[Secure-testing-commits] r6005 - data/CVE

fw at alioth.debian.org fw at alioth.debian.org
Sat Jun 16 09:50:55 UTC 2007 

Author: fw
Date: 2007-06-16 09:50:54 +0000 (Sat, 16 Jun 2007)
New Revision: 6005

Modified:
   data/CVE/list
Log:
CVE-2007-3209: mail-notification
CVE-2007-3205: php4, php5
CVE-2007-3193: phpwiki
CVE-2007-3165: tor fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-06-16 09:23:56 UTC (rev 6004)
+++ data/CVE/list	2007-06-16 09:50:54 UTC (rev 6005)
@@ -80,7 +80,7 @@
 CVE-2007-3210 (Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens ...)
 	TODO: check
 CVE-2007-3209 (Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses ...)
-	TODO: check
+	- mail-notification <unfixed> (low; bug #429200)
 CVE-2007-3208 (CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 ...)
 	TODO: check
 CVE-2007-3207
@@ -88,7 +88,8 @@
 CVE-2007-3206
 	RESERVED
 CVE-2007-3205 (The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Subhosin, ...)
-	TODO: check
+	- php4 <unfixed> (low)
+	- php5 <unfixed> (low)
 CVE-2007-3204 (SQL injection vulnerability in auth.php in Just For Fun Network ...)
 	TODO: check
 CVE-2007-3203 (Stack-based buffer overflow in smtpdll.dll in the SMTP service in ...)
@@ -112,7 +113,7 @@
 CVE-2007-3194 (** DISPUTED ** ...)
 	TODO: check
 CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...)
-	TODO: check
+	- phpwiki <unfixed> (low; bug #429201)
 CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) ...)
 	TODO: check
 CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote ...)
@@ -168,7 +169,7 @@
 CVE-2007-3166 (Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, ...)
 	TODO: check
 CVE-2007-3165 (Tor before 0.1.2.14 can construct circuits in which an entry guard is ...)
-	TODO: check
+	- tor 0.1.2.14-1 (medium)
 CVE-2007-3164 (Microsoft Internet Explorer 7, when prompting for HTTP Basic ...)
 	TODO: check
 CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederico ...)

More information about the Secure-testing-commits mailing list