[Secure-testing-commits] r12206 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Fri Jun 26 07:03:25 UTC 2009
Author: derevko-guest
Date: 2009-06-26 07:03:24 +0000 (Fri, 26 Jun 2009)
New Revision: 12206
Modified:
data/CVE/list
Log:
- NFUs
- strongswan and kfreebsd got a CVE id
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-25 22:08:07 UTC (rev 12205)
+++ data/CVE/list 2009-06-26 07:03:24 UTC (rev 12206)
@@ -1,7 +1,11 @@
CVE-2009-2209 (SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 ...)
- TODO: check
+ NOT-FOR-US: RS-CMS
CVE-2009-2208 (FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the ...)
- TODO: check
+ - kfreebsd-6 <removed>
+ [lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
+ - kfreebsd-7 7.2-2
+ [lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
+ NOTE: http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
CVE-2009-2207
RESERVED
CVE-2009-2206
@@ -43,11 +47,12 @@
CVE-2009-2188
RESERVED
CVE-2009-2187 (Multiple memory leaks in the (1) IP and (2) IPv6 multicast ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris
CVE-2009-2186 (Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Playe
CVE-2009-2185 (The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, ...)
- TODO: check
+ - strongswan 4.2.14-1.2 (bug #533837)
+ - openswan 1:2.6.22+dfsg-1
CVE-2009-XXXX [request-tracker: root priviledges for dialog]
- request-tracker3.4 <removed> (low; bug #534498)
[etch] - request-tracker3.4 <not-affected> (flaw introduced in 3.6.2)
@@ -187,10 +192,6 @@
- mahara 1.1.5-1 (low)
CVE-2009-2171 (Mahara 1.1 before 1.1.5 does not apply permission checks when saving a ...)
- mahara 1.1.5-1 (low)
-CVE-2009-XXXX [strongswan dos in RDNs asn.1 parser]
- - strongswan 4.2.14-1.2 (bug #533837)
-CVE-2009-XXXX [strongswan dos in ASN.1 UTCTIME and GENERALIZEDTIME string conversion]
- - strongswan 4.2.14-1.2 (bug #533837)
CVE-2009-2120 (Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow ...)
NOT-FOR-US: TekBase
CVE-2009-2119 (Cross-site scripting (XSS) vulnerability in the login interface in F5 ...)
@@ -368,9 +369,9 @@
CVE-2009-2047
RESERVED
CVE-2009-2046 (The embedded web server on the Cisco Video Surveillance 2500 Series IP ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2009-2045 (The Cisco Video Surveillance Stream Manager firmware before 5.3, as ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2009-2044 (Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to ...)
- xulrunner <unfixed> (unknown)
TODO: check on the details once the Mozilla bug has been made public
@@ -407,12 +408,6 @@
NOT-FOR-US: Sun Solaris
CVE-2009-2028 (Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 ...)
NOT-FOR-US: Adobe
-CVE-2009-XXXX [freebsd Missing permission check on SIOCSIFINFO_IN6 ioctl]
- - kfreebsd-6 <removed>
- [lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
- - kfreebsd-7 7.2-2
- [lenny] - kfreebsd-7 <no-dsa> (KFreebsd not supported)
- NOTE: http://security.freebsd.org/advisories/FreeBSD-SA-09:10.ipv6.asc
CVE-2009-XXXX [adtool leaks password in environment]
- adtool 1.3.2-1 (unimportant)
NOTE: adtool has safe means to specify the password, so this boils
@@ -809,7 +804,7 @@
CVE-2009-1861 (Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 ...)
NOT-FOR-US: Adobe Reader
CVE-2009-1860 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 ...)
- TODO: check
+ NOT-FOR-US: Adobe Shockwave Player
CVE-2009-1859 (Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat ...)
NOT-FOR-US: Adobe Reader
CVE-2009-1858 (The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe ...)
@@ -3150,7 +3145,7 @@
CVE-2009-1164
RESERVED
CVE-2009-1163 (Memory leak on the Cisco Physical Access Gateway with software before ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2009-1162 (Cross-site scripting (XSS) vulnerability in the Spam Quarantine login ...)
NOT-FOR-US: Cisco IronPort AsyncOS
CVE-2009-1161 (Directory traversal vulnerability in the TFTP service in Cisco ...)
@@ -3954,7 +3949,7 @@
CVE-2009-0904
RESERVED
CVE-2009-0903 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the ...)
- TODO: check
+ NOT-FOR-US: WebSphere
CVE-2009-0902
RESERVED
CVE-2009-0901
More information about the Secure-testing-commits
mailing list