svn commit: samba-web r1330 - in trunk/history: .
kseeger at samba.org
kseeger at samba.org
Thu Oct 1 05:53:07 MDT 2009
Author: kseeger
Date: 2009-10-01 05:53:07 -0600 (Thu, 01 Oct 2009)
New Revision: 1330
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba-web&rev=1330
Log:
Fix links
Karolin
Modified:
trunk/history/security.html
Changeset:
Modified: trunk/history/security.html
===================================================================
--- trunk/history/security.html 2009-10-01 09:41:21 UTC (rev 1329)
+++ trunk/history/security.html 2009-10-01 11:53:07 UTC (rev 1330)
@@ -41,7 +41,7 @@
patch 2 for Samba 3.0.36</a>
<td>Information disclosure by setuid mount.cifs</td>
<td>all releases</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906">CVE-2009-2948</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906">CVE-2009-2948</a></td>
<td><a href="/samba/security/CVE-2009-2948.html">Announcement</a></td>
</tr>
@@ -57,7 +57,7 @@
patch for Samba 3.0.36</a>
<td>Remote DoS against smbd on authenticated connections</td>
<td>all releases</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906">CVE-2009-2906</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906">CVE-2009-2906</a></td>
<td><a href="/samba/security/CVE-2009-2906.html">Announcement</a></td>
</tr>
<tr>
@@ -74,7 +74,7 @@
patch for Samba 3.0.36</a>
<td>Misconfigured /etc/passwd file may share folders unexpectedly</td>
<td>> 3.0.11</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813">CVE-2009-2813</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813">CVE-2009-2813</a></td>
<td><a href="/samba/security/CVE-2009-2813.html">Announcement</a></td>
</tr>
<tr>
@@ -89,7 +89,7 @@
patch for Samba 3.0.34</a>
<td>Uninitialized read of a data value</td>
<td>Samba 3.0.31 - 3.3.5</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888">CVE-2009-1888</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888">CVE-2009-1888</a></td>
<td><a href="/samba/security/CVE-2009-1888.html">Announcement</a></td>
</tr>
<tr>
@@ -100,7 +100,7 @@
patch for Samba 3.2.12</a>
<td>Formatstring vulnerability in smbclient</td>
<td>Samba 3.2.0 - 3.2.12</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886">CVE-2009-1886</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886">CVE-2009-1886</a></td>
<td><a href="/samba/security/CVE-2009-1886.html">Announcement</a></td>
</tr>
<tr>
@@ -111,7 +111,7 @@
patch for Samba 3.2.6</a>
<td>Potential access to "/" in setups with registry shares enabled</td>
<td>Samba 3.2.0 - 3.2.6</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022">CVE-2009-0022</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022">CVE-2009-0022</a></td>
<td><a href="/samba/security/CVE-2009-0022.html">Announcement</a></td>
</tr>
<tr>
@@ -122,7 +122,7 @@
patch for Samba 3.2.4</a></td>
<td>Potential leak of arbitrary memory contents</td>
<td>Samba 3.0.29 - 3.2.4</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314">CVE-2008-4314</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314">CVE-2008-4314</a></td>
<td><a href="/samba/security/CVE-2008-4314.html">Announcement</a></td>
</tr>
@@ -134,7 +134,7 @@
patch 2 for Samba 3.2.2</a></td>
<td>Wrong permissions of group_mapping.ldb</td>
<td>Samba 3.2.0 - 3.2.2</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789">CVE-2008-3789</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789">CVE-2008-3789</a></td>
<td><a href="/samba/security/CVE-2008-3789.html">Announcement</a></td>
</tr>
@@ -143,7 +143,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.29-CVE-2008-1105.patch">patch for Samba 3.0.29</a></td>
<td>Boundary failure when parsing SMB responses</td>
<td>Samba 3.0.0 - 3.0.29</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105">CVE-2008-1105</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105">CVE-2008-1105</a></td>
<td><a href="/samba/security/CVE-2008-1105.html">Announcement</a></td>
</tr>
@@ -152,7 +152,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.27a-CVE-2007-6015.patch">patch for Samba 3.0.27a</a></td>
<td>Remote Code Execution in Samba's nmbd (send_mailslot())</td>
<td>Samba 3.0.0 - 3.0.27a</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015">CVE-2007-6015</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015">CVE-2007-6015</a></td>
<td><a href="/samba/security/CVE-2007-6015.html">Announcement</a></td>
</tr>
@@ -161,7 +161,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-5398.patch">patch for Samba 3.0.26a</a></td>
<td>Remote Code Execution in Samba's nmbd</td>
<td>Samba 3.0.0 - 3.0.26a</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398">CVE-2007-5398</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398">CVE-2007-5398</a></td>
