[Secure-testing-commits] r6585 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Sep 12 09:14:07 UTC 2007 

Author: joeyh
Date: 2007-09-12 09:14:06 +0000 (Wed, 12 Sep 2007)
New Revision: 6585

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-09-12 08:39:26 UTC (rev 6584)
+++ data/CVE/list	2007-09-12 09:14:06 UTC (rev 6585)
@@ -764,7 +764,7 @@
 	- nufw 2.2.4-1 (bug #439227)
 	[etch] - nufw <not-affected>
 CVE-2007-4460 (The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) ...)
-	{DSA-1365-1}
+	{DSA-1365-2 DSA-1365-1}
 	- id3lib3.8.3 3.8.3-7 (low; bug #438540)
 CVE-2007-4459 (Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP ...)
 	NOT-FOR-US: Cisco IP Phone
@@ -3678,16 +3678,21 @@
 CVE-2007-3194 (** DISPUTED ** ...)
 	NOT-FOR-US: myBloggie
 CVE-2007-3193 (lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the ...)
+	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (low; bug #429201)
 CVE-2007-3192 (admin/setup.php in Just For Fun Network Management System (JFFNMS) ...)
+	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4 (medium)
 	NOTE: 20_security.dpatch is addressing this bug however the maintainer didn't include
 	NOTE: a note about the CVE id.
 CVE-2007-3191 (Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote ...)
+	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
 CVE-2007-3190 (Multiple SQL injection vulnerabilities in auth.php in Just For Fun ...)
+	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
 CVE-2007-3189 (Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun ...)
+	{DSA-1374-1}
 	- jffnms 0.8.3dfsg.1-4
 CVE-2007-3188 (SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX ...)
 	NOT-FOR-US: Fullaspsite GeometriX Download Portal
@@ -5921,7 +5926,7 @@
 CVE-2007-2246 (Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running ...)
 	NOT-FOR-US: HP-UX
 CVE-2007-2245 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
-	{DSA-1370-1}
+	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.1-1 (low)
 	NOTE: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4
 CVE-2007-2244 (Multiple buffer overflows in Adobe Photoshop CS2 and CS3 allow ...)
@@ -6419,8 +6424,10 @@
 	[etch] - file <no-dsa> (Hardly any security impact)
 	[sarge] - file <not-affected> (version too old)
 CVE-2007-2025 (Unrestricted file upload vulnerability in the UpLoad feature ...)
+	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (bug #441390)
 CVE-2007-2024 (Unrestricted file upload vulnerability in the UpLoad feature ...)
+	{DSA-1371-1}
 	- phpwiki 1.3.12p3-6.1 (bug #441390)
 CVE-2007-2023 (USB20.dll in Secustick USB flash drive decouples the authorization and ...)
 	NOT-FOR-US: Secustick USB flash drive
@@ -7952,7 +7959,7 @@
 	- php5 <unfixed> (unimportant)
 	NOTE: Non-issue
 CVE-2007-1395 (Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 ...)
-	{DSA-1370-1}
+	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.0.2-1 (medium)
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2007-1394 (Direct static code injection vulnerability in startsession.php in Flat ...)
@@ -8125,7 +8132,7 @@
 	- serendipity <unfixed> (unimportant)
 	NOTE: http://blog.s9y.org/archives/164-Serendipity-1.1.2-released.html
 CVE-2007-1325 (The PMA_ArrayWalkRecursive function in libraries/common.lib.php in ...)
-	{DSA-1370-1}
+	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.10.0.2-1
 	[sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2007-1324 (SnapGear 560, 585, 580, 640, 710, and 720 appliances before the ...)
@@ -10997,13 +11004,13 @@
 CVE-2007-0298 (PHP remote file inclusion vulnerability in show.php in LunarPoll, when ...)
 	NOT-FOR-US: LunarPoll
 CVE-2006-6944 (phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...)
-	{DSA-1370-1}
+	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.9.1.1-2 (medium)
 CVE-2006-6943 (PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...)
 	- phpmyadmin 4:2.9.1.1-2 (unimportant)
 	NOTE: Only path disclosure
 CVE-2006-6942 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin ...)
-	{DSA-1370-1}
+	{DSA-1370-2 DSA-1370-1}
 	- phpmyadmin 4:2.9.1.1-2 (medium)
 	NOTE: All versions 2.9.1 is vulnerable, solution is 2.9.1.1 or newer.
 CVE-2006-6941 (index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to ...)

More information about the Secure-testing-commits mailing list