summaryrefslogtreecommitdiffstats
path: root/data/CVE/2005.list
diff options
context:
space:
mode:
Diffstat (limited to 'data/CVE/2005.list')
-rw-r--r--data/CVE/2005.list39
1 files changed, 21 insertions, 18 deletions
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 200aae0ebe..d5b0e08cad 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -1,3 +1,5 @@
+CVE-2005-10001
+ RESERVED
CVE-2005-3590 (The getgrouplist function in the GNU C library (glibc) before version ...)
- glibc 2.3.5-3
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=661
@@ -17,11 +19,11 @@ CVE-2005-XXXX [more related to CVE-2005-4890]
CVE-2005-4895 (Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools bef ...)
- google-perftools 0.7-1
CVE-2005-4894
- RESERVED
+ REJECTED
CVE-2005-4893
- RESERVED
+ REJECTED
CVE-2005-4892
- RESERVED
+ REJECTED
CVE-2005-4891 (Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL inje ...)
NOT-FOR-US: Simple Machine Forum (SMF)
CVE-2005-4890 (There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo ...)
@@ -30,7 +32,8 @@ CVE-2005-4890 (There is a possible tty hijacking in shadow 4.x before 4.1.5 and
[lenny] - shadow <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008
- sudo 1.7.4p4 (low; bug #657784)
- NOTE: sudo might be fixed earlier, use_pty present in stable
+ NOTE: sudo might be fixed earlier, use_pty present in stable. Only since 1.9.6-1~exp2
+ NOTE: use_pty is added to default configuration.
CVE-2005-4889 (lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of ...)
- rpm 4.7.0-1 (bug #584257; unimportant)
NOTE: Marking as unimportant since rpm isn't used as a package manager
@@ -754,7 +757,7 @@ CVE-2005-4584 (BZFlag server 2.0.4 and earlier allows remote attackers to cause
- bzflag 2.0.6.20060412-1 (bug #345245; low)
[sarge] - bzflag <no-dsa> (Minor DoS against a game)
CVE-2005-4583 (Unspecified vulnerability in the Management Interface in VMware ESX Se ...)
- NOT-FOR-US: VMWare
+ NOT-FOR-US: VMware
CVE-2005-4582 (Electric Sheep 2.6.3 does not require authentication or integrity chec ...)
- electricsheep 2.6.3+cvs20051206-1 (unimportant)
NOTE: Even an authenticated server might serve unwanted content, so
@@ -1027,7 +1030,7 @@ CVE-2005-4461 (SQL injection vulnerability in index.php in Beehive Forum 0.6.2 a
CVE-2005-4460 (Cross-site scripting (XSS) vulnerability in Beehive Forum 0.6.2 and ea ...)
NOT-FOR-US: Beehive Forum
CVE-2005-4459 (Heap-based buffer overflow in the NAT networking components vmnat.exe ...)
- NOT-FOR-US: VMWare
+ NOT-FOR-US: VMware
CVE-2005-4458 (Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly ...)
NOT-FOR-US: Metadot Portal Server
CVE-2005-4457 (MailEnable Enterprise 1.1 before patch ME-10009 allows remote attacker ...)
@@ -2901,7 +2904,7 @@ CVE-2005-3620 (The management interface for VMware ESX Server 2.0.x before 2.0.2
CVE-2005-3619 (Cross-site scripting (XSS) vulnerability in the management interface f ...)
NOT-FOR-US: VMware ESX
CVE-2005-3618 (Cross-site request forgery (CSRF) vulnerability in the management inte ...)
- NOT-FOR-US: VMWare ESX
+ NOT-FOR-US: VMware ESX
CVE-2005-3617
RESERVED
CVE-2005-3616
@@ -3094,9 +3097,9 @@ CVE-2005-3531 (fusermount in FUSE before 2.4.1, if installed setuid root, allows
CVE-2005-3530 (Cross-site scripting (XSS) vulnerability in Antville 1.1 allows remote ...)
NOT-FOR-US: Antville
CVE-2005-3529 (tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remo ...)
- NOT-FOR-US: TikiWiki
+ - tikiwiki <removed>
CVE-2005-3528 (Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php ...)
- NOT-FOR-US: TikiWiki
+ - tikiwiki <removed>
CVE-2005-3527 (Race condition in do_coredump in signal.c in Linux kernel 2.6 allows l ...)
- linux-2.6 2.6.14-1 (low)
- kernel-source-2.4.27 <not-affected> (Vulnerable code was introduced later)
@@ -3718,7 +3721,7 @@ CVE-2005-3285 (Cross-site scripting (XSS) vulnerability in comersus_backoffice_s
CVE-2005-3284 (Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0 ...)
