[Secure-testing-commits] r12458 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sat Aug 1 09:31:33 UTC 2009
Author: derevko-guest
Date: 2009-08-01 09:31:32 +0000 (Sat, 01 Aug 2009)
New Revision: 12458
Modified:
data/CVE/list
Log:
asterisk and firebird DoS
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-01 07:20:15 UTC (rev 12457)
+++ data/CVE/list 2009-08-01 09:31:32 UTC (rev 12458)
@@ -5,7 +5,10 @@
NOTE: asked maintainer to check whether openssl affected
TODO: determine whether web browsers are also individually vulnerable (i.e. nss) or if a fix in just openssl is sufficient
CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ...)
- TODO: check
+ - asterisk <unfixed> (low; bug #539473)
+ [etch] - asterisk <not-affected> (Vulnerable code not present)
+ [lenny] - asterisk <not-affected> (Vulnerable code not present)
+ [squeeze] - asterisk <not-affected> (Vulnerable code not present)
CVE-2009-2650 (Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 ...)
NOT-FOR-US: Sorcerer Software MultiMedia Jukebox
CVE-2009-2649 (The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev ...)
@@ -80,7 +83,8 @@
CVE-2009-2623
RESERVED
CVE-2009-2620 (src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before ...)
- TODO: check
+ - firebird2.0 <unfixed> (low; bug #539477)
+ - firebird2.1 <unfixed> (low; bug #539478)
CVE-2009-2619 (SQL injection vulnerability in login.asp in DataCheck Solutions ...)
NOT-FOR-US: DataCheck Solutions V-SpacePal
CVE-2009-2618 (SQL injection vulnerability in the Surveys (aka NS-Polls) module in ...)
More information about the Secure-testing-commits
mailing list