[Secure-testing-commits] r10583 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Tue Dec 2 21:14:10 UTC 2008


Author: joeyh
Date: 2008-12-02 21:14:09 +0000 (Tue, 02 Dec 2008)
New Revision: 10583

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-02 21:13:12 UTC (rev 10582)
+++ data/CVE/list	2008-12-02 21:14:09 UTC (rev 10583)
@@ -1,3 +1,49 @@
+CVE-2008-5311 (SQL injection vulnerability in image.php in NetArt Media Blog System ...)
+	TODO: check
+CVE-2008-5310 (SQL injection vulnerability in image.php in NetArt Media Car Portal ...)
+	TODO: check
+CVE-2008-5309 (SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 ...)
+	TODO: check
+CVE-2008-5308 (The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does properly ...)
+	TODO: check
+CVE-2008-5307 (SQL injection vulnerability in admin/index.php in PG Roommate Finder ...)
+	TODO: check
+CVE-2008-5306 (SQL injection vulnerability in admin/index.php in PG Real Estate ...)
+	TODO: check
+CVE-2008-5305
+	RESERVED
+CVE-2008-5304
+	RESERVED
+CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
+	TODO: check
+CVE-2008-5302 (Race condition in the rmtree function in File::Path 1.08 and 2.07 ...)
+	TODO: check
+CVE-2008-5301 (Directory traversal vulnerability in the ManageSieve implementation in ...)
+	TODO: check
+CVE-2008-5300 (Linux kernel 2.6.28 allows local users to cause a denial of service ...)
+	TODO: check
+CVE-2008-5296 (Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when ...)
+	TODO: check
+CVE-2008-5295 (SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 ...)
+	TODO: check
+CVE-2008-5294 (SQL injection vulnerability in index.php in WebStudio eCatalogue ...)
+	TODO: check
+CVE-2008-5293 (SQL injection vulnerability in index.php in WebStudio eHotel allows ...)
+	TODO: check
+CVE-2008-5292 (SQL injection vulnerability in view_snaps.php in VideoGirls BiZ, ...)
+	TODO: check
+CVE-2008-5291 (Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 ...)
+	TODO: check
+CVE-2008-5290 (Cross-site scripting (XSS) vulnerability in full_txt.php in Werner ...)
+	TODO: check
+CVE-2008-5289 (SQL injection vulnerability in full_txt.php in Werner Hilversum Clean ...)
+	TODO: check
+CVE-2008-5288 (PHP remote file inclusion vulnerability in include/header.php in ...)
+	TODO: check
+CVE-2008-5287 (SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ ...)
+	TODO: check
+CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a denial ...)
+	TODO: check
 CVE-2008-5284 (The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other ...)
 	NOT-FOR-US: IEA Software RadiusNT and RadiusX
 CVE-2008-5283 (Google Hack Honeypot (GHH) File Upload Manager 1.3 allows remote ...)
@@ -79,7 +125,7 @@
 	- php5 (low; bug #507101)
 CVE-2008-5278 (Cross-site scripting (XSS) vulnerability in the self_link function in ...)
 	- wordpress 2.5.1-11 (low; bug #507193)
-CVE-2008-5286 [cups: integer overflow due to incomplete fix for CVE-2008-1722]
+CVE-2008-5286 (Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 ...)
 	- cups 1.3.8-1lenny4 (bug #507183; medium)
 CVE-2008-XXXX [geda-gnetlist: sch2eaglepos.sh has insecure temp file handling ]
 	- geda-gnetlist <unfixed> (bug #506625; unimportant)
@@ -360,10 +406,10 @@
 	[etch] - linux-2.6.24 <unfixed>
 CVE-2008-5133 (ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, ...)
 	NOT-FOR-US: ipnat
-CVE-2008-5183 (cupsd in CUPS before 1.3.8 allows local users, and possibly remote ...)
+CVE-2008-5183 (cupsd in CUPS 1.3.9 and earlier allows local users, and possibly ...)
 	- cups <unfixed> (bug #506180)
 	[etch] - cupsys <not-affected> (RSS subscription code not yet present)
-CVE-2008-5297 [no-ip DUC remote code execution]
+CVE-2008-5297 (Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote DNS ...)
 	- no-ip 2.1.7-11 (bug #506179)
 CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT ...)
 	NOT-FOR-US: MemHT Portal
@@ -1711,9 +1757,9 @@
 	NOT-FOR-US: EC-CUBE
 CVE-2008-4534 (SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and ...)
 	NOT-FOR-US: EC-CUBE
-CVE-2008-5299 [chm2pdf: insecure temp file usage: DoS by precreating directories]
+CVE-2008-5299 (chm2pdf 0.9 allows user-assisted local users to delete arbitrary files ...)
 	- chm2pdf 0.9.1-1.1 (low; bug #501959)
-CVE-2008-5298 [chm2pdf: insecure temp file usage: symlink attack]
+CVE-2008-5298 (chm2pdf 0.9 uses temporary files in directories with fixed names, ...)
 	- chm2pdf 0.9.1-1.1 (low; bug #501959)
 CVE-2008-4533 (Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and ...)
 	NOT-FOR-US: Kantan WEB Server
@@ -2241,8 +2287,7 @@
 	RESERVED
 CVE-2008-4315 (tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux ...)
 	TODO: check
-CVE-2008-4314 [samba memory leak]
-	RESERVED
+CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to ...)
 	- samba 2:3.2.5-1
 	[etch] - samba <not-affected> (Vulnerable code not present)
 CVE-2008-4313 (A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 ...)




More information about the Secure-testing-commits mailing list