[Secure-testing-commits] r5409 - data/CVE

Stefan Fritsch Sun, 04 Feb 2007 10:51:40 -0800

Author: stef-guest
Date: 2007-02-04 19:51:33 +0100 (Sun, 04 Feb 2007)
New Revision: 5409


Modified:
   data/CVE/list
Log:
- new remctl issue fixed
- new ejabberd issue fixed
- viewvc fixed
- some linux issues fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-02-04 18:35:38 UTC (rev 5408)
+++ data/CVE/list       2007-02-04 18:51:33 UTC (rev 5409)
@@ -1,3 +1,7 @@
+CVE-2007-XXXX [remctl ACL bypass vulnverability]
+       - remctl 2.2-2
+CVE-2007-XXXX [ejabberd unspecified vulnerability in mod_roster_odbc]
+       - ejabberd 1.1.2-5
 CVE-2007-0688 (SQL injection vulnerability in oku.asp in Hunkaray Duyuru 
Scripti ...)
        TODO: check
 CVE-2007-0687 (SQL injection vulnerability in i-search.php in Michelle's L2J 
Dropcalc ...)
@@ -3562,7 +3566,7 @@
 CVE-2006-6061 (com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, 
and ...)
        NOT-FOR-US: Apple Mac OS X
 CVE-2006-6060 (The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, 
and ...)
-       - linux-2.6 <unfixed> (unimportant)
+       - linux-2.6 2.6.18.dfsg.1-10 (unimportant)
        NOTE: Mounting filesystem partitions should be limited to root
 CVE-2006-6059 (Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for 
NetGear ...)
        NOT-FOR-US: NetGear
@@ -3573,15 +3577,15 @@
        - linux-2.6 <unfixed> (unimportant)
        NOTE: Mounting filesystem partitions should be limited to root
 CVE-2006-6056 (Linux kernel 2.6.x up to 2.6.18 and possibly other versions, 
when ...)
-       - linux-2.6 <unfixed> (unimportant)
+       - linux-2.6 2.6.18.dfsg.1-10 (unimportant)
        NOTE: Mounting filesystem partitions should be limited to root
 CVE-2006-6055 (Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the 
D-Link ...)
        NOT-FOR-US: D-Link
 CVE-2006-6054 (The ext2 file system code in Linux kernel 2.6.x allows local 
users to ...)
-       - linux-2.6 <unfixed> (unimportant)
+       - linux-2.6 2.6.18.dfsg.1-10 (unimportant)
        NOTE: Mounting filesystem partitions should be limited to root
 CVE-2006-6053 (The ext3fs_dirhash function in Linux kernel 2.6.x allows local 
users ...)
-       - linux-2.6 <unfixed> (unimportant)
+       - linux-2.6 2.6.18.dfsg.1-10 (unimportant)
        NOTE: Mounting filesystem partitions should be limited to root
 CVE-2006-6052 (NetEpi Case Manager before 0.98 generates different error 
messages ...)
        NOT-FOR-US: NetEpi Case Manager
@@ -4069,7 +4073,7 @@
        - kfreebsd-5 <unfixed>
        [etch] - kfreebsd-5 <no-dsa> (no security support for freebsd)
 CVE-2006-5823 (The zlib_inflate function in Linux kernel 2.6.x allows local 
users to ...)
-       - linux-2.6 <unfixed> (low)
+       - linux-2.6 2.6.18.dfsg.1-10 (low)
 CVE-2006-5822 (Stack-based buffer overflow in the NetBackup bpcd daemon 
(bpcd.exe) in ...)
        NOT-FOR-US: Symantec Veritas NetBackup
 CVE-2006-5821 (Heap-based buffer overflow in the IMA_SECURE_DecryptData1 
function in ...)
@@ -4214,11 +4218,11 @@
 CVE-2006-5758 (Microsoft Windows 2000 through 2000 SP4 and Windows XP through 
SP2 ...)
        NOT-FOR-US: Microsoft
 CVE-2006-5757 (Race condition in the __find_get_block_slow function in the 
ISO9660 ...)
-       - linux-2.6 <unfixed> (low)
+       - linux-2.6 2.6.18.dfsg.1-10 (low)
 CVE-2006-5756
        RESERVED
 CVE-2006-5755 (Linux kernel before 2.6.18, when running on x86_64 systems, 
does not ...)
-       - linux-2.6 2.6.18-1
+       - linux-2.6 2.6.18.dfsg.1-10
 CVE-2006-5754 (The aio_setup_ring function in Linux kernel does not properly 
...)
        TODO: check
 CVE-2006-5753 (Unspecified vulnerability in the listxattr system call in Linux 
...)
@@ -4231,7 +4235,7 @@
 CVE-2006-5750 (Directory traversal vulnerability in the 
DeploymentFileRepository ...)
        NOT-FOR-US: JBoss
 CVE-2006-5749 (The isdn_ppp_ccp_reset_alloc_state function in 
drivers/isdn/isdn_ppp.c ...)
-       - linux-2.6 <unfixed>
+       - linux-2.6 2.6.18.dfsg.1-10
 CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine 
in ...)
        {DSA-1227-1 DSA-1225-1 DSA-1224-1}
        NOTE: MFSA-2006-65
@@ -4937,7 +4941,7 @@
 CVE-2006-5443 (Unspecified vulnerability in XIAO Gang WWW Interactive 
Mathematics ...)
        - wims 3.60-1 (bug #395102)
 CVE-2006-5442 (ViewVC 1.0.2 and earlier does not specify a charset in its HTTP 
...)
-       - viewvc <unfixed> (medium; bug #397669)
+       - viewvc 1.0.3-1 (medium; bug #397669)
 CVE-2006-5441 (PHP remote file inclusion vulnerability in adminfoot.php in 
Comdev Web ...)
        NOT-FOR-US: Comdev Web Blogger
 CVE-2006-5440 (PHP remote file inclusion vulnerability in adminfoot.php in 
Comdev ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r5409 - data/CVE

Reply via email to