[Secure-testing-commits] r13857 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Wed Jan 20 01:15:10 UTC 2010
Author: geissert
Date: 2010-01-20 01:15:07 +0000 (Wed, 20 Jan 2010)
New Revision: 13857
Modified:
data/CVE/list
Log:
some issues CVEIfied, more to be processed later
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-01-19 22:33:23 UTC (rev 13856)
+++ data/CVE/list 2010-01-20 01:15:07 UTC (rev 13857)
@@ -63,22 +63,6 @@
- mydms <undetermined> (low)
TODO: check
NOTE: http://seclists.org/fulldisclosure/2010/Jan/267
-CVE-2010-XXXX [dokuwiki CSRF]
- - dokuwiki 0.0.20090214b-3.1 (low)
- [etch] - dokuwiki <not-affected> (Vulnerable code not present)
- NOTE: http://secunia.com/advisories/38205/
- NOTE: CVE id requested
-CVE-2010-XXXX [dokuwiki multiple issues]
- - dokuwiki 0.0.20090214b-3.1 (medium; bug #565406)
- [etch] - dokuwiki <not-affected> (Vulnerable code not present)
- NOTE: http://bugs.splitbrain.org/index.php?do=details&task_id=1847
- NOTE: issue being exploited
- NOTE: CVE id requested
-CVE-2009-XXXX [gnome screensaver not locking second screen]
- - gnome-screensaver <unfixed> (low)
- NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca
- NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616
- TODO: file bug, check affected versions
CVE-2010-0350 (Directory traversal vulnerability in the Photo Book (goof_fotoboek) ...)
NOT-FOR-US: TYPO3 third party extensions
CVE-2010-0349 (Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 ...)
@@ -174,10 +158,6 @@
TODO: check
CVE-2009-4609 (The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote ...)
TODO: check
-CVE-2010-XXXX [typo3 openid auth bypass]
- - typo3-src <unfixed>
- TODO: check affected versions and report
- NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
CVE-2010-XXXX [zenoss sql injection]
- zenoss <itp> (bug #361253)
NOTE: http://seclists.org/fulldisclosure/2010/Jan/241
@@ -224,16 +204,30 @@
RESERVED
CVE-2010-0290
RESERVED
-CVE-2010-0289
+CVE-2010-0289 [dokuwiki CSRF]
RESERVED
-CVE-2010-0288
+ - dokuwiki 0.0.20090214b-3.1 (low)
+ [etch] - dokuwiki <not-affected> (Vulnerable code not present)
+ NOTE: http://secunia.com/advisories/38205/
+CVE-2010-0288 [dokuwiki insufficient permissions checks, allowing attacker to change ACLs]
RESERVED
+ - dokuwiki 0.0.20090214b-3.1 (medium; bug #565406)
+ [etch] - dokuwiki <not-affected> (Vulnerable code not present)
+ NOTE: http://bugs.splitbrain.org/index.php?do=details&task_id=1847
+ NOTE: issue being exploited
CVE-2010-0287
RESERVED
-CVE-2010-0286
+CVE-2010-0286 [typo3 openid auth bypass]
RESERVED
-CVE-2010-0285
+ - typo3-src <unfixed>
+ TODO: check affected versions and report
+ NOTE: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
+CVE-2010-0285 [gnome screensaver not locking second screen]
RESERVED
+ - gnome-screensaver <unfixed> (low)
+ NOTE: http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616
+ TODO: file bug, check affected versions
CVE-2010-0284
RESERVED
CVE-2010-0283
More information about the Secure-testing-commits
mailing list