[Secure-testing-commits] r15048 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Jul 28 21:14:56 UTC 2010 

Author: joeyh
Date: 2010-07-28 21:14:46 +0000 (Wed, 28 Jul 2010)
New Revision: 15048

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-07-28 20:29:35 UTC (rev 15047)
+++ data/CVE/list	2010-07-28 21:14:46 UTC (rev 15048)
@@ -1,3 +1,109 @@
+CVE-2010-2895
+	RESERVED
+CVE-2010-2894
+	RESERVED
+CVE-2010-2893
+	RESERVED
+CVE-2010-2892
+	RESERVED
+CVE-2010-2891
+	RESERVED
+CVE-2010-2890
+	RESERVED
+CVE-2010-2889
+	RESERVED
+CVE-2010-2888
+	RESERVED
+CVE-2010-2887
+	RESERVED
+CVE-2010-2886
+	RESERVED
+CVE-2010-2885
+	RESERVED
+CVE-2010-2884
+	RESERVED
+CVE-2010-2883
+	RESERVED
+CVE-2010-2882
+	RESERVED
+CVE-2010-2881
+	RESERVED
+CVE-2010-2880
+	RESERVED
+CVE-2010-2879
+	RESERVED
+CVE-2010-2878
+	RESERVED
+CVE-2010-2877
+	RESERVED
+CVE-2010-2876
+	RESERVED
+CVE-2010-2875
+	RESERVED
+CVE-2010-2874
+	RESERVED
+CVE-2010-2873
+	RESERVED
+CVE-2010-2872
+	RESERVED
+CVE-2010-2871
+	RESERVED
+CVE-2010-2870
+	RESERVED
+CVE-2010-2869
+	RESERVED
+CVE-2010-2868
+	RESERVED
+CVE-2010-2867
+	RESERVED
+CVE-2010-2866
+	RESERVED
+CVE-2010-2865
+	RESERVED
+CVE-2010-2864
+	RESERVED
+CVE-2010-2863
+	RESERVED
+CVE-2010-2862
+	RESERVED
+CVE-2010-2861
+	RESERVED
+CVE-2010-2860
+	RESERVED
+CVE-2009-4974 (Directory traversal vulnerability in box_display.php in TotalCalendar ...)
+	TODO: check
+CVE-2009-4973 (SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows ...)
+	TODO: check
+CVE-2009-4972 (Cross-site scripting (XSS) vulnerability in index.php (aka the log in ...)
+	TODO: check
+CVE-2009-4971 (SQL injection vulnerability in the AJAX Chat (vjchat) extension before ...)
+	TODO: check
+CVE-2009-4970 (SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for ...)
+	TODO: check
+CVE-2009-4969 (SQL injection vulnerability in the Solidbase Bannermanagement ...)
+	TODO: check
+CVE-2009-4968 (SQL injection vulnerability in the Event Registration (event_registr) ...)
+	TODO: check
+CVE-2009-4967 (SQL injection vulnerability in the Car (car) extension before 0.1.1 ...)
+	TODO: check
+CVE-2009-4966 (SQL injection vulnerability in the AST ZipCodeSearch ...)
+	TODO: check
+CVE-2009-4965 (SQL injection vulnerability in the AIRware Lexicon (air_lexicon) ...)
+	TODO: check
+CVE-2009-4964 (Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers ...)
+	TODO: check
+CVE-2009-4963 (Cross-site scripting (XSS) vulnerability in the Commerce extension ...)
+	TODO: check
+CVE-2009-4962 (Stack-based buffer overflow in Fat Player 0.6b allows remote attackers ...)
+	TODO: check
+CVE-2009-4961 (Lanai Core 0.6 allows remote attackers to obtain configuration ...)
+	TODO: check
+CVE-2009-4960 (Directory traversal vulnerability in modules/backup/download.php in ...)
+	TODO: check
+CVE-2009-4959 (SQL injection vulnerability in the T3M E-Mail Marketing Tool (t3m) ...)
+	TODO: check
+CVE-2009-4958 (SQL injection vulnerability in video.php in EMO Breader Manager allows ...)
+	TODO: check
 CVE-2010-XXXX [mediawiki XSS and data leakage]
 	- mediawiki <unfixed>
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
