) ...)
 	{DSA-1363-1}
 	- linux-2.6 2.6.22-4
-CVE-2007-3104 (The sysfs_readdir function in the Linux kernel in Red Hat Enterprise ...)
+CVE-2007-3104 (The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat ...)
 	- linux-2.6 2.6.22-4 (low)
 CVE-2007-3103 (The init.d script for the X.Org X11 xfs font server on various Linux ...)
 	{DSA-1342-1}




More information about the Secure-testing-commits mailing list