[Secure-testing-commits] r9954 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Thu Oct 2 13:59:24 UTC 2008
Author: nion
Date: 2008-10-02 13:59:22 +0000 (Thu, 02 Oct 2008)
New Revision: 9954
Modified:
data/CVE/list
Log:
CVE-2008-4302 fixed in linux-2.6 2.6.22-4
CVE-2008-4210 fixed in linux-2.6 2.6.22-1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-10-02 13:46:23 UTC (rev 9953)
+++ data/CVE/list 2008-10-02 13:59:22 UTC (rev 9954)
@@ -149,7 +149,7 @@
CVE-2008-4303
RESERVED
CVE-2008-4302 (fs/splice.c in the splice subsystem in the Linux kernel before ...)
- TODO: check
+ - linux-2.6 2.6.22-4 (low)
CVE-2008-4301 (A certain ActiveX control in iisext.dll in Microsoft Internet ...)
NOT-FOR-US: Microsoft
CVE-2008-4300 (A certain ActiveX control in adsiis.dll in Microsoft Internet ...)
@@ -330,7 +330,9 @@
CVE-2008-4211
RESERVED
CVE-2008-4210 (fs/open.c in the Linux kernel before 2.6.22 does not properly strip ...)
- TODO: check
+ - linux-2.6 2.6.22-1
+ NOTE: easily exploitable but of limited use as the attacker already needs access to a
+ NOTE: directory that is setgid to the group he wants to get privileges for
CVE-2008-4209
RESERVED
CVE-2008-4208 (Unspecified vulnerability in OSADS Alliance Database before 2.1 has ...)
More information about the Secure-testing-commits
mailing list