[Secure-testing-commits] r12257 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Jul 2 21:14:22 UTC 2009 

Author: joeyh
Date: 2009-07-02 21:14:20 +0000 (Thu, 02 Jul 2009)
New Revision: 12257

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-07-02 18:48:16 UTC (rev 12256)
+++ data/CVE/list	2009-07-02 21:14:20 UTC (rev 12257)
@@ -1,3 +1,77 @@
+CVE-2009-2313 (Directory traversal vulnerability in index.php in Jinzora Media ...)
+	TODO: check
+CVE-2009-2312 (SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in ...)
+	TODO: check
+CVE-2009-2311 (SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab ...)
+	TODO: check
+CVE-2009-2310 (SQL injection vulnerability in include/get_read.php in ...)
+	TODO: check
+CVE-2009-2309 (SQL injection vulnerability in index.php in Codice CMS 2 allows remote ...)
+	TODO: check
+CVE-2009-2308 (Multiple SQL injection vulnerabilities in affiliates.php in the ...)
+	TODO: check
+CVE-2009-2307 (SQL injection vulnerability in the CWGuestBook module 2.1 and earlier ...)
+	TODO: check
+CVE-2009-2306 (The ARD-9808 DVR card security camera stores sensitive information ...)
+	TODO: check
+CVE-2009-2305 (The ARD-9808 DVR card security camera allows remote attackers to cause ...)
+	TODO: check
+CVE-2009-2304 (index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote ...)
+	TODO: check
+CVE-2009-2303 (index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote ...)
+	TODO: check
+CVE-2009-2302 (Cross-site scripting (XSS) vulnerability in index.php in Aardvark ...)
+	TODO: check
+CVE-2009-2301 (The radware AppWall Web Application Firewall (WAF) 1.0.2.6, with ...)
+	TODO: check
+CVE-2009-2300 (The management interface in the phion airlock Web Application Firewall ...)
+	TODO: check
+CVE-2009-2299 (The Artofdefence Hyperguard Web Application Firewall (WAF) module ...)
+	TODO: check
+CVE-2009-2298 (Stack-based buffer overflow in rping in HP OpenView Network Node ...)
+	TODO: check
+CVE-2009-2297 (Unspecified vulnerability in the udp subsystem in the kernel in Sun ...)
+	TODO: check
+CVE-2009-2296 (The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris ...)
+	TODO: check
+CVE-2009-2295
+	RESERVED
+CVE-2009-2294
+	RESERVED
+CVE-2009-2293 (Optimum Web Design Tutorial Share 3.5.0 and earlier allows remote ...)
+	TODO: check
+CVE-2009-2292 (Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 ...)
+	TODO: check
+CVE-2009-2291 (Unspecified vulnerability in LoginToboggan 6.x-1.x before 6.x-1.5, a ...)
+	TODO: check
+CVE-2009-2290 (SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) ...)
+	TODO: check
+CVE-2009-2289 (Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade ...)
+	TODO: check
+CVE-2009-2287 (The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel ...)
+	TODO: check
+CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...)
+	TODO: check
+CVE-2009-2283 (Multiple cross-site scripting (XSS) vulnerabilities in the help jsp ...)
+	TODO: check
+CVE-2009-2282 (The Virtual Network Terminal Server daemon (vntsd) for Logical Domains ...)
+	TODO: check
+CVE-2008-6847 (Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in ...)
+	TODO: check
+CVE-2008-6846 (Multiple stack-based buffer overflows in avast! Linux Home Edition ...)
+	TODO: check
+CVE-2008-6845 (The unpack feature in ClamAV 0.93.3 and earlier allows remote ...)
+	TODO: check
+CVE-2008-6844 (The registration view (/user/register) in eZ Publish 3.5.6 and ...)
+	TODO: check
+CVE-2008-6843 (Directory traversal vulnerability in index.php in Fantastico, as used ...)
+	TODO: check
+CVE-2008-6842 (Directory traversal vulnerability in ...)
+	TODO: check
+CVE-2008-6841 (PHP remote file inclusion vulnerability in the Green Mountain ...)
+	TODO: check
+CVE-2008-6840 (Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 ...)
+	TODO: check
 CVE-2009-XXXX [multiple drupal issues]
 	- drupal6 <unfixed> (bug #535435)
 	- drupal5 <unfixed> (bug #535476)
@@ -3,5 +77,5 @@
 	NOTE: http://drupal.org/node/507572
 	NOTE: requested CVE id
-CVE-2009-2284 [phpMyAdmin XSS PMASA-2009-5]
+CVE-2009-2284 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 ...)
 	- phpmyadmin 4:3.2.0.1-1
 	TODO: need to assess severity of this issue
@@ -37,6 +111,7 @@
 CVE-2009-2266
 	RESERVED
 CVE-2009-2281 [Heap-based buffer underflow in the readPostBody function in cgiutil.c ...]
+	RESERVED
 	- mapserver <unfixed> (medium; bug #535340)
 	NOTE: http://www.openwall.com/lists/oss-security/2009/06/22/2
 CVE-2009-2265
@@ -125,12 +200,12 @@
 	NOT-FOR-US: OpenID module for Drupal
 CVE-2009-XXXX [udev: creates aacraid devices that are rw by group floppy]
 	- udev 0.141-1 (medium; bug #530245; bug #462655; bug #404927)
-CVE-2009-2288 [command injection in nagios]
+CVE-2009-2288 (statuswml.cgi in Nagios before 3.1.1 allows remote attackers to ...)
 	- nagios3 3.0.6-5
 	- nagios2 <removed>
 	[etch] - nagios2 <unfixed>
 	NOTE: http://secunia.com/advisories/35543
-CVE-2009-2286 [compface buffer overflow]
+CVE-2009-2286 (Buffer overflow in compface 1.5.2 and earlier allows user-assisted ...)
 	- libcompface 1:1.5.2-5 (medium; bug #534973)
 CVE-2009-XXXX [apache2 mod_deflate DoS]
 	- apache2 <unfixed> (medium; bug #534712)
@@ -2213,8 +2288,8 @@
 	RESERVED
 CVE-2009-1422
 	RESERVED
-CVE-2009-1421
-	RESERVED
+CVE-2009-1421 (Unspecified vulnerability in NFS / ONCplus on HP HP-UX B.11.31 allows ...)
+	TODO: check
 CVE-2009-1420 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
 	NOT-FOR-US: HP OpenView Network Node Manager
 CVE-2009-1419 (Unspecified vulnerability in HP Discovery &amp; Dependency Mapping ...)
@@ -5130,8 +5205,8 @@
 	NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
 CVE-2009-0690 (The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit ...)
 	NOT-FOR-US: Foxit JPEG2000/JBIG2 Decoder add-on
-CVE-2009-0689
-	RESERVED
+CVE-2009-0689 (The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in ...)
+	TODO: check
 CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 ...)
 	{DSA-1807-1 DTSA-200-1 DTSA-201-1}
 	- cyrus-sasl2 2.1.23.dfsg1-1 (bug #528749)

More information about the Secure-testing-commits mailing list