[Git][security-tracker-team/security-tracker][master] Reassociate some ancient CVEs with 3proxy with itp bug (#718219)
Salvatore Bonaccorso
carnil at debian.org
Fri Aug 2 21:57:59 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9b5bb0ee by Salvatore Bonaccorso at 2019-08-02T20:57:28Z
Reassociate some ancient CVEs with 3proxy with itp bug (#718219)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -325325,7 +325325,7 @@ CVE-2003-1430 (Directory traversal vulnerability in Unreal Tournament Server 436
CVE-2003-1429 (Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to ex ...)
NOT-FOR-US: Data pre-dating the Security Tracker
CVE-2007-5622 (Double free vulnerability in the ftpprchild function in ftppr in 3prox ...)
- NOT-FOR-US: 3proxy
+ - 3proxy <itp> (bug #718219)
CVE-2007-5621 (Multiple cross-site scripting (XSS) vulnerabilities in the Token modul ...)
NOT-FOR-US: Token Drupal
NOTE: Token is not included in the drupal packages
@@ -334526,7 +334526,7 @@ CVE-2007-2033 (Unspecified vulnerability in Cisco Wireless Control System (WCS)
CVE-2007-2032 (Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded F ...)
NOT-FOR-US: Cisco
CVE-2007-2031 (Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, an ...)
- NOT-FOR-US: 3proxy
+ - 3proxy <itp> (bug #718219)
CVE-2007-2030 (lharc.c in lha does not securely create temporary files, which might a ...)
- lha 1.14i-10.2 (bug #437621; low)
[sarge] - lha <no-dsa> (Non-free not supported)
@@ -338059,9 +338059,9 @@ CVE-2007-1667 (Multiple integer overflows in (1) the XGetPixel function in ImUti
NOTE: With certain mail user agents, this issue is likely exploitable
NOTE: without much user interaction.
CVE-2006-6982 (3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic au ...)
- NOT-FOR-US: 3proxy
+ - 3proxy <itp> (bug #718219)
CVE-2006-6981 (3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows ...)
- NOT-FOR-US: 3proxy
+ - 3proxy <itp> (bug #718219)
CVE-2006-6980 (The magnatune.com album browser in Amarok allows attackers to cause a ...)
- amarok 1.4.4-4 (bug #410850; unimportant)
NOTE: This could only be exploited through the Magnatune shop
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9b5bb0ee17c95b023adbd83c7c53a964925f21d1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9b5bb0ee17c95b023adbd83c7c53a964925f21d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190802/887544e1/attachment.html>
More information about the debian-security-tracker-commits
mailing list