|
Bug #66912: Asterisk vulnerabilities in chan_skinny.c and chan_sip.c
|
 CVE-2006-5444 |
|
asterisk (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #73603: remote code execution in ProFTPD
|
CVE-2006-5815 |
|
proftpd-dfsg (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #76321: improper shell quoting
|
CVE-2006-5875 |
|
enemies-of-carlotta (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #76374: MIME bypass
|
CVE-2006-6406 |
|
clamav (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #77383: vnc4 authentication bypass
|
CVE-2006-2369 |
|
vnc4 (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #78144: CVE-2006-6142 Cross site scripting in compose, draft & HTML mail viewing
|
CVE-2006-6142 |
|
squirrelmail (Ubuntu Edgy)
|
Fix released, assigned to Leonel Erlichman
|
|
Bug #78339: Universal XSS
|
CVE-2007-0045
CVE-2007-0046 |
|
acroread (Ubuntu Edgy)
|
Fix released, assigned to Daniel T Chen
|
|
Bug #78453: cacti remote injection exploit
|
CVE-2006-6799 |
|
cacti (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #78486: remote heap buffer overflow DoS/code exec
|
CVE-2006-5989 |
|
libapache-mod-auth-kerb (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #78610: URL format string injection in CDDA and VCDX plugins
|
CVE-2007-0017 |
|
vlc (Ubuntu Edgy)
|
Fix released, assigned to magilus
|
|
Bug #80569: Java 1.5.0_08 security problem
|
CVE-2007-0234
CVE-2007-0243 |
|
sun-java5 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #82003: phpmyadmin has several security bugs
|
CVE-2006-1804
CVE-2006-2031 |
|
phpmyadmin (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #83508: Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."
|
CVE-2007-0640 |
|
zabbix (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #84657: Security update for rar/unrar (CVE-2007-0855)
|
CVE-2007-0855 |
|
unrar-nonfree (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
rar (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #86908: wireshark 0.99.4 has security vulnerabilities (upgrade to wireshark 0.99.5)
|
CVE-2007-0456
CVE-2007-0457
CVE-2007-0458
CVE-2007-0459 |
|
wireshark (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #87874: overflow with long HOME environment variable
|
CVE-2007-0406 |
|
gxine (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #88981: Please update mozilla-thunderbird to 1.5.0.10
|
CVE-2007-0008
CVE-2007-0009
CVE-2007-0775
CVE-2007-0776
CVE-2007-0777 |
|
mozilla-thunderbird (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #89654: wordpress in Edgy/Dapper has an unsettlingly large number of unfixed CVEs
|
CVE-2006-4208
CVE-2006-6808
CVE-2007-0106
CVE-2007-0107
CVE-2007-0539
CVE-2007-0541
CVE-2007-1049 |
|
wordpress (Ubuntu Edgy)
|
Won't fix, assigned to William Grant
|
|
Bug #90864: Debdiff to fix CVE-2007-1263 in feisty and edgy
|
CVE-2007-1263 |
|
gpgme1.0 (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #92968: CVE-2007-1246: MPlayer DMO buffer overflow
|
CVE-2007-1246 |
|
mplayer (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #94792: Asterisk 1.2.17 fixes SIP DoS vulnerability
|
CVE-2007-1561 |
|
asterisk (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #96723: [Sync request] Sync nas (1.8-4) from Debian unstable (main)
|
CVE-2007-1543
CVE-2007-1544
CVE-2007-1545
CVE-2007-1546
CVE-2007-1547 |
|
nas (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #99062: Debdiff for CVE-2007-1253 for blender in edgy
|
CVE-2007-1253 |
|
blender (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #104944: WordPress Post_ID Parameter SQL Injection Vulnerability
|
CVE-2007-1897 |
|
wordpress (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #106006: CVE-2007-2028: vulnerable to memory exhaustion via malformed Diameter format attributes inside of an EAP-TTLS tunnel
|
CVE-2007-2028 |
|
freeradius (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #107350: pptpd freeze/disconnect
|
CVE-2007-0244 |
|
pptpd (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #107628: DoS-vulnerability in lighttpd
|
CVE-2007-1869
CVE-2007-1870 |
|
lighttpd (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #108907: Merge with 0.7-3 from debian unstable (#SA24880)
|
CVE-2007-2057 |
|
aircrack-ng (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #110066: Multiple security holes in Asterisk
|
CVE-2007-2294
CVE-2007-2297 |
|
asterisk (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #113725: Cross site scripting in HTML filter
|
CVE-2007-1262 |
|
squirrelmail (Ubuntu Edgy)
|
Fix released, assigned to Leonel Nunez
|
|
Bug #118855: CVE-2007-2948: Stack overflow in mplayer cddb handling
|
CVE-2007-2948 |
|
mplayer (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #119739: libapache-mod-jk is vulnerable to CVE-2007-1860