NOT-FOR-US: AhnLab
CVE-2005-3283 (Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 al ...)
- NOT-FOR-US: TikiWiki
+ - tikiwiki <removed>
CVE-2005-3282 (Splatt Forum 3.0 to 3.2 allows remote attackers to bypass authenticati ...)
NOT-FOR-US: Splatt Forum
CVE-2005-3281 (Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 al ...)
@@ -4523,7 +4526,7 @@ CVE-2005-2993 (Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 U
NOT-FOR-US: HP Tru64
CVE-2005-2991 (ncompress 4.2.4 and earlier allows local users to overwrite arbitrary ...)
- ncompress <not-affected> (bug #329052; unimportant)
- NOTE: see bug close message, Debian's ncompress doesn't expose affected scripts
+ NOTE: see bug close message, Debian's ncompress doesn't expose affected scripts
CVE-2005-2992 (arc 5.21j and earlier allows local users to overwrite arbitrary files ...)
{DSA-843-1}
- arc 5.21m-1 (low)
@@ -4663,7 +4666,7 @@ CVE-2005-2941
CVE-2005-2940 (Unquoted Windows search path vulnerability in Microsoft Antispyware 1. ...)
NOT-FOR-US: Microsoft Antispyware
CVE-2005-2939 (Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 ...)
- NOT-FOR-US: VMWare
+ NOT-FOR-US: VMware
CVE-2005-2938 (Unquoted Windows search path vulnerability in iTunesHelper.exe in iTun ...)
NOT-FOR-US: iTunes
CVE-2005-2937
@@ -4993,7 +4996,7 @@ CVE-2005-2796 (The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 an
{DSA-809-1}
- squid 2.5.10-5 (medium)
CVE-2005-2795
- RESERVED
+ REJECTED
CVE-2005-2794 (store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to c ...)
{DSA-809-3 DSA-809-1}
- squid 2.5.10-5 (medium)
@@ -5176,7 +5179,7 @@ CVE-2005-2711 (ISS BlackIce 3.6, as used in multiple products including BlackICE
NOT-FOR-US: ISS
CVE-2005-2710 (Format string vulnerability in Real HelixPlayer and RealPlayer 10 allo ...)
{DSA-826-1}
- NOTE: see http://www.open-security.org/advisories/13
+ NOTE: see http://www.open-security.org/advisories/13
- helix-player 1.0.6-1 (bug #330364; high)
CVE-2005-2709 (The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 al ...)
{DSA-1018-1 DSA-1017-1}
@@ -5725,7 +5728,7 @@ CVE-2005-2494 (kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain ro
{DSA-815-1}
- kdebase 4:3.4.2-3 (bug #327039; medium)
CVE-2005-2493
- RESERVED
+ REJECTED
CVE-2005-2492 (The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allow ...)
- linux-2.6 2.6.12-7 (bug #327416; medium)
CVE-2005-2491 (Integer overflow in pcre_compile.c in Perl Compatible Regular Expressi ...)
@@ -7129,7 +7132,7 @@ CVE-2005-1927
CVE-2005-1926
RESERVED
CVE-2005-1925 (Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 ...)
- NOT-FOR-US: Tikiwiki
+ - tikiwiki <removed>
CVE-2005-1924 (The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote a ...)
NOT-FOR-US: External Squirrelmail plugin not packaged in Debian
CVE-2005-1923 (The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, an ...)
@@ -10621,7 +10624,7 @@ CVE-2005-0396 (Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in
CVE-2005-0395
REJECTED
CVE-2005-0394
- RESERVED
+ REJECTED
CVE-2005-0393 (The helper scripts for crip 3.5 do not properly use temporary files, w ...)
{DSA-733-1}
- crip 3.5-1sarge2 (low)
@@ -11065,7 +11068,7 @@ CVE-2005-0202 (Directory traversal vulnerability in the true_path function in pr
CVE-2005-0201 (D-BUS (dbus) before 0.22 does not properly restrict access to a socket ...)
- dbus 0.22
CVE-2005-0200 (TikiWiki before 1.8.5 does not properly validate files that have been ...)
- NOT-FOR-US: TikiWiki
+ - tikiwiki <removed>
CVE-2005-0199 (Integer underflow in the Lists_MakeMask() function in lists.c in ngIRC ...)
NOT-FOR-US: ngIRCd
CVE-2005-0197 (Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Labe ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy