[Secure-testing-commits] r12946 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Oct 6 21:14:19 UTC 2009 

Author: joeyh
Date: 2009-10-06 21:14:19 +0000 (Tue, 06 Oct 2009)
New Revision: 12946

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-10-06 21:12:25 UTC (rev 12945)
+++ data/CVE/list	2009-10-06 21:14:19 UTC (rev 12946)
@@ -1,3 +1,53 @@
+CVE-2009-3566
+	RESERVED
+CVE-2009-3565
+	RESERVED
+CVE-2009-3564
+	RESERVED
+CVE-2009-3563
+	RESERVED
+CVE-2009-3562 (Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 ...)
+	TODO: check
+CVE-2009-3561 (Directory traversal vulnerability in Xerver HTTP Server 4.32 allows ...)
+	TODO: check
+CVE-2009-3560
+	RESERVED
+CVE-2009-3559
+	RESERVED
+CVE-2009-3558
+	RESERVED
+CVE-2009-3557
+	RESERVED
+CVE-2009-3556
+	RESERVED
+CVE-2009-3555
+	RESERVED
+CVE-2009-3554
+	RESERVED
+CVE-2009-3553
+	RESERVED
+CVE-2009-3552
+	RESERVED
+CVE-2009-3551
+	RESERVED
+CVE-2009-3550
+	RESERVED
+CVE-2009-3549
+	RESERVED
+CVE-2009-3548
+	RESERVED
+CVE-2009-3547
+	RESERVED
+CVE-2009-3546
+	RESERVED
+CVE-2009-3545 (DataWizard Technologies FtpXQ FTP Server 3.0 allows remote ...)
+	TODO: check
+CVE-2009-3544 (Xerver HTTP Server 4.32 allows remote attackers to obtain the source ...)
+	TODO: check
+CVE-2009-3527
+	RESERVED
+CVE-2009-3526
+	RESERVED
 CVE-2009-XXXX [php5's pear is vulnerable to symlink attacks]
 	- php5 <unfixed> (low; bug #546164)
 	NOTE: side-effect reported to upstream: http://bugs.php.net/44354
@@ -11,40 +61,40 @@
 CVE-2009-XXXX [kfreebsd: kqueue pipe race conditions]
 	- kfreebsd-6 <removed>
 	[lenny] - kfreebsd-6 <no-dsa> (KFreebsd not supported)
-CVE-2009-3543
+CVE-2009-3543 (SQL injection vulnerability in _phenotype/admin/login.php in Phenotype ...)
 	NOT-FOR-US: Phenotype CMS
-CVE-2009-3542
+CVE-2009-3542 (Directory traversal vulnerability in ls.php in LittleSite (aka LS or ...)
 	NOT-FOR-US: LittleSite
-CVE-2009-3541
+CVE-2009-3541 (PHP remote file inclusion vulnerability in CoupleDB.php in ...)
 	NOT-FOR-US: PHPGenealogy
-CVE-2009-3540
+CVE-2009-3540 (Cross-site scripting (XSS) vulnerability in listads.php in ...)
 	NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro
-CVE-2009-3539
+CVE-2009-3539 (Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld ...)
 	NOT-FOR-US: YourFreeWorld Ultra Classifieds Pro
-CVE-2009-3538
+CVE-2009-3538 (Directory traversal vulnerability in thumb.php in Clear Content 1.1 ...)
 	NOT-FOR-US: Clear Content
-CVE-2009-3537
+CVE-2009-3537 (Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 ...)
 	NOT-FOR-US: EpicDJSoftware EpicDJ
-CVE-2009-3536
+CVE-2009-3536 (Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 ...)
 	NOT-FOR-US: EpicDJSoftware EpicVJ
-CVE-2009-3535
+CVE-2009-3535 (Directory traversal vulnerability in image.php in Clear Content 1.1 ...)
 	NOT-FOR-US: Clear Content
-CVE-2009-3534
+CVE-2009-3534 (Directory traversal vulnerability in index.php in LionWiki 3.0.3, when ...)
 	NOT-FOR-US: LionWiki
-CVE-2009-3533
+CVE-2009-3533 (SQL injection vulnerability in report.php in Meeting Room Booking ...)
 	NOT-FOR-US: Meeting Room Booking System
-CVE-2009-3532
+CVE-2009-3532 (Multiple SQL injection vulnerabilities in login.asp (aka the login ...)
 	NOT-FOR-US: LogRover
-CVE-2009-3531
+CVE-2009-3531 (SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows ...)
 	NOT-FOR-US: Universe CMS
-CVE-2009-3530
+CVE-2009-3530 (Cross-site scripting (XSS) vulnerability in storefront.php in ...)
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2009-3529
+CVE-2009-3529 (SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 ...)
 	NOT-FOR-US: RadScripts RadBids Gold
-CVE-2009-3528
+CVE-2009-3528 (SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows ...)
 	NOT-FOR-US: MyMsg
-CVE-2009-3525
-	RESERVED
+CVE-2009-3525 (The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not ...)
+	TODO: check
 CVE-2009-XXXX [buffer overflow in overkill]
 	- overkill <unfixed> (bug #549310; low)
 	[lenny] - overkill <no-dsa> (Minor issue)
@@ -2824,8 +2874,8 @@
 	NOT-FOR-US: HP ProCurve Identity Driven Manager
 CVE-2009-2680 (Unspecified vulnerability in the Remote Management Interface (RMI) for ...)
 	NOT-FOR-US: HP StorageWorks
-CVE-2009-2679
-	RESERVED
+CVE-2009-2679 (Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and ...)
+	TODO: check
 CVE-2009-2678
 	RESERVED
 CVE-2009-2677 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)

More information about the Secure-testing-commits mailing list