[Secure-testing-commits] r8419 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Mar 26 21:14:12 UTC 2008 

Author: joeyh
Date: 2008-03-26 21:14:11 +0000 (Wed, 26 Mar 2008)
New Revision: 8419

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-03-26 19:25:24 UTC (rev 8418)
+++ data/CVE/list	2008-03-26 21:14:11 UTC (rev 8419)
@@ -1,3 +1,81 @@
+CVE-2008-1529 (ZyXEL Prestige routers have a minimum password length for the admin ...)
+	TODO: check
+CVE-2008-1528 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+	TODO: check
+CVE-2008-1527 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+	TODO: check
+CVE-2008-1526 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+	TODO: check
+CVE-2008-1525 (The default SNMP configuration on ZyXEL Prestige routers, including ...)
+	TODO: check
+CVE-2008-1524 (The SNMP service on ZyXEL Prestige routers, including P-660 and P-661 ...)
+	TODO: check
+CVE-2008-1523 (ZyXEL Prestige routers, including P-660, P-661, and P-662 models with ...)
+	TODO: check
+CVE-2008-1522 (ZyXEL Prestige routers, including P-660 and P-661 models with firmware ...)
+	TODO: check
+CVE-2008-1521 (ZyXEL Prestige routers, including P-660 and P-661 models with firmware ...)
+	TODO: check
+CVE-2008-1520
+	RESERVED
+CVE-2008-1519
+	RESERVED
+CVE-2008-1518
+	RESERVED
+CVE-2008-1517
+	RESERVED
+CVE-2008-1516
+	RESERVED
+CVE-2008-1515
+	RESERVED
+CVE-2008-1514 (ptrace in Linux kernel 2.6.9 on Fedora 7 and 8 allows local users to ...)
+	TODO: check
+CVE-2008-1513 (SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and ...)
+	TODO: check
+CVE-2008-1512 (Directory traversal vulnerability in admin/admin_xs.php in phpBB ...)
+	TODO: check
+CVE-2008-1511 (Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 ...)
+	TODO: check
+CVE-2008-1510 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2008-1509 (SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier ...)
+	TODO: check
+CVE-2008-1508 (SQL injection vulnerability in EfesTech E-Kontör and earlier allows ...)
+	TODO: check
+CVE-2008-1507 (PEEL, possibly 3.x and earlier, has (1) a default info at peel.fr account ...)
+	TODO: check
+CVE-2008-1506 (PEEL, possibly 3.x and earlier, allows remote attackers to obtain ...)
+	TODO: check
+CVE-2008-1505 (PHP remote file inclusion vulnerability in the SSTREAMTV custompages ...)
+	TODO: check
+CVE-2008-1504 (Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven ...)
+	TODO: check
+CVE-2008-1503 (Cross-site scripting (XSS) vulnerability in the web management ...)
+	TODO: check
+CVE-2008-1501 (The send_user_mode function in s_user.c in (1) Undernet ircu ...)
+	TODO: check
+CVE-2008-1500 (Cross-site scripting (XSS) vulnerability in index.php in TinyPortal ...)
+	TODO: check
+CVE-2008-1499 (Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in ...)
+	TODO: check
+CVE-2008-1498 (Stack-based buffer overflow in the IMAP service in NetWin Surgemail ...)
+	TODO: check
+CVE-2008-1497 (Stack-based buffer overflow in the IMAP service in NetWin SurgeMail ...)
+	TODO: check
+CVE-2008-1496 (Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and ...)
+	TODO: check
+CVE-2008-1495 (Unrestricted file upload vulnerability in administrer/produits.php in ...)
+	TODO: check
+CVE-2008-1494 (SQL injection vulnerability in inc/module/online.php in Easy-Clanpage ...)
+	TODO: check
+CVE-2008-1493 (Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 ...)
+	TODO: check
+CVE-2008-1492 (Multiple directory traversal vulnerabilities in CoronaMatrix ...)
+	TODO: check
+CVE-2008-1491 (Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ...)
+	TODO: check
+CVE-2008-1490 (Buffer overflow in a certain Aurigma ActiveX control in ...)
+	TODO: check
 CVE-2008-XXXX [policyd-weight tempfile race]
 	- policyd-weight <unfixed> (low)
 	NOTE: http://www.mail-archive.com/policyd-weight-list%40ek-muc.de/msg00798.html
@@ -203,7 +281,7 @@
 	{DSA-1528-1}
 	- serendipity 1.3-1
 	NOTE: http://blog.s9y.org/archives/192-Serendipity-1.3-released-addresses-security.html
-CVE-2008-1502 [multiple security issues in kses as used in egroupware]
+CVE-2008-1502 (The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in ...)
 	- egroupware 1.4.002.dfsg-2.1 (bug #471839)
 CVE-2008-XXXX [OTRS osa-2008-01]
 	- otrs2 2.2.5-2
@@ -922,8 +1000,8 @@
 	RESERVED
 CVE-2008-1093
 	RESERVED
-CVE-2008-1092
-	RESERVED
+CVE-2008-1092 (Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet ...)
+	TODO: check
 CVE-2008-1091
 	RESERVED
 CVE-2008-1090
@@ -5363,7 +5441,7 @@
 	NOTE: Browser crashes not treated as security problems
 CVE-2007-5895
 	RESERVED
-CVE-2007-5894 (The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 ...)
+CVE-2007-5894 (** DISPUTED ** ...)
 	- krb5 <unfixed> (unimportant; bug #454974)
 	NOTE: Not exploitable in real-world circumstances:
 	NOTE: http://mailman.mit.edu/pipermail/kerberos/2007-December/012717.html

More information about the Secure-testing-commits mailing list