[Secure-testing-commits] r10330 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Fri Nov 7 21:14:11 UTC 2008
Author: joeyh
Date: 2008-11-07 21:14:10 +0000 (Fri, 07 Nov 2008)
New Revision: 10330
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-11-07 20:16:59 UTC (rev 10329)
+++ data/CVE/list 2008-11-07 21:14:10 UTC (rev 10330)
@@ -1,3 +1,5 @@
+CVE-2008-4991 (SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and ...)
+ TODO: check
CVE-2008-XXXX [Nagios "cmd.cgi" Cross-Site Request Forgery]
- nagios3 <unfixed> (bug #504894)
TODO: check nagios2
@@ -1491,7 +1493,7 @@
RESERVED
CVE-2008-4310
RESERVED
-CVE-2008-4309 (The getbulk code in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, ...)
+CVE-2008-4309 (Integer overflow in the netsnmp_create_subtree_cache function in ...)
- net-snmp 5.4.1~dfsg-11 (bug #504150)
CVE-2008-4308
RESERVED
@@ -1727,12 +1729,12 @@
- pdnsd 1.2.6-par-10 (bug #500910)
CVE-2008-4193 (Stack-based buffer overflow in SecurityGateway.dll in Alt-N ...)
NOT-FOR-US: Alt-N Technologies SecurityGateway
-CVE-2008-4192 (The pserver_shutdown function in fence_egenera in cman 2.20080629 ...)
+CVE-2008-4192 (The pserver_shutdown function in fence_egenera in cman 2.20080629 and ...)
- redhat-cluster 2.20081102-1 (bug #496410; low)
CVE-2008-4191 (extract-table.pl in Emacspeak 26 and 28 allows local users to ...)
- emacspeak 28.0-2 (bug #496431; low)
[etch] - emacspeak <no-dsa> (Minor issue)
-CVE-2008-4190 (The IPSEC livetest tool in Openswan 2.4.4 and earlier allows local ...)
+CVE-2008-4190 (The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x ...)
- openswan 1:2.4.12+dfsg-1.3 (bug #496374; low)
[etch] - openswan <no-dsa> (Vulnerable code only in example script)
CVE-2008-XXXX [jumpnbump: insecure temp file]
@@ -1987,7 +1989,7 @@
NOT-FOR-US: Acoustica Beatcraft
CVE-2008-4086 (SQL injection vulnerability in index.php in Reciprocal Links Manager ...)
NOT-FOR-US: Reciprocal Links Manager
-CVE-2008-4085 (Plait before 1.6 allows local users to overwrite arbitrary files via a ...)
+CVE-2008-4085 (plaiter in Plait before 1.6 allows local users to overwrite arbitrary ...)
- plait 1.5.2-2 (low; bug #496381)
CVE-2008-4084 (SQL injection vulnerability in staticpages/easyclassifields/index.php ...)
NOT-FOR-US: MyioSoft EasyClassifields
@@ -3248,7 +3250,7 @@
NOT-FOR-US: Mac OSX
CVE-2008-3637 (The Hash-based Message Authentication Code (HMAC) provider in Java on ...)
NOT-FOR-US: Mac OSX
-CVE-2008-3636 (Integer overflow in an unspecified third-party driver bundled with ...)
+CVE-2008-3636 (Integer overflow in the Microsoft Windows Kernel IopfCompleteRequest ...)
NOT-FOR-US: Apple iTunes
CVE-2008-3635 (Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an ...)
NOT-FOR-US: Apple Quick Times
@@ -8789,7 +8791,7 @@
NOT-FOR-US: Snom 320 SIP Phone
CVE-2008-1247 (The web interface on the Linksys WRT54g router with firmware 1.00.9 ...)
NOT-FOR-US: Linksys WRT54g router
-CVE-2008-1246 (The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local ...)
+CVE-2008-1246 (** DISPUTED ** ...)
NOT-FOR-US: Cisco PIX/ASA Finesse Operation System
CVE-2008-1245 (cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with ...)
NOT-FOR-US: Belkin router
More information about the Secure-testing-commits
mailing list