<td><a href="/samba/security/CVE-2007-5398.html">Announcement</a></td>
</tr>
@@ -170,7 +170,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-4572.patch">patch for Samba 3.0.26a</a></td>
<td>GETDC mailslot processing buffer overrun in nmbd</td>
<td>Samba 3.0.0 - 3.0.26a</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572">CVE-2007-4572</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572">CVE-2007-4572</a></td>
<td><a href="/samba/security/CVE-2007-4572.html">Announcement</a></td>
</tr>
@@ -179,7 +179,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.25-CVE-2007-4138.patch">patch for Samba 3.0.25</a></td>
<td>Incorrect primary group assignment for users using the rfc2307 or sfu nss info plugin.</td>
<td>Samba 3.0.25 - 3.0.25c</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138">CVE-2007-4138</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138">CVE-2007-4138</a></td>
<td><a href="/samba/security/CVE-2007-4138.html">Announcement</a></td>
</tr>
@@ -188,7 +188,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.24-CVE-2007-2447_v2.patch">patch for Samba 3.0.24</a></td>
<td>Remote Command Injection Vulnerability (Updated June 5 to include missing "c" character from INCLUDE list).</td>
<td>Samba 3.0.0 - 3.0.25rc3</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447">CVE-2007-2447</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447">CVE-2007-2447</a></td>
<td><a href="/samba/security/CVE-2007-2447.html">Announcement</a></td>
</tr>
@@ -197,7 +197,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.24-CVE-2007-2446_v2.patch">patch for Samba 3.0.24</a></td>
<td>Multiple Heap Overflows Allow Remote Code Execution (Updated May 25 to fix regression in Samba domain controller logon code).</td>
<td>Samba 3.0.0 - 3.0.25rc3</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446">CVE-2007-2446</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446">CVE-2007-2446</a></td>
<td><a href="/samba/security/CVE-2007-2446.html">Announcement</a></td>
</tr>
@@ -206,7 +206,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.24-CVE-2007-2444_v2.patch">patch for Samba 3.0.24</a></td>
<td>Local SID/Name translation bug can result in user privilege elevation (Updated May 25 to fix regression in the "force group" parameter).</td>
<td>Samba 3.0.23d - 3.0.25pre2</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444">CVE-2007-2444</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444">CVE-2007-2444</a></td>
<td><a href="/samba/security/CVE-2007-2444.html">Announcement</a></td>
</tr>
@@ -215,7 +215,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0452.patch">patch for Samba 3.0.23d</a></td>
<td>Potential Denial of Service bug in smbd</td>
<td>Samba 3.0.6 - 3.0.23d</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452">CVE-2007-0452</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452">CVE-2007-0452</a></td>
<td><a href="/samba/security/CVE-2007-0452.html">Announcement</a></td>
</tr>
@@ -224,7 +224,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0453.patch">patch for Samba 3.0.23d</a></td>
<td>Buffer overrun in NSS host lookup Winbind library on Solaris</td>
<td>Samba 3.0.21 - 3.0.23d</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453">CVE-2007-0453</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453">CVE-2007-0453</a></td>
<td><a href="/samba/security/CVE-2007-0453.html">Announcement</a></td>
</tr>
@@ -233,7 +233,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.23d-CVE-2007-0454.patch">patch for Samba 3.0.23d</a></td>
<td>Format string bug in afsacl.so VFS plugin</td>
<td>Samba 3.0.6 - 3.0.23d</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454">CVE-2007-0454</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454">CVE-2007-0454</a></td>
<td><a href="/samba/security/CVE-2007-0454.html">Announcement</a></td>
</tr>
@@ -242,7 +242,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0-CVE-2006-3403.patch">patch for Samba 3.0.1 - 3.0.22</a></td>
<td>Memory exhaustion DoS against smbd</td>
<td>Samba 3.0.1 - 3.0.22</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403">CVE-2006-3403</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403">CVE-2006-3403</a></td>
<td><a href="/samba/security/CVE-2006-3403.html">Announcement</a></td>
</tr>
@@ -252,7 +252,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.21-CVE-2006-1059.patch">patch for Samba 3.0.21[a-c]</a></td>
<td>Exposure of machine account credentials in winbind log files</td>
<td>Samba 3.0.21 - 3.0.21c</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1059">CVE-2006-1059</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1059">CVE-2006-1059</a></td>
<td><a href="/samba/security/CVE-2006-1059.html">Announcement</a></td>
</tr>
