diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2005-11-23 14:15:28 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2005-11-23 14:15:28 +0000 |
commit | 6ecfebbec9dc5c05dceb68e5b85f150a5f10ed92 (patch) | |
tree | ccadc4afab28f80451265aafb3e1c6bb58ea472e | |
parent | 8444dd8285344d6da5766230c7310e74697d0d68 (diff) |
convert aug 2003 to the new DSA format
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2842 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/1999.list | 1 | ||||
-rw-r--r-- | data/CVE/2002.list | 1 | ||||
-rw-r--r-- | data/CVE/2003.list | 16 | ||||
-rw-r--r-- | data/DSA/list | 38 |
4 files changed, 32 insertions, 24 deletions
diff --git a/data/CVE/1999.list b/data/CVE/1999.list index 1de8c7ac6b..493d5d923b 100644 --- a/data/CVE/1999.list +++ b/data/CVE/1999.list @@ -1813,6 +1813,7 @@ CVE-1999-0999 (Microsoft SQL 7.0 server allows a remote attacker to cause a deni CVE-1999-0998 (Cisco Cache Engine allows an attacker to replace content in the cache. ...) CVE-1999-0997 (wu-ftp with FTP conversion enabled allows an attacker to execute ...) {DSA-377} + - wu-ftpd 2.6.2-15 CVE-1999-0996 (Buffer overflow in Infoseek Ultraseek search engine allows remote ...) CVE-1999-0995 (Windows NT Local Security Authority (LSA) allows remote attackers to ...) CVE-1999-0994 (Windows NT with SYSKEY reuses the keystream that is used for ...) diff --git a/data/CVE/2002.list b/data/CVE/2002.list index a42a8b67d9..d1ac73f876 100644 --- a/data/CVE/2002.list +++ b/data/CVE/2002.list @@ -4122,6 +4122,7 @@ CVE-2002-0177 (Buffer overflows in icecast 1.3.11 and earlier allows remote atta CVE-2002-0165 (LogWatch 2.5 allows local users to gain root privileges via a symlink ...) CVE-2002-0164 (Vulnerability in the MIT-SHM extension of the X server on Linux ...) {DSA-380} + - xfree86 4.2.1-11 CVE-2002-0162 (LogWatch before 2.5 allows local users to execute arbitrary code via a ...) CVE-2002-0161 RESERVED diff --git a/data/CVE/2003.list b/data/CVE/2003.list index d20c536596..069dc2a7f1 100644 --- a/data/CVE/2003.list +++ b/data/CVE/2003.list @@ -1056,20 +1056,27 @@ CVE-2003-0781 (Unknown vulnerability in ecartis before 1.0.0 does not properly . - ecartis 1.0.0+cvs.20030911 CVE-2003-0780 (Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL ...) {DSA-381} + - mysql-dfsg 4.0.15-1 CVE-2003-0779 (SQL injection vulnerability in the Call Detail Record (CDR) logging ...) - asterisk 0.7.0 CVE-2003-0778 (saned in sane-backends 1.0.7 and earlier, and possibly later versions, ...) {DSA-379} + - sane-backends 1.0.11-1 CVE-2003-0777 (saned in sane-backends 1.0.7 and earlier, when debug messages are ...) {DSA-379} + - sane-backends 1.0.11-1 CVE-2003-0776 (saned in sane-backends 1.0.7 and earlier does not properly "check the ...) {DSA-379} + - sane-backends 1.0.11-1 CVE-2003-0775 (saned in sane-backends 1.0.7 and earlier calls malloc with an ...) {DSA-379} + - sane-backends 1.0.11-1 CVE-2003-0774 (saned in sane-backends 1.0.7 and earlier does not quickly handle ...) {DSA-379} + - sane-backends 1.0.11-1 CVE-2003-0773 (saned in sane-backends 1.0.7 and earlier does not check the IP address ...) {DSA-379} + - sane-backends 1.0.11-1 CVE-2003-0772 (Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated ...) NOT-FOR-US: WS_FTP server CVE-2003-0771 (Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary ...) @@ -1159,6 +1166,7 @@ CVE-2003-0731 (CiscoWorks Common Management Foundation (CMF) 2.1 and earlier all NOT-FOR-US: cisco CVE-2003-0730 (Multiple integer overflows in the font libraries for XFree86 4.3.0 ...) {DSA-380} + - xfree86 4.2.1-12 CVE-2003-0729 (Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to ...) NOT-FOR-US: tellurian tftpdNT CVE-2003-0728 (Horde before 2.2.4 allows remote malicious web sites to steal session ...) @@ -1207,8 +1215,10 @@ CVE-2003-0707 (Buffer overflow in