[Secure-testing-commits] r5420 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Feb 6 09:14:16 CET 2007
Author: joeyh
Date: 2007-02-06 09:14:13 +0100 (Tue, 06 Feb 2007)
New Revision: 5420
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-02-06 01:27:08 UTC (rev 5419)
+++ data/CVE/list 2007-02-06 08:14:13 UTC (rev 5420)
@@ -1,3 +1,171 @@
+CVE-2007-0769 (** DISPUTED ** ...)
+ TODO: check
+CVE-2007-0768 (Multiple cross-site scripting (XSS) vulnerabilities in the Contact ...)
+ TODO: check
+CVE-2007-0767 (Cross-site scripting (XSS) vulnerability in the core in Phorum before ...)
+ TODO: check
+CVE-2007-0766 (Stack-based buffer overflow in Remotesoft .NET Explorer 2.0.1 allows ...)
+ TODO: check
+CVE-2007-0765 (SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 ...)
+ TODO: check
+CVE-2007-0764 (Unrestricted file upload vulnerability in F3Site 2.1 and earlier ...)
+ TODO: check
+CVE-2007-0763 (Cross-site scripting (XSS) vulnerability in the news comment ...)
+ TODO: check
+CVE-2007-0762 (PHP remote file inclusion vulnerability in includes/functions.php in ...)
+ TODO: check
+CVE-2007-0761 (PHP remote file inclusion vulnerability in config.php in phpBB ezBoard ...)
+ TODO: check
+CVE-2007-0760 (EQdkp 1.3.1 and earlier authenticates administrative requests by ...)
+ TODO: check
+CVE-2007-0759 (Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow ...)
+ TODO: check
+CVE-2007-0758 (PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24 ...)
+ TODO: check
+CVE-2007-0757 (PHP remote file inclusion vulnerability in index.php in Miguel Nunes ...)
+ TODO: check
+CVE-2007-0756 (Chicken of the VNC (cotv) 2.0 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2007-0755
+ RESERVED
+CVE-2007-0754
+ RESERVED
+CVE-2007-0753
+ RESERVED
+CVE-2007-0752
+ RESERVED
+CVE-2007-0751
+ RESERVED
+CVE-2007-0750
+ RESERVED
+CVE-2007-0749
+ RESERVED
+CVE-2007-0748
+ RESERVED
+CVE-2007-0747
+ RESERVED
+CVE-2007-0746
+ RESERVED
+CVE-2007-0745
+ RESERVED
+CVE-2007-0744
+ RESERVED
+CVE-2007-0743
+ RESERVED
+CVE-2007-0742
+ RESERVED
+CVE-2007-0741
+ RESERVED
+CVE-2007-0740
+ RESERVED
+CVE-2007-0739
+ RESERVED
+CVE-2007-0738
+ RESERVED
+CVE-2007-0737
+ RESERVED
+CVE-2007-0736
+ RESERVED
+CVE-2007-0735
+ RESERVED
+CVE-2007-0734
+ RESERVED
+CVE-2007-0733
+ RESERVED
+CVE-2007-0732
+ RESERVED
+CVE-2007-0731
+ RESERVED
+CVE-2007-0730
+ RESERVED
+CVE-2007-0729
+ RESERVED
+CVE-2007-0728
+ RESERVED
+CVE-2007-0727
+ RESERVED
+CVE-2007-0726
+ RESERVED
+CVE-2007-0725
+ RESERVED
+CVE-2007-0724
+ RESERVED
+CVE-2007-0723
+ RESERVED
+CVE-2007-0722
+ RESERVED
+CVE-2007-0721
+ RESERVED
+CVE-2007-0720
+ RESERVED
+CVE-2007-0719
+ RESERVED
+CVE-2007-0718
+ RESERVED
+CVE-2007-0717
+ RESERVED
+CVE-2007-0716
+ RESERVED
+CVE-2007-0715
+ RESERVED
+CVE-2007-0714
+ RESERVED
+CVE-2007-0713
+ RESERVED
+CVE-2007-0712
+ RESERVED
+CVE-2007-0711
+ RESERVED
+CVE-2007-0710
+ RESERVED
+CVE-2007-0709 (cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) ...)
