[Secure-testing-commits] r10583 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Tue Dec 2 21:14:10 UTC 2008
Author: joeyh
Date: 2008-12-02 21:14:09 +0000 (Tue, 02 Dec 2008)
New Revision: 10583
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-12-02 21:13:12 UTC (rev 10582)
+++ data/CVE/list 2008-12-02 21:14:09 UTC (rev 10583)
@@ -1,3 +1,49 @@
+CVE-2008-5311 (SQL injection vulnerability in image.php in NetArt Media Blog System ...)
+ TODO: check
+CVE-2008-5310 (SQL injection vulnerability in image.php in NetArt Media Car Portal ...)
+ TODO: check
+CVE-2008-5309 (SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 ...)
+ TODO: check
+CVE-2008-5308 (The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does properly ...)
+ TODO: check
+CVE-2008-5307 (SQL injection vulnerability in admin/index.php in PG Roommate Finder ...)
+ TODO: check
+CVE-2008-5306 (SQL injection vulnerability in admin/index.php in PG Real Estate ...)
+ TODO: check
+CVE-2008-5305
+ RESERVED
+CVE-2008-5304
+ RESERVED
+CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
+ TODO: check
+CVE-2008-5302 (Race condition in the rmtree function in File::Path 1.08 and 2.07 ...)
+ TODO: check
+CVE-2008-5301 (Directory traversal vulnerability in the ManageSieve implementation in ...)
+ TODO: check
+CVE-2008-5300 (Linux kernel 2.6.28 allows local users to cause a denial of service ...)
+ TODO: check
+CVE-2008-5296 (Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when ...)
+ TODO: check
+CVE-2008-5295 (SQL injection vulnerability in index.php in Jamit Job Board 3.4.10 ...)
+ TODO: check
+CVE-2008-5294 (SQL injection vulnerability in index.php in WebStudio eCatalogue ...)
+ TODO: check
+CVE-2008-5293 (SQL injection vulnerability in index.php in WebStudio eHotel allows ...)
+ TODO: check
+CVE-2008-5292 (SQL injection vulnerability in view_snaps.php in VideoGirls BiZ, ...)
+ TODO: check
+CVE-2008-5291 (Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 ...)
+ TODO: check
+CVE-2008-5290 (Cross-site scripting (XSS) vulnerability in full_txt.php in Werner ...)
+ TODO: check
+CVE-2008-5289 (SQL injection vulnerability in full_txt.php in Werner Hilversum Clean ...)
+ TODO: check
+CVE-2008-5288 (PHP remote file inclusion vulnerability in include/header.php in ...)
+ TODO: check
+CVE-2008-5287 (SQL injection vulnerability in catagorie.php in Werner Hilversum FAQ ...)
+ TODO: check
+CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a denial ...)
+ TODO: check
CVE-2008-5284 (The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other ...)
NOT-FOR-US: IEA Software RadiusNT and RadiusX
CVE-2008-5283 (Google Hack Honeypot (GHH) File Upload Manager 1.3 allows remote ...)
@@ -79,7 +125,7 @@
- php5 (low; bug #507101)
CVE-2008-5278 (Cross-site scripting (XSS) vulnerability in the self_link function in ...)
- wordpress 2.5.1-11 (low; bug #507193)
-CVE-2008-5286 [cups: integer overflow due to incomplete fix for CVE-2008-1722]
+CVE-2008-5286 (Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 ...)
- cups 1.3.8-1lenny4 (bug #507183; medium)
CVE-2008-XXXX [geda-gnetlist: sch2eaglepos.sh has insecure temp file handling ]
- geda-gnetlist <unfixed> (bug #506625; unimportant)
@@ -360,10 +406,10 @@
[etch] - linux-2.6.24 <unfixed>
CVE-2008-5133 (ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, ...)
NOT-FOR-US: ipnat
-CVE-2008-5183 (cupsd in CUPS before 1.3.8 allows local users, and possibly remote ...)
+CVE-2008-5183 (cupsd in CUPS 1.3.9 and earlier allows local users, and possibly ...)
- cups <unfixed> (bug #506180)
[etch] - cupsys <not-affected> (RSS subscription code not yet present)
-CVE-2008-5297 [no-ip DUC remote code execution]
+CVE-2008-5297 (Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote DNS ...)
- no-ip 2.1.7-11 (bug #506179)
CVE-2008-5132 (SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT ...)
NOT-FOR-US: MemHT Portal
@@ -1711,9 +1757,9 @@
NOT-FOR-US: EC-CUBE
CVE-2008-4534 (SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and ...)
NOT-FOR-US: EC-CUBE
-CVE-2008-5299 [chm2pdf: insecure temp file usage: DoS by precreating directories]
+CVE-2008-5299 (chm2pdf 0.9 allows user-assisted local users to delete arbitrary files ...)
- chm2pdf 0.9.1-1.1 (low; bug #501959)
-CVE-2008-5298 [chm2pdf: insecure temp file usage: symlink attack]
+CVE-2008-5298 (chm2pdf 0.9 uses temporary files in directories with fixed names, ...)
- chm2pdf 0.9.1-1.1 (low; bug #501959)
CVE-2008-4533 (Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and ...)
NOT-FOR-US: Kantan WEB Server
@@ -2241,8 +2287,7 @@
RESERVED
CVE-2008-4315 (tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux ...)
TODO: check
-CVE-2008-4314 [samba memory leak]
- RESERVED
+CVE-2008-4314 (smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to ...)
- samba 2:3.2.5-1
[etch] - samba <not-affected> (Vulnerable code not present)
CVE-2008-4313 (A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 ...)
More information about the Secure-testing-commits
mailing list