@@ -386,10 +492,10 @@
 	RESERVED
 CVE-2010-2705
 	RESERVED
-CVE-2010-2704
-	RESERVED
-CVE-2010-2703
-	RESERVED
+CVE-2010-2704 (Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and ...)
+	TODO: check
+CVE-2010-2703 (Stack-based buffer overflow in the execvp_nc function in the ov.dll ...)
+	TODO: check
 CVE-2010-2702 (Buffer overflow in the UGameEngine::UpdateConnectingMessage function ...)
 	NOT-FOR-US: Unreal engine
 CVE-2010-2701 (Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow ...)
@@ -796,8 +902,7 @@
 	RESERVED
 CVE-2010-2535
 	RESERVED
-CVE-2010-2534
-	RESERVED
+CVE-2010-2534 (The NetworkSyncCommandQueue function in network/network_command.cpp in ...)
 	- openttd <unfixed>
 	[lenny] - openttd <not-affected> (Introduced in 1.0.1)
 	NOTE: http://bugs.openttd.org/task/3909
@@ -809,8 +914,7 @@
 	RESERVED
 CVE-2010-2530
 	RESERVED
-CVE-2010-2529 [ping resource consumption DoS]
-	RESERVED
+CVE-2010-2529 (Unspecified vulnerability in ping.c in iputils 20020927, 20070202, ...)
 	- iputils 3:20100418-2
 	[lenny] - iputils <no-dsa> (Minor issue)
 	TODO: next point update: [lenny] - iputils 3:20071127-1+lenny1
@@ -1273,8 +1377,8 @@
 	NOT-FOR-US: Subdreamer CMS
 CVE-2010-2338 (Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor ...)
 	NOT-FOR-US: VU Web Visitor Analyst
-CVE-2010-2337
-	RESERVED
+CVE-2010-2337 (Open redirect vulnerability in RSA Federated Identity Manager 4.0 ...)
+	TODO: check
 CVE-2010-2336 (index.php in Yamamah Photo Gallery 1.00 allows remote attackers to ...)
 	NOT-FOR-US: Yamamah Photo Gallery
 CVE-2010-2335 (SQL injection vulnerability in index.php in Yamamah Photo Gallery ...)
@@ -3265,8 +3369,8 @@
 	RESERVED
 CVE-2010-1578
 	RESERVED
-CVE-2010-1577
-	RESERVED
+CVE-2010-1577 (Directory traversal vulnerability in Cisco Internet Streamer, as used ...)
+	TODO: check
 CVE-2010-1576 (The Cisco Content Services Switch (CSS) 11500 with software before ...)
 	NOT-FOR-US: Cisco
 CVE-2010-1575 (The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 ...)
@@ -5590,8 +5694,8 @@
 	NOT-FOR-US: Oracle
 CVE-2010-0834
 	RESERVED
-CVE-2010-0833
-	RESERVED
+CVE-2010-0833 (The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build ...)
+	TODO: check
 CVE-2010-0832 (pam_motd (aka the MOTD module) in libpam-modules before ...)
 	TODO: check
 CVE-2010-0831 (Directory traversal vulnerability in the extract_jar function in ...)
@@ -7511,14 +7615,12 @@
 	RESERVED
 CVE-2010-0214
 	RESERVED
-CVE-2010-0213
-	RESERVED
-CVE-2010-0212 [openldap issue]
-	RESERVED
+CVE-2010-0213 (BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a ...)
+	TODO: check
+CVE-2010-0212 (OpenLDAP 2.4.22 allows remote attackers to cause a denial of service ...)
 	- openldap <undetermined>
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570
-CVE-2010-0211 [openldap issue]
-	RESERVED
+CVE-2010-0211 (The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not ...)
 	- openldap <undetermined>
 	NOTE: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6570
 CVE-2010-0210

More information about the Secure-testing-commits mailing list