+ TODO: check
+CVE-2007-0708 (cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) ...)
+ TODO: check
+CVE-2007-0707 (Stack-based buffer overflow in GOM Player 2.0.12.3375 allows ...)
+ TODO: check
+CVE-2007-0706 (Cross-zone scripting vulnerability in Darksky RSS bar for Internet ...)
+ TODO: check
+CVE-2007-0705 (Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and ...)
+ TODO: check
+CVE-2007-0704 (PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 ...)
+ TODO: check
+CVE-2007-0703 (PHP remote file inclusion vulnerability in library/StageLoader.php in ...)
+ TODO: check
+CVE-2007-0702 (Multiple PHP remote file inclusion vulnerabilities in phpEventMan ...)
+ TODO: check
+CVE-2007-0701 (PHP remote file inclusion vulnerability in inc/common.inc.php in ...)
+ TODO: check
+CVE-2007-0700 (Directory traversal vulnerability in index.php in Guernion Sylvain ...)
+ TODO: check
+CVE-2007-0699 (PHP remote file inclusion vulnerability in includes/includes.php in ...)
+ TODO: check
+CVE-2007-0698 (Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier ...)
+ TODO: check
+CVE-2007-0697 (index2.php in ACGVannu 1.3 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2007-0696 (Cross-site scripting (XSS) vulnerability in error messages in Free LAN ...)
+ TODO: check
+CVE-2007-0695 (Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net ...)
+ TODO: check
+CVE-2007-0694
+ RESERVED
+CVE-2007-0693
+ RESERVED
+CVE-2007-0692
+ RESERVED
+CVE-2007-0691
+ RESERVED
+CVE-2007-0690
+ RESERVED
+CVE-2007-0689
+ RESERVED
+CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group moderation ...)
+ TODO: check
+CVE-2006-6967 (Check Point FireWall-1 allows remote attackers to obtain certificate ...)
+ TODO: check
+CVE-2006-6966 (phpGraphy before 0.9.13a does not properly unset variables when the ...)
+ TODO: check
CVE-2007-XXXX [remctl ACL bypass vulnerability]
- remctl 2.2-2
[sarge] - remctl <not-affected> (Vulnerable code not present)
@@ -38,7 +206,7 @@
NOT-FOR-US: (CA) BrightStor
CVE-2007-0672 (LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers ...)
NOT-FOR-US: (CA) BrightStor
-CVE-2007-0671 (Unspecified vulnerability in Microsoft Excel 2000, XP, and 2003 allows ...)
+CVE-2007-0671 (Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 ...)
NOT-FOR-US: Microsoft Excel
CVE-2007-0670 (Buffer overflow in bos.rte.libc in IBM AIX 5.3 allows local users to ...)
NOT-FOR-US: IBM AIX
@@ -131,7 +299,7 @@
NOT-FOR-US: xNews
CVE-2007-0629 (The www_purgeList method in Plain Black WebGUI before 7.3.8 does not ...)
NOT-FOR-US: Plain Black WebGUI
-CVE-2007-0628 (Cross-site scripting (XSS) vulnerability in Sun Java System Access ...)
+CVE-2007-0628 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System ...)
NOT-FOR-US: Sun Java System Access Manager
CVE-2007-0627 (Michael Still gtalkbot before 1.2 places username and password ...)
NOT-FOR-US: gtalkbot
@@ -280,10 +448,10 @@
NOT-FOR-US: Cisco
CVE-2007-0557 (rMake before 1.0.4 drops root privileges in a way that retains the ...)
NOT-FOR-US: rPath
-CVE-2007-0556
- RESERVED
-CVE-2007-0555
- RESERVED
+CVE-2007-0556 (The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and ...)
