[Secure-testing-commits] r3183 - data/CVE

Moritz Muehlenhoff Thu, 29 Dec 2005 17:17:22 -0800

Author: jmm-guest
Date: 2005-12-30 01:16:51 +0000 (Fri, 30 Dec 2005)
New Revision: 3183


Modified:
   data/CVE/list
Log:
new ethereal issue
new bzflag issue
electricsheep CVEfied
lots of NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2005-12-29 21:31:30 UTC (rev 3182)
+++ data/CVE/list       2005-12-30 01:16:51 UTC (rev 3183)
@@ -20,90 +20,88 @@
        RESERVED
 CVE-2006-0044
        RESERVED
-begin claimed by jmm
 CVE-2005-4585 (Unspecified vulnerability in the GTP dissector for Ethereal 
0.9.1 to ...)
-       TODO: check
+       - ethereal <unfixed> (bug filed; low)
 CVE-2005-4584 (BZFlag server 2.0.4 and earlier allows remote attackers to 
cause a ...)
-       TODO: check
+       - bzflag <unfixed> (bug filed; low)
 CVE-2005-4583 (Unspecified vulnerability in the Management Interface in VMware 
ESX ...)
-       TODO: check
+       NOT-FOR-US: VMWare
 CVE-2005-4582 (Electric Sheep 2.6.3 does not require authentication or 
integrity ...)
-       TODO: check
+       - electricsheep 2.6.3+cvs20051206-1 
 CVE-2005-4581 (Buffer overflow in Electric Sheep 2.6.3 client allows local 
users to ...)
-       TODO: check
+       - electricsheep 2.6.3+cvs20051206-1 
 CVE-2005-4580 (Cross-site scripting (XSS) vulnerability in Day Communique 4 
allows ...)
-       TODO: check
+       NOT-FOR-US: Day Communique 
 CVE-2005-4579 (Multiple HTTP response splitting vulnerabilities in Hitachi 
Business ...)
-       TODO: check
+       NOT-FOR-US: Hitachi Business Logic
 CVE-2005-4578 (Multiple SQL injection vulnerabilities in Hitachi Business 
Logic - ...)
-       TODO: check
+       NOT-FOR-US: Hitachi Business Logic
 CVE-2005-4577 (Multiple cross-site scripting (XSS) vulnerabilities in Hitachi 
...)
-       TODO: check
+       NOT-FOR-US: Hitachi Business Logic
 CVE-2005-4576 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-       TODO: check
+       NOT-FOR-US: Fatwire Update Engine
 CVE-2005-4575 (PaperThin CommonSpot Content Server 4.5 and earlier allow 
remote ...)
-       TODO: check
+       NOT-FOR-US: CommonSpot Content Server
 CVE-2005-4574 (Cross-site scripting (XSS) vulnerability in loader.cfm in 
PaperThin ...)
-       TODO: check
+       NOT-FOR-US: CommonSpot Content Server
 CVE-2005-4573 (PHP remote file include vulnerability in 
plog-admin-functions.php in ...)
-       TODO: check
+       NOT-FOR-US: Plogger
 CVE-2005-4572 (Multiple SQL injection vulnerabilities in myEZshop Shopping 
Cart allow ...)
-       TODO: check
+       NOT-FOR-US: myEZshop Shopping Cart
 CVE-2005-4571 (Cross-site scripting (XSS) vulnerability in myEZshop Shopping 
Cart ...)
-       TODO: check
+       NOT-FOR-US: myEZshop Shopping Cart
 CVE-2005-4570 (The Internet Key Exchange version 1 (IKEv1) implementations in 
...)
-       TODO: check
+       NOT-FOR-US: FortiOS
 CVE-2005-4569 (Stack-based buffer overflow in index.fts in FTGate Technology 
...)
-       TODO: check
+       NOT-FOR-US: FTGate
 CVE-2005-4568 (Multiple format string vulnerabilities in FTGate Technology 
(formerly ...)
-       TODO: check
+       NOT-FOR-US: FTGate
 CVE-2005-4567 (Multiple cross-site scripting (XSS) vulnerabilities in FTGate 
...)
-       TODO: check
+       NOT-FOR-US: FTGate
 CVE-2005-4566 (Buffer overflow in the Internet Key Exchange version 1 (IKEv1) 
...)
-       TODO: check
+       NOT-FOR-US: NetVanta
 CVE-2005-4565 (Format string vulnerability in the Internet Key Exchange 
version 1 ...)
-       TODO: check
+       NOT-FOR-US: NetVanta
 CVE-2005-4564 (The Internet Key Exchange version 1 (IKEv1) implementation in 
ADTRAN ...)
-       TODO: check
+       NOT-FOR-US: NetVanta
 CVE-2005-4563 (SQL injection vulnerability in main.php in Enterprise Heart 