|
CVE-2007-1860 |
|
libapache-mod-jk (Ubuntu Edgy)
|
Fix released, assigned to Lionel Porcheron
|
|
Bug #120400: heap overflow in OpenOffice.org RTF parsing routine
|
CVE-2007-0245 |
|
openoffice.org (Ubuntu Edgy)
|
Fix released, assigned to Chris Cheney
|
|
Bug #121374: Denial of service through log injection in fail2ban
|
CVE-2006-6302 |
|
fail2ban (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #122207: vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors
|
CVE-2007-0256
CVE-2007-3316
CVE-2007-3467
CVE-2007-3468 |
|
vlc (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #124629: [CVE-2007-2838] Unsafe tmp file usage
|
CVE-2007-2838 |
|
gsambad (Ubuntu Edgy)
|
Fix released, assigned to Michael Bienia
|
|
Bug #124725: [CVE-2007-2837] Unsafe tmp file handling
|
CVE-2007-2837 |
|
fireflier (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #125180: id sequence is predictable and the same in all child processes
|
CVE-2007-3377 |
|
libnet-dns-perl (Ubuntu Edgy)
|
Fix released, assigned to Scott Kitterman
|
|
Bug #125236: Bugs in dn_expand (XS and PP) on mailformed packages
|
CVE-2007-3409 |
|
libnet-dns-perl (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #127718: lighttpd security fixes
|
CVE-2007-3946
CVE-2007-3947
CVE-2007-3948
CVE-2007-3949
CVE-2007-3950 |
|
lighttpd (Ubuntu Edgy)
|
Fix released, assigned to Áron Sisak
|
|
Bug #129771: remote IRC servers can execute arbitrary commands
|
CVE-2007-3360 |
|
ircii-pana (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #132046: SECURITY: URL handling allows remote shell command execution
|
CVE-2007-3770 |
|
xfce4-terminal (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #132161: vulnerable to CVE-2007-2165
|
CVE-2007-2165 |
|
proftpd (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
proftpd-dfsg (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #132915: WireShark versions prior to 0.99.6 vulnerability
|
CVE-2006-4574
CVE-2006-4805
CVE-2006-5468
CVE-2006-5469
CVE-2006-5740
CVE-2007-0456
CVE-2007-0457
CVE-2007-0458
CVE-2007-0459
CVE-2007-3389
CVE-2007-3390
CVE-2007-3391
CVE-2007-3392
CVE-2007-3393
CVE-2007-4721 |
|
wireshark (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #133569: regex error causes hosts to not be denied
|
CVE-2007-4323
CVE-2007-5715 |
|
denyhosts (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #136302: Sylpheed POP3 Format String Vulnerability
|
CVE-2007-2958 |
|
claws-mail (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
sylpheed (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
sylpheed-claws (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
sylpheed-claws-gtk2 (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #136687: buffer overflow in w_read function (possible DoS and execution of arbitary code)
|
CVE-2007-3791 |
|
postfix-policyd (Ubuntu Edgy)
|
Invalid by Daniel Hahler
|
|
Bug #140707: [Qt 3, Qt 4] Potential vulnerability in QUtf8Decoder
|
CVE-2007-4137 |
|
qt-x11-free (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
qt4-x11 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #140891: [mplayer] Heap overflow causes potential arbitrary code execution
|
CVE-2007-4938 |
|
kmplayer (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
mplayer (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #141378: [Security] KDM Password-less login vulnerability
|
CVE-2007-4569 |
|
kdebase (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #144425: [ImageMagick] security issues with releases prior to 6.3.5-9
|
CVE-2007-4985
CVE-2007-4986
CVE-2007-4987
CVE-2007-4988 |
|
imagemagick (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
graphicsmagick (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #147993: XSS vulnerability in dokuwiki
|
CVE-2007-3930 |
|
dokuwiki (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #148940: [X font server] integer overflow and heap corruption vulnerability
|
CVE-2007-4568 |
|
xfs (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #149121: hpssd vulnerable to command injection
|
CVE-2007-5208 |
|
hplip (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #149616: Net::HTTPS Vulnerability
|
CVE-2007-5162
CVE-2007-5770 |
|
ruby1.8 (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
ruby1.9 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #150848: [CVE-2007-5226] dircproxy segfault on blank /me
|
CVE-2007-5226 |
|
dircproxy (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #151806: CVE-2007-5301 buffer overflow in vorbis input plugi
|
CVE-2007-5301 |
|
alsaplayer (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #151946: CVE-2007-5300 remote denial of service
|
CVE-2007-0428
CVE-2007-5300 |
|
wzdftpd (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #152069: remote-exploit by default
