[Secure-testing-commits] r10672 - data/CVE

atomo64-guest at alioth.debian.org atomo64-guest at alioth.debian.org
Thu Dec 11 02:42:38 UTC 2008 

Author: atomo64-guest
Date: 2008-12-11 02:42:37 +0000 (Thu, 11 Dec 2008)
New Revision: 10672

Modified:
   data/CVE/list
Log:
NFUs, shadow issue CVEified, twiki issue already reported


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-12-10 21:14:14 UTC (rev 10671)
+++ data/CVE/list	2008-12-11 02:42:37 UTC (rev 10672)
@@ -1,9 +1,9 @@
 CVE-2008-5420 (The SAN Manager Master Agent service (aka msragent.exe) in EMC Control ...)
-	TODO: check
+	NOT-FOR-US: SAN Manager Master Agent
 CVE-2008-5419 (Stack-based buffer overflow in SAN Manager Master Agent service (aka ...)
-	TODO: check
+	NOT-FOR-US: SAN Manager Master Agent
 CVE-2008-5418 (Directory traversal vulnerability in login.php in the PunPortal module ...)
-	TODO: check
+	NOT-FOR-US: PunBB
 CVE-2008-5417 (HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses ...)
 	TODO: check
 CVE-2008-5416 (Heap-based buffer overflow in Microsoft SQL Server 2000 8.00.2050, ...)
@@ -50,8 +50,6 @@
 	TODO: check
 CVE-2008-5395 (The parisc_show_stack function in arch/parisc/kernel/traps.c in the ...)
 	TODO: check
-CVE-2008-5394 (/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other ...)
-	TODO: check
 CVE-2008-5393 (UPR-Kernel in Ubuntu Privacy Remix (UPR) before 8.04_r1 includes ...)
 	TODO: check
 CVE-2008-5392
@@ -250,7 +248,7 @@
 CVE-2008-5305 (Eval injection vulnerability in TWiki before 4.2.4 allows remote ...)
 	TODO: check
 CVE-2008-5304 (Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4 allows ...)
-	TODO: check
+	- twiki <unfixed> (bug #508256)
 CVE-2008-5303 (Race condition in the rmtree function in File::Path 1.08 ...)
 	{DSA-1678-1}
 	- perl 5.10.0-18
@@ -498,7 +496,7 @@
 	NOT-FOR-US: eSHOP100
 CVE-2008-5285 (Wireshark 1.0.4 and earlier allows remote attackers to cause a denial ...)
 	- wireshark <unfixed> (low; bug #506741)
-CVE-2008-XXXX [race condition in shadow could lead to gaining ownership or changing mode of arbitrary files]
+CVE-2008-5394 [race condition in shadow could lead to gaining ownership or changing mode of arbitrary files]
 	- shadow 1:4.1.1-6 (bug #505271)
 CVE-2008-XXXX [verlihub remote command execution and the possibility of attack with the help of symlinks]
 	- verlihub <unfixed> (low; bug #506530)

More information about the Secure-testing-commits mailing list