+ TODO: check
+CVE-2007-0555 (PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, ...)
+ TODO: check
CVE-2007-0554 (SQL injection vulnerability in print.asp in Guo Xu Guos Posting System ...)
NOT-FOR-US: Guos Posting System
CVE-2007-0553 (Multiple cross-site scripting (XSS) vulnerabilities in index.inc.php ...)
@@ -437,14 +605,14 @@
NOT-FOR-US: Openads
CVE-2007-0476 (The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, ...)
- openldap2 <not-affected> (Gentoo packaging bug)
-CVE-2007-0475
- RESERVED
-CVE-2007-0474
- RESERVED
-CVE-2007-0473
- RESERVED
-CVE-2007-0472
- RESERVED
+CVE-2007-0475 (Multiple stack-based buffer overflows in utilities/smb4k_*.cpp in ...)
+ TODO: check
+CVE-2007-0474 (Smb4K before 0.8.0 allow local users, when present on the Smb4K ...)
+ TODO: check
+CVE-2007-0473 (The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 ...)
+ TODO: check
+CVE-2007-0472 (Multiple race conditions in Smb4K before 0.8.0 allow local users to ...)
+ TODO: check
CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki ...)
- dokuwiki 0.0.20061106-1 (low)
CVE-2006-6964 (MailEnable Professional before 1.78 provides a cleartext user password ...)
@@ -497,7 +665,7 @@
[etch] - ffmpeg 0.cvs20060823-5
- ffmpeg <unfixed>
- mplayer 1.0~rc1-12
-CVE-2007-0471 (sre/params.php in Check Point Connectra NGX R62 and earlier allows ...)
+CVE-2007-0471 (sre/params.php in the Integrity Clientless Security (ICS) component in ...)
NOT-FOR-US: Check Point
CVE-2007-0470 (Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and ...)
NOT-FOR-US: Sun Solaris
@@ -535,15 +703,12 @@
[sarge] - ethereal <not-affected> (Vulnerable code not present)
CVE-2007-0455 (Buffer overflow in the gdImageStringFTEx function in gdft.c in GD ...)
- libgd2 <unfixed> (bug #408982; low)
-CVE-2007-0454 [samba ASF ACL format string issue]
- RESERVED
+CVE-2007-0454 (Format string vulnerability in the afsacl.so VFS module Samba 3.0.6 ...)
{DSA-1257}
- samba 3.0.23d-5 (medium)
-CVE-2007-0453 [samba NSS winbind buffer overflow]
- RESERVED
+CVE-2007-0453 (Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 ...)
- samba <not-affected> (Solaris-specific vulnerability)
-CVE-2007-0452 [samba deferred open DoS]
- RESERVED
+CVE-2007-0452 (smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users ...)
{DSA-1257}
- samba 3.0.23d-5 (low)
CVE-2007-0451
@@ -576,8 +741,8 @@
RESERVED
CVE-2007-0437
RESERVED
-CVE-2007-0436
- RESERVED
+CVE-2007-0436 (Unspecified vulnerability in Barron McCann X-Kryptor Driver ...)
+ TODO: check
CVE-2005-4824 (PHP remote file inclusion vulnerability in web/classes.php in ...)
NOT-FOR-US: siteframe
CVE-2007-0435 (T-Com Speedport 500V routers with firmware 1.31 allow remote attackers ...)
@@ -3064,7 +3229,7 @@
NOT-FOR-US: F-Prot Antivirus
CVE-2006-6293 (Heap-based buffer overflow in FRISK Software F-Prot Antivirus before ...)
NOT-FOR-US: F-Prot Antivirus
-CVE-2006-6292 (Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 allows remote ...)
+CVE-2006-6292 (Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, ...)
NOT-FOR-US: Apple Airport
CVE-2006-6291 (Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable ...)
NOT-FOR-US: MailEnable Professional
More information about the Secure-testing-commits
mailing list