|
CVE-2005-3252 |
|
snort (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #152624: Buffer overflow in check_http.c (CVE-2007-5198)
|
CVE-2007-5198 |
|
nagios-plugins (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #154393: [Firefox] security update release 2.0.0.8 available from upstream
|
CVE-2006-2894
CVE-2007-1095
CVE-2007-2292
CVE-2007-3511
CVE-2007-4841
CVE-2007-5334
CVE-2007-5337
CVE-2007-5338
CVE-2007-5339
CVE-2007-5340 |
|
firefox (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #158414: denial of service in wesnoth client and server prior 1.2.7 release
|
CVE-2007-3917 |
|
wesnoth (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #160454: [pcre3] several security issues in Perl-Compatible Regular Expression library
|
CVE-2006-7227
CVE-2006-7228
CVE-2006-7230
CVE-2007-1659
CVE-2007-1660
CVE-2007-1661
CVE-2007-1662
CVE-2007-4766
CVE-2007-4767
CVE-2007-4768 |
|
pcre3 (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #161173: [CVE-2007-4476] cpio is affected by this CVE as tar.
|
CVE-2007-4476 |
|
cpio (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #162171: [CVE-2007-4752] ssh in OpenSSH before 4.7 does not properly handle...
|
CVE-2007-4752 |
|
openssh (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #162295: CVE-2007-5839: Insecure temporary file creation
|
CVE-2007-5839 |
|
ircii-pana (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #162296: CVE-2007-4584 stack based buffer overflow via long MODE command
|
CVE-2007-4584 |
|
ircii-pana (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #162351: CVE-2007-5837: Code injection through badly formatted URL
|
CVE-2007-5837 |
|
yarssr (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #162406: CVE-2007-4323: DoS via log injection
|
CVE-2007-4323
CVE-2007-5715 |
|
denyhosts (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #162511: [CVE-2007-5395] link-grammar is vulnerable
|
CVE-2007-5395 |
|
link-grammar (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #162520: [CVE-2005-4790] tomboy has an untrusted search path
|
CVE-2005-4790 |
|
tomboy (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #162543: CVE-2007-5740: format string vulnerability
|
CVE-2007-5740 |
|
perdition (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #162599: few serious security issues for phpMyAdmin
|
CVE-2006-6942
CVE-2006-6944
CVE-2007-1325
CVE-2007-1395
CVE-2007-2245
CVE-2007-5386
CVE-2007-5589
CVE-2007-5976
CVE-2007-5977
CVE-2007-6100 |
|
phpmyadmin (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #162602: [CVE-2007-5200] hugin allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
CVE-2007-5200 |
|
hugin (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #162826: [Mono] Buffer overflow in Mono 1.2.5.1 and earlier
|
CVE-2007-5197 |
|
mono (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #163042: Regression in USN 544-1 causes nmbd crash after update
|
CVE-2007-4572 |
|
samba (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #163056: CVE-2007-5933: Remote denial of service
|
CVE-2007-5933
CVE-2007-6010 |
|
pioneers (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #163257: CVE-2006-6301: DoS via log injection
|
CVE-2006-6301 |
|
denyhosts (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #163291: CVE-2006-6172: Buffer overflow in asmrp.c
|
CVE-2006-6172 |
|
mplayer (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #163492: CVE-2007-4650: Unauthorised editing of item properties
|
CVE-2007-4650 |
|
gallery2 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #163740: [CVE-2007-5707] OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash)
|
CVE-2007-5707 |
|
openldap2.2 (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
openldap2.3 (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #163832: [rails] Several vulnerabilities allowing for file disclosure and theft of user credentials
|
CVE-2007-3227
CVE-2007-5379
CVE-2007-5380
CVE-2007-6077 |
|
rails (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #163845: [python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS
|
CVE-2007-4965 |
|
python2.2 (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
python2.3 (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
python2.4 (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
python2.5 (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #164007: [net-snmp] remote Denial of Service vulnerability
|
CVE-2007-5846 |
|
net-snmp (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #164072: [CVE-2007-6035] cacti has a sql injection vulnerability
|
CVE-2007-3112
CVE-2007-3113
CVE-2007-6035 |
|
cacti (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #164501: more security issues with wireshark from 0.99.6 down to ...
