[Secure-testing-commits] r5257 - data/CVE

Alex de Oliveira Silva enerv-guest at alioth.debian.org
Fri Jan 12 21:58:06 CET 2007 

Author: enerv-guest
Date: 2007-01-12 21:58:04 +0100 (Fri, 12 Jan 2007)
New Revision: 5257

Modified:
   data/CVE/list
Log:
Changed severity in CVEs



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-12 20:14:11 UTC (rev 5256)
+++ data/CVE/list	2007-01-12 20:58:04 UTC (rev 5257)
@@ -1117,7 +1117,7 @@
 CVE-2006-6611 (PHP remote file inclusion vulnerability in interface.php in Barman ...)
 	NOT-FOR-US: Barman
 CVE-2006-6610 (clientcommands in Nexuiz before 2.2.1 has unknown impact and remote ...)
-	- nexuiz 2.2.1-1
+	- nexuiz 2.2.1-1 (high)
 CVE-2006-6609 (Nexuiz before 2.2.1 allows remote attackers to cause a denial of ...)
 	- nexuiz 2.2.1-1
 CVE-2006-6608 (Unspecified vulnerability in SSH key based authentication in HP ...)
@@ -2195,7 +2195,7 @@
 CVE-2006-6144 (The "mechglue" abstraction interface of the GSS-API library for ...)
 	- krb5 <not-affected> (Only 1.5 onwards are vulnerable)
 CVE-2006-6143 (The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through ...)
-	- krb5 1.4.4-6
+	- krb5 1.4.4-6 (high)
 	[sarge] - krb5 <not-affected>
 CVE-2006-6142 (Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail ...)
 	{DSA-1241-1}
@@ -2565,7 +2565,7 @@
 CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in comments.asp in ...)
 	NOT-FOR-US: BlogMe
 CVE-2006-5974 (fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message ...)
-	- fetchmail 6.3.6-1
+	- fetchmail 6.3.6-1 (low)
 CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and ...)
 	- dovecot 1.0.rc15-1
 	[sarge] - dovecot <not-affected> (Vulnerable code not present)
@@ -2884,10 +2884,10 @@
 CVE-2006-5825 (Cross-site scripting (XSS) vulnerability in index.php in Kayako ...)
 	NOT-FOR-US: Kayako SupportSuite
 CVE-2006-5824 (Integer overflow in the ffs_rdextattr function in FreeBSD 6.1 allows ...)
-	- kfreebsd-5 <unfixed>
+	- kfreebsd-5 <unfixed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5823 (The zlib_inflate function in Linux kernel 2.6.x allows local users to ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 <unfixed> (low)
 CVE-2006-5822 (Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in ...)
 	NOT-FOR-US: Symantec Veritas NetBackup 
 CVE-2006-5821 (Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ...)
@@ -3208,7 +3208,7 @@
 CVE-2006-5680 (The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before ...)
 	- libarchive 1.3.1-1 (unimportant)
 CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows ...)
-	- kfreebsd-5 <unfixed>
+	- kfreebsd-5 <unfixed> (medium)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5678 (** DISPUTED ** ...)
 	NOT-FOR-US: Les Visiteurs
@@ -3482,7 +3482,7 @@
 CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow ...)
 	NOT-FOR-US: QK SMTP
 CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause ...)
-	- kfreebsd-5 <unfixed>
+	- kfreebsd-5 <unfixed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5549 (** DISPUTED ** ...)
 	NOT-FOR-US: Adobe PHP SDK
@@ -3635,10 +3635,10 @@
 CVE-2006-5484 (SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 ...)
 	NOT-FOR-US: SSH Tectia
 CVE-2006-5483 (p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified ...)
-	- kfreebsd-5 <unfixed>
+	- kfreebsd-5 <unfixed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5482 (ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified ...)
-	- kfreebsd-5 <unfixed>
+	- kfreebsd-5 <unfixed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5481 (Multiple PHP remote file inclusion vulnerabilities in Castor 1.1.1 ...)
 	NOT-FOR-US: Castor
@@ -5090,7 +5090,7 @@
 CVE-2006-4815
 	RESERVED
 CVE-2006-4814 (The mincore function in the Linux kernel before 2.4.33.6 does not ...)
-	- linux-2.6 2.6.18-9
+	- linux-2.6 2.6.18-9 (low)
 CVE-2006-4813 (The __block_prepare_write function in fs/buffer.c for Linux kernel ...)
 	{DSA-1233}
 	- linux-2.6 2.6.13-1
@@ -5627,7 +5627,7 @@
 	{DSA-1202-1}
 	- screen 4.0.3-0.1 (bug #395225; bug #395999; medium)
 CVE-2006-4572 (ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows ...)
-	- linux-2.6 2.6.18-9
+	- linux-2.6 2.6.18-9 (high)
 CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, ...)
 	{DSA-1210 DSA-1192-1 DSA-1191-1}
 	NOTE: MFSA-2006-64
@@ -5787,7 +5787,7 @@
 CVE-2006-4517 (Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a ...)
 	NOT-FOR-US: Novell iManager
 CVE-2006-4516 (Integer signedness error in FreeBSD 6.0-RELEASE allows local users to ...)
-	- kfreebsd-5 <unfixed>
+	- kfreebsd-5 <unfixed> (low)
 	[etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-4515
 	RESERVED

More information about the Secure-testing-commits mailing list