[Secure-testing-commits] r13714 - data/CVE

Raphael Geissert geissert at alioth.debian.org
Tue Jan 5 00:46:07 UTC 2010


Author: geissert
Date: 2010-01-05 00:46:05 +0000 (Tue, 05 Jan 2010)
New Revision: 13714

Modified:
   data/CVE/list
Log:
some NFUs, Zabbix issues CVEIfied


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-05 00:36:43 UTC (rev 13713)
+++ data/CVE/list	2010-01-05 00:46:05 UTC (rev 13714)
@@ -45,7 +45,7 @@
 CVE-2009-4536
 	RESERVED
 CVE-2009-4535 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: Mongoose
 CVE-2009-4534 (Open redirect vulnerability in the FAQ Ask module 5.x and 6.x before ...)
 	TODO: check
 CVE-2009-4533 (The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module ...)
@@ -53,11 +53,11 @@
 CVE-2009-4532 (Cross-site scripting (XSS) vulnerability in the Webform module 5.x ...)
 	TODO: check
 CVE-2009-4531 (httpdx 1.4.4 and earlier allows remote attackers to obtain the source ...)
-	TODO: check
+	NOT-FOR-US: httpdx
 CVE-2009-4530 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: Mongoose
 CVE-2009-4529 (InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote ...)
-	TODO: check
+	NOT-FOR-US: InterVations NaviCOPA Web Server
 CVE-2009-4528 (The Organic Groups (OG) Vocabulary module 6.x before 6.x-1.0 for ...)
 	TODO: check
 CVE-2009-4527 (The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before ...)
@@ -69,15 +69,15 @@
 CVE-2009-4524 (Cross-site scripting (XSS) vulnerability in the RealName module ...)
 	TODO: check
 CVE-2009-4523 (Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 ...)
-	TODO: check
+	NOT-FOR-US: Zainu
 CVE-2009-4522 (Cross-site scripting (XSS) vulnerability in search.5.html in ...)
-	TODO: check
+	NOT-FOR-US: BloofoxCMS
 CVE-2009-4521 (Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse ...)
 	TODO: check
 CVE-2009-4520 (The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before ...)
 	TODO: check
 CVE-2009-4519 (Multiple unspecified vulnerabilities in Ortro before 1.3.4 have ...)
-	TODO: check
+	NOT-FOR-US: Ortro
 CVE-2009-4518 (Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x ...)
 	TODO: check
 CVE-2009-4517 (Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module ...)
@@ -111,15 +111,15 @@
 CVE-2009-4503
 	RESERVED
 CVE-2009-4502 (The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, ...)
-	TODO: check
+	- zabbix <unfixed> (bug #562613)
 CVE-2009-4501 (The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix ...)
-	TODO: check
+	- zabbix <unfixed> (bug #562613)
 CVE-2009-4500 (The process_trap function in trapper/trapper.c in Zabbix Server before ...)
-	TODO: check
+	- zabbix <unfixed> (bug #562613)
 CVE-2009-4499 (SQL injection vulnerability in the get_history_lastid function in the ...)
-	TODO: check
+	- zabbix <unfixed> (bug #562613)
 CVE-2009-4498 (The node_process_command function in Zabbix Server before 1.8 allows ...)
-	TODO: check
+	- zabbix <unfixed> (bug #562613)
 CVE-2009-4497
 	RESERVED
 CVE-2009-4496
@@ -806,9 +806,6 @@
 	RESERVED
 CVE-2009-4267
 	RESERVED
-CVE-2009-XXXX [Zabbix Server multiple remote vulnerabilities]
-	- zabbix <unfixed> (bug filed)
-	NOTE: Sent mail to oss-security, entry can be split once CVE IDs have been assigned
 CVE-2009-XXXX [gnome-screensaver vulnerability]
 	- gnome-screensaver <unfixed> (low; bug #560895)
 CVE-2009-XXXX [gif2png multiple buffer overflows parsing CLI arguments]




More information about the Secure-testing-commits mailing list