[Secure-testing-commits] r11846 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sat May 9 10:05:18 UTC 2009
Author: derevko-guest
Date: 2009-05-09 10:05:18 +0000 (Sat, 09 May 2009)
New Revision: 11846
Modified:
data/CVE/list
Log:
NFUs
CVE-2008-6800: samba in oldstable is affected
CVE-2008-6792: system-tools-backends, Ubuntu specific issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-05-08 21:14:12 UTC (rev 11845)
+++ data/CVE/list 2009-05-09 10:05:18 UTC (rev 11846)
@@ -1,37 +1,38 @@
CVE-2009-1587 (index.php in PHP Site Lock 2.0 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: PHP Site Lock
CVE-2009-1586 (Stack-based buffer overflow in the NZB importer feature in GrabIt ...)
- TODO: check
+ NOT-FOR-US: GrabIt
CVE-2009-1585 (Multiple SQL injection vulnerabilities in TemaTres 1.031, when ...)
- TODO: check
+ NOT-FOR-US: TemaTres
CVE-2009-1584 (Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, ...)
- TODO: check
+ NOT-FOR-US: TemaTres
CVE-2009-1583 (Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3 ...)
- TODO: check
+ NOT-FOR-US: TemaTres
CVE-2009-1582 (Million Dollar Text Links 1.0 does not properly restrict administrator ...)
- TODO: check
+ NOT-FOR-US: Million Dollar Text Links
CVE-2008-6802 (Multiple SQL injection vulnerabilities in index.php in phPhotoGallery ...)
- TODO: check
+ NOT-FOR-US: phPhotoGallery
CVE-2008-6801 (Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before ...)
- TODO: check
+ NOT-FOR-US: Vivvo CMS
CVE-2008-6800 (Race condition in the winbind daemon (aka winbindd) in Samba before ...)
- TODO: check
+ - samba 3.2.0~pre2-1 (low; bug #527894)
CVE-2008-6799 (connection.php in FlashChat 5.0.8 allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: FlashChat
CVE-2008-6798 (Multiple SQL injection vulnerabilities in login.php in Pre Projects ...)
- TODO: check
+ NOT-FOR-US: Pre Real Estate Listings
CVE-2008-6797 (The server in Mitel NuPoint Messenger R11 and R3 sends usernames and ...)
- TODO: check
+ NOT-FOR-US: Mitel NuPoint Messenger
CVE-2008-6796 (SQL injection vulnerability in manager/login.php in Pre Projects Pre ...)
- TODO: check
+ NOT-FOR-US: Pre Real Estate Listings
CVE-2008-6795 (SQL injection vulnerability in view_news.php in nicLOR ...)
- TODO: check
+ NOT-FOR-US: nicLOR Vibro-School-CMS
CVE-2008-6794 (SQL injection vulnerability in directory.php in Scripts For Sites ...)
- TODO: check
+ NOT-FOR-US: Scripts For Sites (SFS)
CVE-2008-6793 (The get_file_type function in lib/file_content.php in DFLabs PTK 0.1, ...)
- TODO: check
+ NOT-FOR-US: DFLabs
CVE-2008-6792 (system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used ...)
- TODO: check
+ - system-tools-backends <not-affected> (Ubuntu specific issue)
+ NOTE: https://bugs.launchpad.net/ubuntu/+source/system-tools-backends/+bug/287134
CVE-2009-XXXX [opensc: insecure due to wrong public exponent]
- opensc 0.11.8 (high; bug #527640)
CVE-2009-1581
More information about the Secure-testing-commits
mailing list