|
CVE-2007-6111
CVE-2007-6112
CVE-2007-6113
CVE-2007-6114
CVE-2007-6115
CVE-2007-6116
CVE-2007-6117
CVE-2007-6118
CVE-2007-6119
CVE-2007-6120
CVE-2007-6121 |
|
wireshark (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #172260: [mysql] multiple vulnerabilities
|
CVE-2007-2583
CVE-2007-2691
CVE-2007-2692
CVE-2007-3780
CVE-2007-3781
CVE-2007-3782
CVE-2007-5925
CVE-2007-5969
CVE-2007-6303
CVE-2008-0226
CVE-2008-0227 |
|
mysql-dfsg (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
mysql-dfsg-4.1 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
mysql-dfsg-5.0 (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
mysql-dfsg-5.1 (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #172265: [feynmf] Insecure temporary file creation
|
CVE-2007-5940 |
|
feynmf (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #172277: [CVE-2007-6110] Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6
|
CVE-2007-6110 |
|
htdig (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #172518: [firefox] regression in recent update to 2.0.0.10
|
CVE-2007-5947
CVE-2007-5959
CVE-2007-5960 |
|
firefox (Ubuntu Edgy)
|
Won't fix, assigned to Alexander Sack
|
|
Bug #172783: wesnoth exploit allows others to view the content of files on a remote computer
|
CVE-2007-3917
CVE-2007-5742 |
|
wesnoth (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #173153: [CVE-2007-6061] Denial of service and deletion of an arbitrary directory tree via symlink attack
|
CVE-2007-6061 |
|
audacity (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #173164: [CVE-2007-6062] Denial of service via JOIN command without channel
|
CVE-2007-6062 |
|
ngircd (Ubuntu Edgy)
|
Invalid by William Grant
|
|
Bug #173203: [CVE-2007-6077] Potential session fixation attack
|
CVE-2007-6077 |
|
rails (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #173377: [CVE-2007-44{08,1[01]}] Various vulnerabilities in ircd-ircu before 2.10.12.06
|
CVE-2007-4408
CVE-2007-4410
CVE-2007-4411 |
|
ircd-ircu (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #173610: [asterisk] [CVE-2007-6170] missing input sanitising
|
CVE-2007-6170 |
|
asterisk (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #173881: the option "turn_cmd" can stall a computer or maybe start another application
|
CVE-2007-3917
CVE-2007-5742
CVE-2007-6201 |
|
wesnoth (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #173948: [CVE-2007-6211] sing in debian is vulnerable
|
CVE-2007-6211 |
|
sing (Ubuntu Edgy)
|
Fix released, assigned to Stephan Rügamer
|
|
Bug #174112: [openoffice.org] [CVE-2007-4575] Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)
|
CVE-2007-4575 |
|
openoffice.org (Ubuntu Edgy)
|
Won't fix, assigned to Kees Cook
|
|
Bug #174352: [CVE-2007-6239] squid-2.X and squid-3.x are vulnerable
|
CVE-2007-6239 |
|
squid (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
squid3 (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #174356: [zabbix] [CVE-2007-6210] privilege escalation
|
CVE-2007-6210 |
|
zabbix (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #174615: [heimdal] [CVE-2007-5939] possible remote vulnerability of unknown impact via an invalid username
|
CVE-2007-5939 |
|
heimdal (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #175319: [sitebar] Several remote vulnerabilities
|
CVE-2007-5491
CVE-2007-5492
CVE-2007-5692
CVE-2007-5693
CVE-2007-5694
CVE-2007-5695 |
|
sitebar (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #175505: [tomcat5] multiple vulnerabilities
|
CVE-2007-0450
CVE-2007-2449
CVE-2007-2450
CVE-2007-3382
CVE-2007-3385
CVE-2007-3386
CVE-2007-5342
CVE-2007-5461
CVE-2008-0128 |
|
tomcat5 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
tomcat5.5 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #175827: [ruby-gnome2] [CVE-2007-6183] improper input sanitizing / format string vulnerability
|
CVE-2007-6183 |
|
ruby-gnome2 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #176175: CVE-2007-6263: security vulnerability in linux-ftpd-ssl
|
CVE-2007-6263 |
|
linux-ftpd-ssl (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #176917: [centericq] [CVE-2007-3713] buffer overflow
|
CVE-2007-3713 |
|