@@ -261,7 +261,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.9-CVE-2004-1154.patch">patch for Samba 3.0.9</a></td>
<td>Integer Overflow in security descriptor parsing</td>
<td>Samba 2.x, 3.0.x <= 3.0.9</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1154">CVE-2004-1154</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1154">CVE-2004-1154</a></td>
<td><a href="/samba/security/CVE-2004-1154.html">Announcement</a></td>
</tr>
@@ -271,7 +271,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.7-CVE-2004-0882.patch">patch for <=Samba 3.0.7</a></td>
<td>Buffer Overrun in smbd</td>
<td>Samba 3.0.x <= 3.0.7</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0882">CVE-2004-0882</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0882">CVE-2004-0882</a></td>
<td><a href="/samba/security/CVE-2004-0882.html">Announcement</a></td>
</tr>
@@ -280,7 +280,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.7-CVE-2004-0930.patch">patch for <=Samba 3.0.7</a></td>
<td>Remote DoS</td>
<td>Samba 3.0.x <= 3.0.7</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0930">CVE-2004-0930</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0930">CVE-2004-0930</a></td>
<td><a href="/samba/security/CVE-2004-0930.html">Announcement</a></td>
</tr>
@@ -289,7 +289,7 @@
<td><a href="/samba/ftp/stable/samba-2.2.12.tar.gz">Samba 2.2.12</a> and/or <a href="/samba/ftp/patches/security/samba-3.0.2a-reduce_name.patch">patch for <=Samba 3.0.2a</a></td>
<td>Potential arbitrary file access</td>
<td>Samba 2.2.x <=2.2.11 and Samba 3.0.x <=3.0.2a</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0815">CVE-2004-0815</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0815">CVE-2004-0815</a></td>
<td><a href="/samba/security/CVE-2004-0815.html">Announcement</a></td>
</tr>
@@ -299,7 +299,7 @@
<td><a href="/samba/ftp/patches/security/samba-3.0.5-DoS.patch">3.0.5 patch</a></td>
<td>Two DoS bugs; one affecting smbd, the other nmbd.</td>
<td>3.0.x <= 3.0.6</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0807">CVE-2004-0807</a>, <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0808">CVE-2004-0808</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0807">CVE-2004-0807</a>, <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0808">CVE-2004-0808</a></td>
<td><a href="/samba/security/CVE-2004-0807_CVE-2004-0808.html">Announcement</a></td>
</tr>
@@ -308,8 +308,8 @@
<td><a href="/samba/ftp/stable/samba-3.0.5.tar.gz">3.0.5</a></td>
<td>Two potential buffer overruns</td>
<td>>=3.0.2</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0600">CVE-2004-0600</a>,
- <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686">CVE-2004-0686</a>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0600">CVE-2004-0600</a>,
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686">CVE-2004-0686</a>
</td>
<td><a href="/samba/security/CVE-2004-0600.html">CVE-2004-0600 Announcement</a>
<a href="/samba/security/CVE-2004-0686.html">CVE-2004-0686 Announcement</a></td>
@@ -320,7 +320,7 @@
<td><a href="/samba/ftp/stable/samba-2.2.10.tar.gz">2.2.10</a></td>
<td>Buffer overrun in hash mangling method</td>
<td>all 2.2 releases</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686">CVE-2004-0686</a>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0686">CVE-2004-0686</a>
</td>
<td><a href="/samba/history/samba-2.2.10.html">release notes</a></td>
</tr>
@@ -333,7 +333,7 @@
access to a user account created by the mksmbpasswd.sh shell script.</td>
<td>>=3.0.0</td>
<td><a
- href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0082">CVE-2004-0082</a></td>
+ href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0082">CVE-2004-0082</a></td>
<td><a href="/samba/security/CVE-2004-0082.html">Announcement</a></td>
</tr>
@@ -343,8 +343,8 @@
<td>Buffer overrun condition in the SMB/CIFS packet fragment
re-assembly code.</td>
<td>all 2.0 releases and <= 2.2.8</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0196">CVE-2003-0196</a>,
- <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0201">CVE-2003-0201</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0196">CVE-2003-0196</a>,
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0201">CVE-2003-0201</a></td>
<td><a href="/samba/history/samba-2.2.8a.html">release notes</a></td>
</tr>
@@ -354,7 +354,7 @@
<td>Bug in the length checking for encrypted password change
requests from clients.</td>
<td>2.2.2 - 2.2.6</td>
- <td><a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0085">CVE-2003-0085</a></td>
+ <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0085">CVE-2003-0085</a></td>
<td><a href="/samba/history/samba-2.2.7a.html">release notes</a></td>
</tr>
More information about the samba-cvs
mailing list