[Secure-testing-commits] r7361 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Nov 20 21:14:09 UTC 2007 

Author: joeyh
Date: 2007-11-20 21:14:09 +0000 (Tue, 20 Nov 2007)
New Revision: 7361

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-11-20 17:39:47 UTC (rev 7360)
+++ data/CVE/list	2007-11-20 21:14:09 UTC (rev 7361)
@@ -1,4 +1,62 @@
-CVE-2007-6035 [sql injection in cacti]
+CVE-2007-6038 (PHP remote file inclusion vulnerability in xajax_functions.php in the ...)
+	TODO: check
+CVE-2007-6037 (Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in ...)
+	TODO: check
+CVE-2007-6036 (The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 ...)
+	TODO: check
+CVE-2007-6034 (ngIRCd before 0.10.3 allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2007-6033 (Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure ...)
+	TODO: check
+CVE-2007-6032 (SQL injection vulnerability in calendar/page.asp in Aleris Web ...)
+	TODO: check
+CVE-2007-6031 (Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote ...)
+	TODO: check
+CVE-2007-6030 (Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has ...)
+	TODO: check
+CVE-2007-6029 (Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote ...)
+	TODO: check
+CVE-2007-6028 (Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ...)
+	TODO: check
+CVE-2007-6027 (PHP remote file inclusion vulnerability in admin.jjgallery.php in the ...)
+	TODO: check
+CVE-2007-6026 (Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka ...)
+	TODO: check
+CVE-2007-6025 (Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 ...)
+	TODO: check
+CVE-2007-6024
+	RESERVED
+CVE-2007-6023
+	RESERVED
+CVE-2007-6022
+	RESERVED
+CVE-2007-6021
+	RESERVED
+CVE-2007-6020
+	RESERVED
+CVE-2007-6019
+	RESERVED
+CVE-2007-6018
+	RESERVED
+CVE-2007-6017
+	RESERVED
+CVE-2007-6016
+	RESERVED
+CVE-2007-6015
+	RESERVED
+CVE-2007-6014
+	RESERVED
+CVE-2007-6013 (Wordpress 1.5 to 2.3.1 uses cookie values based on the MD5 hash of a ...)
+	TODO: check
+CVE-2007-6012 (SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 allows ...)
+	TODO: check
+CVE-2004-2757 (Cross-site scripting (XSS) vulnerability in the failed login page in ...)
+	TODO: check
+CVE-2004-2756 (Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops ...)
+	TODO: check
+CVE-2002-2426 (Cross-site request forgery (CSRF) vulnerability in Citrix Presentation ...)
+	TODO: check
+CVE-2007-6035 (SQL injection vulnerability in Cacti before 0.8.7a allows remote ...)
 	- cacti 0.8.7a-1 (medium; bug #452085)
 CVE-2007-6011 (Unspecified vulnerability in main.php of BugHotel Reservation System ...)
 	NOT-FOR-US: BugHotel
@@ -1099,7 +1157,7 @@
 CVE-2007-5671
 	RESERVED
 CVE-2007-5670
-	RESERVED
+	REJECTED
 CVE-2007-5669
 	RESERVED
 CVE-2007-5668
@@ -1797,8 +1855,8 @@
 	- linux-2.6 <unfixed> (high)
 	[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.21)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=96a2d41a3e495734b63bff4e5dd0112741b93b38
-CVE-2007-5500
-	RESERVED
+CVE-2007-5500 (The wait_task_stopped function in the Linux kernel before 2.6.23.8 ...)
+	TODO: check
 CVE-2007-5499
 	RESERVED
 CVE-2007-5498
@@ -2043,8 +2101,7 @@
 	RESERVED
 CVE-2007-5399
 	RESERVED
-CVE-2007-5398 [remote code execution in samba when running nmbd as WINS server]
-	RESERVED
+CVE-2007-5398 (Stack-based buffer overflow in the reply_netbios_packet function in ...)
 	- samba 3.0.27-1 (high)
 CVE-2007-5397
 	RESERVED
@@ -4234,8 +4291,7 @@
 CVE-2007-4573 (The IA32 system call emulation functionality in Linux kernel 2.4.x and ...)
 	{DSA-1381-2 DSA-1378-2 DSA-1378-1}
 	- linux-2.6 2.6.22-5 (medium)
-CVE-2007-4572 [buffer overflow in nmbd when processing GETDC logon server requests]
-	RESERVED
+CVE-2007-4572 (Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, ...)
 	- samba 3.0.27-1 (high; bug #451385)
 CVE-2007-4571 (The snd_mem_proc_read function in sound/core/memalloc.c in the ...)
 	- linux-2.6 2.6.22-5 (low; bug #444571)
@@ -35885,7 +35941,7 @@
 CVE-2005-3239 (The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows ...)
 	{DSA-887-1 DTSA-21-1}
 	- clamav 0.87.1-1 (bug #333566; medium)
-CVE-2005-3181 (The audit system in Linux kernel before 2.6.13.4, when ...)
+CVE-2005-3181 (The audit system in Linux kernel 2.6.6, and other versions before ...)
 	{DSA-1017-1}
 	- linux-2.6 2.6.13+2.6.14-rc4-0experimental1 (low)
 	- kernel-source-2.4.27 <not-affected> (2.4 kernels don't have CONFIG_AUDITSYSCALL)

More information about the Secure-testing-commits mailing list