[Secure-testing-commits] r12230 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Jun 29 21:14:15 UTC 2009 

Author: joeyh
Date: 2009-06-29 21:14:13 +0000 (Mon, 29 Jun 2009)
New Revision: 12230

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-06-29 18:34:12 UTC (rev 12229)
+++ data/CVE/list	2009-06-29 21:14:13 UTC (rev 12230)
@@ -1,3 +1,55 @@
+CVE-2009-2253
+	RESERVED
+CVE-2009-2252
+	RESERVED
+CVE-2009-2251
+	RESERVED
+CVE-2009-2250
+	RESERVED
+CVE-2009-2249
+	RESERVED
+CVE-2009-2248
+	RESERVED
+CVE-2009-2247
+	RESERVED
+CVE-2009-2246
+	RESERVED
+CVE-2009-2245
+	RESERVED
+CVE-2009-2244
+	RESERVED
+CVE-2009-2243 (SQL injection vulnerability in active_appointments.asp in ASP Inline ...)
+	TODO: check
+CVE-2009-2242 (SQL injection vulnerability in active_appointments.asp in ASP Inline ...)
+	TODO: check
+CVE-2009-2241 (Cross-site scripting (XSS) vulnerability in search.asp in ASP Inline ...)
+	TODO: check
+CVE-2009-2240 (Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka ...)
+	TODO: check
+CVE-2009-2239 (SQL injection vulnerability in the (1) casinobase (com_casinobase), ...)
+	TODO: check
+CVE-2009-2238 (Unrestricted file upload vulnerability in ...)
+	TODO: check
+CVE-2009-2237 (Unspecified vulnerability in Views Bulk Operations 5.x-1.x before ...)
+	TODO: check
+CVE-2009-2236 (SQL injection vulnerability in yad-admin/login.php in Your Article ...)
+	TODO: check
+CVE-2009-2235 (SQL injection vulnerability in page.php in Your Articles Directory ...)
+	TODO: check
+CVE-2009-2234 (Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call ...)
+	TODO: check
+CVE-2009-2210 (Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow ...)
+	TODO: check
+CVE-2008-6839 (Multiple cross-site scripting (XSS) vulnerabilities in TGS Content ...)
+	TODO: check
+CVE-2008-6838 (Cross-site scripting (XSS) vulnerability in search.php in Zoph 0.7.2.1 ...)
+	TODO: check
+CVE-2008-6837 (SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to ...)
+	TODO: check
+CVE-2008-6836 (Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before ...)
+	TODO: check
+CVE-2008-6835 (Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, ...)
+	TODO: check
 CVE-2009-XXXX [udev: creates aacraid devices that are rw by group floppy]
 	- udev 0.141-1 (medium; bug #530245; bug #462655; bug #404927)
 CVE-2009-XXXX [command injection in nagios]
@@ -9,51 +61,51 @@
 	- libcompface <unfixed> (medium; bug #534973)
 CVE-2009-XXXX [apache2 mod_deflate DoS]
 	- apache2 <unfixed> (medium; bug #534712)
-CVE-2009-2233
+CVE-2009-2233 (The admin interface in AWScripts.com Gallery Search Engine 1.5 allows ...)
 	NOT-FOR-US: AWScripts.com Gallery Search Engine
-CVE-2009-2232
+CVE-2009-2232 (SQL injection vulnerability in image.php in Softbiz Banner Ad ...)
 	NOT-FOR-US: Softbiz Banner Ad Management Script
-CVE-2009-2231
+CVE-2009-2231 (MIDAS 1.43 allows remote attackers to bypass authentication and obtain ...)
 	NOT-FOR-US: MIDAS
-CVE-2009-2230
+CVE-2009-2230 (SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka ...)
 	NOT-FOR-US: MyBB
-CVE-2009-2229
+CVE-2009-2229 (Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-2228
+CVE-2009-2228 (Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS ...)
 	NOT-FOR-US: Kasseler CMS
-CVE-2009-2227
+CVE-2009-2227 (Stack-based buffer overflow in Bopup Communication Server 3.2.26.5460 ...)
 	NOT-FOR-US: Bopup Communication Server
-CVE-2009-2226
+CVE-2009-2226 (Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS ...)
 	NOT-FOR-US: Let's PHP! Tree BBS
-CVE-2009-2225