centericq (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #176931: [lookup-el] [CVE-2007-0237] possible local symlink attack
|
CVE-2007-0237 |
|
lookup-el (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #177537: Remote Code Execution
|
CVE-2007-6335
CVE-2007-6336
CVE-2007-6337 |
|
clamav (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #180300: [typo3-src] [CVE-2007-6381] SQL injection vulnerability
|
CVE-2007-6381 |
|
typo3-src (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #180303: [peercast] [CVE-2007-6454] buffer overflow, remote vulnerability allowing DoS or arbitrary code execution
|
CVE-2007-6454 |
|
peercast (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #181416: SQL injection vulnerability in wp-includes/query.php in WordPress CVE-2007-6318
|
CVE-2007-6318 |
|
wordpress (Ubuntu Edgy)
|
Invalid by Emanuele Gentili
|
|
Bug #181720: [postgresql] multiple vulnerabilities
|
CVE-2007-3278
CVE-2007-4769
CVE-2007-4772
CVE-2007-6067
CVE-2007-6600
CVE-2007-6601 |
|
postgresql (Ubuntu Edgy)
|
Fix released, assigned to Martin Pitt
|
|
Bug #181722: [fail2ban] [CVE-2007-4321] DoS vulnerability
|
CVE-2007-4321 |
|
fail2ban (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #181830: CVE-2007-6337 Unknown impact remote attack
|
CVE-2007-6337 |
|
clamav (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #183389: [SECURITY] CVE-2007-6437 prone to denial of service attack
|
CVE-2007-6437 |
|
syslog-ng (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #185021: [mantis] [CVE-2006-6574] [CVE-2007-6611] remote vulnerabilities
|
CVE-2006-6574
CVE-2007-6611 |
|
mantis (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #185035: [scponly] [CVE-2007-6350] [CVE-2007-6415] design flaw may lead to execution of arbitrary commands
|
CVE-2007-6350
CVE-2007-6415 |
|
scponly (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #185782: Buffer overflow in GIF and IFF ILBM handling
|
CVE-2007-6697
CVE-2008-0544 |
|
sdl-image1.2 (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #186578: [libicu] [CVE-2007-4770] [CVE-2007-4771] potential execution of arbitrary code via malformed regular expressions
|
CVE-2007-4770
CVE-2007-4771 |
|
icu (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #186978: [mysql] [CVE-2008-0226] [CVE-2008-0227] buffer overflows in YaSSL
|
CVE-2007-2692
CVE-2007-6303
CVE-2007-6304
CVE-2008-0226
CVE-2008-0227 |
|
mysql-dfsg-5.0 (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #187481: [CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files
|
CVE-2008-0252 |
|
cherrypy3 (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
python-cherrypy (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #190020: Stack-based buffer overflow
|
CVE-2007-6531 |
|
xfce4-panel (Ubuntu Edgy)
|
Fix released (unassigned)
|
|
Bug #190021: Double-free vulnerability
|
CVE-2007-6532 |
|
libxfcegui4 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #191150: possible integer overflow
|
CVE-2007-6595
CVE-2008-0318 |
|
clamav (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #191196: [gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability
|
CVE-2007-2808 |
|
gnatsweb (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #191201: [phpbb2] several remote vulnerabilities
|
CVE-2006-4758
CVE-2006-6508
CVE-2006-6839
CVE-2006-6840
CVE-2006-6841
CVE-2008-0471 |
|
phpbb2 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #191205: [wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files
|
CVE-2008-0665
CVE-2008-0666 |
|
wml (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #191216: [libcdio] [CVE-2007-6613] stack-based buffer overflow
|
CVE-2007-6613 |
|
libcdio (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #191488: [mplayer] [DSA-1496-1] several buffer overflows
|
CVE-2008-0225
CVE-2008-0238
CVE-2008-0485
CVE-2008-0486
CVE-2008-0629
CVE-2008-0630 |
|
mplayer (Ubuntu Edgy)
|
Fix released, assigned to William Grant
|
|
Bug #192199: [SECURITY] CVE-2008-0783 and CVE-2008-0784
|
CVE-2008-0783
CVE-2008-0784 |
|
cacti (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #193744: [SECURITY] cacti - CVE-2008-0785 and CVE-2008-0786
|
CVE-2008-0785
CVE-2008-0786 |
