[Secure-testing-commits] r11081 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Jan 28 20:30:17 UTC 2009
Author: nion
Date: 2009-01-28 20:30:17 +0000 (Wed, 28 Jan 2009)
New Revision: 11081
Modified:
data/CVE/list
Log:
cveify amaya and add the issues found by core security as well
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-01-28 20:22:10 UTC (rev 11080)
+++ data/CVE/list 2009-01-28 20:30:17 UTC (rev 11081)
@@ -1,3 +1,7 @@
+CVE-2009-0323 [multiple buffer overflows in amaya]
+ TODO: report bug
+ - amaya <unfixed> (medium)
+ NOTE: http://www.coresecurity.com/content/amaya-buffer-overflows
CVE-2009-0282 [Integer overflow in Ralink SSID parsing]
- rt2400 1.2.2+cvs20080623-3 (bug #512999)
- rt2500 1:1.1.0-b4+cvs20080623-3 (bug #513000)
@@ -568,7 +572,7 @@
- xrdp 0.4.0~dfsg-9 (bug #511641)
CVE-2008-5902 (Buffer overflow in the xrdp_bitmap_invalidate function in ...)
- xrdp 0.4.0~dfsg-9 (bug #511641)
-CVE-2009-XXXX [amaya: stack based buffer overflow]
+CVE-2008-6005 [amaya: stack based buffer overflow]
- amaya <unfixed> (medium; bug #507587)
NOTE: different vector than described in CVE-2008-5282, see 507587#15
CVE-2009-XXXX [openslp: insecure cert validation through openssl api misuse]
More information about the Secure-testing-commits
mailing list