+CVE-2009-2225 (Stack-based buffer overflow in SureThing CD/DVD Labeler 5.1.616 trial ...)
 	NOT-FOR-US: SureThing CD/DVD Labeler
-CVE-2009-2224
+CVE-2009-2224 (Directory traversal vulnerability in ang/shared/flags.php in AN ...)
 	NOT-FOR-US: AN Guestbook
-CVE-2009-2223
+CVE-2009-2223 (Directory traversal vulnerability in locms/smarty.php in LightOpenCMS ...)
 	NOT-FOR-US: LightOpenCMS
-CVE-2009-2222
+CVE-2009-2222 (Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier ...)
 	NOT-FOR-US: PHP-I-BOARD
-CVE-2009-2221
+CVE-2009-2221 (Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and ...)
 	NOT-FOR-US: PHP-I-BOARD
-CVE-2009-2220
+CVE-2009-2220 (Multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c, ...)
 	NOT-FOR-US: Tribiq CMS
-CVE-2009-2219
+CVE-2009-2219 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2218
+CVE-2009-2218 (Multiple PHP remote file inclusion vulnerabilities in ...)
 	NOT-FOR-US: phpCollegeExchange
-CVE-2009-2217
+CVE-2009-2217 (Cross-site scripting (XSS) vulnerability in NBBC before 1.4.2 allows ...)
 	NOT-FOR-US: NBBC
-CVE-2009-2216
+CVE-2009-2216 (Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in ...)
 	NOT-FOR-US: DirectAdmin
-CVE-2009-2215
+CVE-2009-2215 (Multiple cross-site scripting (XSS) vulnerabilities in URD before ...)
 	NOT-FOR-US: URD
-CVE-2009-2214
+CVE-2009-2214 (The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier ...)
 	NOT-FOR-US: Citrix Secure Gateway
-CVE-2009-2213
+CVE-2009-2213 (The default configuration of the Security global settings on the ...)
 	NOT-FOR-US: Citrix NetScaler Access Gateway
-CVE-2009-2212
+CVE-2009-2212 (The CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and ...)
 	NOT-FOR-US: IBM Rational ClearQuest
-CVE-2009-2211
+CVE-2009-2211 (Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM ...)
 	NOT-FOR-US: IBM Rational ClearQuest
 CVE-2009-2209 (SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 ...)
 	NOT-FOR-US: RS-CMS
@@ -799,8 +851,8 @@
 	{DSA-1823-1}
 	- samba <unfixed>
 	[etch] - samba <not-affected> (Vulnerable code not present)
-CVE-2009-1887
-	RESERVED
+CVE-2009-1887 (agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise ...)
+	TODO: check
 CVE-2009-1886 (Multiple format string vulnerabilities in client/client.c in smbclient ...)
 	{DSA-1823-1}
 	- samba 2:3.3.0
@@ -1473,8 +1525,7 @@
 	- cron 3.0pl1-106 (low; bug #528434)
 	[lenny] - cron <no-dsa> (Minor issue)
 	[etch] - cron <no-dsa> (Minor issue)
-CVE-2009-1628
-	RESERVED
+CVE-2009-1628 (Stack-based buffer overflow in mnet.exe in Unisys Business Information ...)
 	NOT-FOR-US: Unisys Business Information Server
 CVE-2009-1627 (Stack-based buffer overflow in Streaming Download Project (SDP) ...)
 	NOT-FOR-US: Streaming Download Project (SDP)
@@ -2137,8 +2188,7 @@
 	RESERVED
 CVE-2009-1395
 	RESERVED
-CVE-2009-1394
-	RESERVED
+CVE-2009-1394 (Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows ...)
 	NOT-FOR-US: Motorola Timbuktu Pro
 CVE-2009-1393
 	RESERVED
@@ -3076,14 +3126,11 @@
 	REJECTED
 CVE-2009-1204 (Cross-site scripting (XSS) vulnerability in TikiWiki (Tiki) ...)
 	NOT-FOR-US: TikiWiki
-CVE-2009-1203
-	RESERVED
+CVE-2009-1203 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with ...)
 	NOT-FOR-US: Cisco
-CVE-2009-1202
-	RESERVED
+CVE-2009-1202 (WebVPN on the Cisco Adaptive Security Appliances (ASA) device with ...)
 	NOT-FOR-US: Cisco
-CVE-2009-1201
-	RESERVED
+CVE-2009-1201 (Eval injection vulnerability in the csco_wrap_js function in ...)
 	NOT-FOR-US: Cisco
 CVE-2009-1200
 	RESERVED

More information about the Secure-testing-commits mailing list