|
cacti (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #194687: cacti web frontend fails with 'Invalid PHP_SELF Path' after upgrade
|
CVE-2008-0783
CVE-2008-0784 |
|
cacti (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #195688: [libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code
|
CVE-2007-2459 |
|
libimager-perl (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #195689: [splitvt] [CVE-2008-0162] privilege escalation
|
CVE-2008-0162 |
|
splitvt (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #195691: [dspam] [CVE-2007-6418] programming error leading to information disclosure
|
CVE-2007-6418 |
|
dspam (Ubuntu Edgy)
|
Fix released, assigned to Daniel Hahler
|
|
Bug #195695: [turba2] [CVE-2008-0807] programming error in permission testing
|
CVE-2008-0807 |
|
turba2 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #195696: [diatheke] [CVE-2008-0932] insufficient input sanitising
|
CVE-2008-0932 |
|
sword (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #195949: VLC Arbitrary memory overwrite in the MP4 demuxer
|
CVE-2008-0984 |
|
vlc (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #196397: [ghostscript] [CVE-2008-0411] buffer overflow in the color space handling code
|
CVE-2008-0411 |
|
ghostscript (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
gs-esp (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
gs-gpl (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #196404: [cupsys] [MDVSA-2008:050] multiple vulnerabilities
|
CVE-2008-0047
CVE-2008-0596
CVE-2008-0597
CVE-2008-0882 |
|
cupsys (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #196452: Multiple vulnerabilites in vlc prior to 0.8.6e
|
CVE-2007-6682
CVE-2007-6684
CVE-2008-0295
CVE-2008-0296
CVE-2008-0984 |
|
vlc (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #197077: 6.06 LTS: CVE-2007-6698, CVE-2008-0658
|
CVE-2007-6698
CVE-2008-0658 |
|
openldap2.2 (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #198731: [CVE-2008-1111] Failure to Handle Exceptional Conditions
|
CVE-2008-1111 |
|
lighttpd (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #198745: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
|
CVE-2008-1149 |
|
phpmyadmin (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #199118: [asterisk] [CVE-2007-6430] possibility of bypassing host based authentication by using a valid user name
|
CVE-2007-6430 |
|
asterisk (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #199338: [CVE-2008-0564] Multiple cross-site scripting (XSS) vulnerabilities in Mailman
|
CVE-2008-0564 |
|
mailman (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #200987: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable
|
CVE-2008-0983
CVE-2008-1270 |
|
lighttpd (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #201009: [mysql-dfsg-5.0] fix for several open vulnerabilities in -proposed
|
CVE-2006-7232
CVE-2007-2692
CVE-2007-6303
CVE-2008-0226
CVE-2008-0227 |
|
mysql-dfsg-5.0 (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #202422: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
|
CVE-2008-1066
CVE-2008-2720
CVE-2008-2721
CVE-2008-2722
CVE-2008-2723
CVE-2008-2724 |
|
smarty (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
gallery2 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #202758: [CVE-2008-1168] XSS in log and useragent parser
|
CVE-2008-1167
CVE-2008-1168 |
|
sarg (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #203449: [dovecot] [CVE-2008-1199, CVE-2008-1218] privilege escalation
|
CVE-2008-1199
CVE-2008-1218 |
|
dovecot (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #203450: [ldapscripts] [CVE-2007-5373] information disclosure
|
CVE-2007-5373 |
|
ldapscripts (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #203456: [horde3] [CVE-2008-1284] information disclosure
|
CVE-2008-1284 |
|
horde3 (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #203476: [libbind9] [CVE-2008-0122] off-by-one error in the inet_network function
|
CVE-2008-0122 |
|
bind9 (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #205721: CVE-2007-6341 libnet-dns-perl possible denial of service (program "croak") via a crafted DNS response.