Enterprise ...)
-       TODO: check
+       NOT-FOR-US: Enterprise Heart Enterprise Connector
 CVE-2005-4562
        RESERVED
 CVE-2005-4561
        RESERVED
 CVE-2005-4560 (Microsoft Windows allows remote attackers to execute arbitrary 
code ...)
-       TODO: check
+       NOT-FOR-US: Windows
 CVE-2005-4559 (mail/include.html in IceWarp Web Mail 5.5.1, as used by Merak 
Mail ...)
-       TODO: check
+       NOT-FOR-US: IceWarp Web Mail
 CVE-2005-4558 (IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and 
...)
-       TODO: check
+       NOT-FOR-US: IceWarp Web Mail
 CVE-2005-4557 (dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak 
Mail ...)
-       TODO: check
+       NOT-FOR-US: IceWarp Web Mail
 CVE-2005-4556 (PHP remote file include vulnerability in IceWarp Web Mail 
5.5.1, as ...)
-       TODO: check
+       NOT-FOR-US: IceWarp Web Mail
 CVE-2005-4555 (Cross-site scripting (XSS) vulnerability in add.php in DEV web 
...)
-       TODO: check
+       NOT-FOR-US: DEV web management system
 CVE-2005-4554 (Multiple SQL injection vulnerabilities in DEV web management 
system ...)
-       TODO: check
+       NOT-FOR-US: DEV web management system
 CVE-2005-4553 (Buffer overflow in Golden FTP Server 1.92 allows remote 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: Golden FTP Server
 CVE-2005-4552 (The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC 
NetLink 2.0 ...)
-       TODO: check
+       NOT-FOR-US: Sun Solaris PC NetLink
 CVE-2005-4551 (Cross-site scripting (XSS) vulnerability in sign.php in 
codegrrl ...)
-       TODO: check
+       NOT-FOR-US: codegrrl SimpBook
 CVE-2005-4550 (The PORTAL schema in Oracle Application Server (OracleAS) 
Discussion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2005-4549 (Cross-site scripting (XSS) vulnerability in Oracle Application 
Server ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2005-4548 (SQL injection vulnerability in the &quot;user area&quot; in RWS 
Statistics ...)
-       TODO: check
+       NOT-FOR-US: RWS Statistics Counter
 CVE-2005-4547 (Cross-site scripting (XSS) vulnerability in home/search.php in 
eggblog ...)
-       TODO: check
+       NOT-FOR-US: eggblog
 CVE-2005-4546 (search.php in eggblog 2.0 allows remote attackers to obtain the 
full ...)
-       TODO: check
+       NOT-FOR-US: eggblog
 CVE-2005-4545 (Cross-site scripting (XSS) vulnerability in search.asp in 
NetDirect ...)
-       TODO: check
-end claimed by jmm
+       NOT-FOR-US: NetDirect ShopEngine 
 CVE-2005-4544
        RESERVED
 CVE-2005-4543
@@ -124,6 +122,7 @@
        RESERVED
 CVE-2005-4535
        RESERVED
+begin claimed by jmm
 CVE-2005-4533 (Argument injection vulnerability in scponlyc in scponly 4.1 and 
...)
        TODO: check
 CVE-2005-4532 (scponlyc in scponly 4.1 and earlier, when the operating system 
...)
@@ -193,6 +192,7 @@
        TODO: check
 CVE-2005-4500 (SQL injection vulnerability in MusicBox 2.3 allows remote 
attackers to ...)
        TODO: check
+end claimed by jmm
 CVE-2005-4499 (The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 
...)
        TODO: check
 CVE-2005-4498 (Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and 
earlier ...)
@@ -1256,8 +1256,6 @@
        - curl 7.15.1-1 (bug #342339; bug #342696; medium) 
        [sarge] - curl 7.13.2-2sarge4 (medium)
        [woody] - curl <not-affected> (Only curl >= 7.11 is vulnerable)
-CVE-2005-XXXX [Buffer overflows in electricsheep]
-       - electricsheep 2.6.3+cvs20051206-1 
 CVE-2005-4007 (Multiple unspecified vulnerabilities in SAPID CMS before 
1.2.3.03, ...)
        NOT-FOR-US: SAPID CMS
 CVE-2005-4006 (SAPID CMS before 1.2.3.03 allows remote attackers to bypass ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3183 - data/CVE

Reply via email to