LinuxNode (node) before 0.3.2 allows remote .. {DSA-375} CVE-2003-0706 (Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote ...) {DSA-378} + - mah-jong 1.5.6-2 CVE-2003-0705 (Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers ...) {DSA-378} + - mah-jong 1.5.6-2 CVE-2003-0704 (KisMAC before 0.05d trusts user-supplied variables when chown'ing ...) NOT-FOR-US: KisMAC for Mac OS X CVE-2003-0703 (KisMAC before 0.05d trusts user-supplied variables to load arbitrary ...) @@ -1230,11 +1240,15 @@ CVE-2003-0696 (The getipnodebyname() API in AIX 5.1 and 5.2 does not properly cl NOT-FOR-US: AIX CVE-2003-0695 (Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow ...) {DSA-383 DSA-382} + - openssh 1:3.7.1 + TODO: openssh-krb5: Screwy changelog does not make sense. Filed bug. CVE-2003-0694 (The prescan function in Sendmail 8.12.9 allows remote attackers to ...) {DSA-384} + - sendmail 8.12.10-1 CVE-2003-0693 (A "buffer management error" in buffer_append_space of buffer.c for ...) {DSA-383 DSA-382} - openssh 1:3.6.1p2-6.0 + TODO: openssh-krb5: Screwy changelog does not make sense. Filed bug. CVE-2003-0692 (KDM in KDE 3.1.3 and earlier uses a weak session cookie generation ...) {DSA-388} - kdebase 4:3.2 @@ -1261,8 +1275,10 @@ CVE-2003-0683 (NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in CVE-2003-0682 ("Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a ...) {DSA-383 DSA-382} - openssh 1:3.6.1p2-9 + TODO: ssh-krb5: Screwy changelog does not make sense. Filed bug. CVE-2003-0681 (A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, ...) {DSA-384} + - sendmail 8.12.10-1 CVE-2003-0680 (Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow ...) NOT-FOR-US: SGI IRIX CVE-2003-0679 (Unknown vulnerability in the libcpr library for the Checkpoint/Restart ...) diff --git a/data/DSA/list b/data/DSA/list index b4b93eb751..bea82288af 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -2062,43 +2062,33 @@ [woody] - hztty 2.0-5.2woody1 [17 Sep 2003] DSA-384 sendmail - buffer overflows {CVE-2003-0681 CVE-2003-0694} - - sendmail 8.12.10-1 + [woody] - sendmail 8.12.3-6.6 + [woody] - sendmail-wide 8.12.3+3.5Wbeta-5.5 [17 Sep 2003] DSA-383 ssh-krb5 - possible remote vulnerability - {CVE-2003-0693} - {CVE-2003-0695} - {CVE-2003-0682} - TODO: Screwy changelog does not make sense. Filed bug. + {CVE-2003-0693 CVE-2003-0695 CVE-2003-0682} + [woody] - openssh-krb5 1:3.4p1-0woody4 [16 Sep 2003] DSA-382 ssh - possible remote vulnerability - {CVE-2003-0693} - - openssh 1:3.6.1p2-6.0 - {CVE-2003-0695} - - openssh 1:3.7.1 - {CVE-2003-0682} - - openssh 1:3.6.1p2-9 + {CVE-2003-0693 CVE-2003-0695 CVE-2003-0682} + [woody] - openssh 1:3.4p1-1.woody.3 [13 Sep 2003] DSA-381 mysql - buffer overflow {CVE-2003-0780} - - mysql-dfsg 4.0.15-1 + [woody] - mysql 3.23.49-8.5 [12 Sep 2003] DSA-380 xfree86 - buffer overflows, denial of service - {CVE-2003-0063} - - xfree86 4.2.1-11 - {CVE-2003-0071} - - xfree86 4.2.1-11 - {CVE-2002-0164} - - xfree86 4.2.1-11 - {CVE-2003-0730} - - xfree86 4.2.1-12 + {CVE-2003-0063 CVE-2003-0071 CVE-2002-0164 CVE-2003-0730} + [woody] - xfree86 4.1.0-16woody1 [11 Sep 2003] DSA-379 sane-backends - several vulnerabilities {CVE-2003-0773 CVE-2003-0774 CVE-2003-0775 CVE-2003-0776 CVE-2003-0777 CVE-2003-0778} - - sane-backends 1.0.11-1 + [woody] - sane-backends 1.0.7-4 [07 Sep 2003] DSA-378 mah-jong - buffer overflows, denial of service {CVE-2003-0705 CVE-2003-0706} - - mah-jong 1.5.6-2 + [woody] - mah-jong 1.4-2 [04 Sep 2003] DSA-377 wu-ftpd - insecure program execution {CVE-1999-0997} - - wu-ftpd 2.6.2-15 + [woody] - wu-ftpd 2.6.2-3woody2 [04 Sep 2003] DSA-376 exim - buffer overflow {CVE-2003-0743} - - exim 3.36-8 + [woody] - exim 3.35-1woody2 + [woody] - exim-tls 3.35-3woody1 [29 Aug 2003] DSA-375 node - buffer overflow, format string {CVE-2003-0707 CVE-2003-0708} - node 0.3.2-1 |