|
CVE-2007-6341 |
|
libnet-dns-perl (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #207284: [CVE-2008-1489] buffer overflow in MP4 demuxer in vlc 0.8.6e
|
CVE-2008-1489 |
|
vlc (Ubuntu Edgy)
|
Won't fix, assigned to Emanuele Gentili
|
|
Bug #209627: lighttpd (security) ssl fix
|
CVE-2008-1531 |
|
lighttpd (Ubuntu Edgy)
|
Fix released, assigned to Emanuele Gentili
|
|
Bug #210124: [asterisk] several vulnerabilities
|
CVE-2008-1289
CVE-2008-1332
CVE-2008-1333 |
|
asterisk (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #210155: various outstanding security updates in mozilla universe packages (as of 1.8.1.13)
|
CVE-2007-4879
CVE-2008-1233
CVE-2008-1235
CVE-2008-1236
CVE-2008-1237
CVE-2008-1238
CVE-2008-1240
CVE-2008-1241 |
|
iceape (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
seamonkey (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
xulrunner (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #210175: [openssh] [CVE-2008-1483] allows local users to hijack forwarded X connections
|
CVE-2008-1483 |
|
openssh (Ubuntu Edgy)
|
Fix released, assigned to Kees Cook
|
|
Bug #210718: CVE-2008-1373: CUPS GIF image filter overflow
|
CVE-2006-4484
CVE-2007-4045
CVE-2007-6697
CVE-2008-0053
CVE-2008-0553
CVE-2008-0554
CVE-2008-1373 |
|
cupsys (Ubuntu Edgy)
|
Fix released, assigned to Jamie Strandboge
|
|
Bug #212088: [CVE-2008-1467] remote command execution via crafted URL
|
CVE-2008-1467 |
|
centericq (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
centerim (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #212196: [CVE-2008-1468] XSS vulnerability via UTF-7 encoded input
|
CVE-2008-1468 |
|
namazu2 (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #212211: [CVE-2008-1502] XSS
|
CVE-2008-1502 |
|
egroupware (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #212601: [CVE-2008-1558] arbitrary code execution via uncontrolled array index
|
CVE-2008-1558
CVE-2008-3827 |
|
mplayer (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #213570: kvm vulnerable to several CVEs
|
CVE-2007-1320
CVE-2007-1321
CVE-2007-1322
CVE-2007-1323
CVE-2007-1366
CVE-2007-2893
CVE-2007-5729
CVE-2007-5730
CVE-2008-0928 |
|
kvm (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
qemu (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #214980: [pdns-recursor] [CVE-2008-1637] cache poisoning vulnerability
|
CVE-2008-1637 |
|
pdns-recursor (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #216245: [CVE-2008-1614] privilege escalation via symlink attack
|
CVE-2008-1614 |
|
suphp (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #216301: [CVE-2008-0444, CVE-2008-0445] XSS and DoS
|
CVE-2008-0444
CVE-2008-0445 |
|
elog (Ubuntu Edgy)
|
Invalid (unassigned)
|
|
Bug #216591: [CVE-2008-1648] denial of service via crafted Content-Type header
|
CVE-2008-1648 |
|
sympa (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #216601: [CVE-2008-1633] unspecified vulnerability relating to use of /tmp
|
CVE-2008-1633 |
|
mondo (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #216604: [CVE-2008-1692] opens on :0 if DISPLAY not set
|
CVE-2008-1692 |
|
eterm (Ubuntu Edgy)
|
Won't fix, assigned to Emanuele Gentili
|
|
Bug #217256: ClamAV Upack Processing Buffer Overflow Vulnerability
|
CVE-2007-6596
CVE-2008-0314
CVE-2008-1100
CVE-2008-1387
CVE-2008-1833
CVE-2008-1835
CVE-2008-1836
CVE-2008-1837 |
|
clamav (Ubuntu Edgy)
|
Won't fix (unassigned)
|
|
Bug #219491: [CVE-2008-1722] CUPS integer overflows in PNG image handling (in files filter/image-{png,zoom}.c)
|
CVE-2008-1722 |
|
cupsys (Ubuntu Edgy)
|
Won't fix, assigned to Jamie Strandboge
|
