[Secure-testing-commits] r2830 - data/CVE

Tue, 22 Nov 2005 12:49:38 -0800 

Author: stef-guest
Date: 2005-11-22 20:49:06 +0000 (Tue, 22 Nov 2005)
New Revision: 2830

Modified:
   data/CVE/list
Log:
some NFUs, claim squid

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2005-11-22 20:23:49 UTC (rev 2829)
+++ data/CVE/list       2005-11-22 20:49:06 UTC (rev 2830)
@@ -358,7 +358,7 @@
 CVE-2005-3592 (index.php CuteNews 1.4.0 and earlier allows remote attackers to 
obtain ...)
        NOT-FOR-US: CuteNews
 CVE-2005-3591 (Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and 
earlier ...)
-       - flashplugin-nonfree (bug #339290; high)
+       - flashplugin-nonfree <unfixed> (bug #339290; high)
 CVE-2005-3589 (Buffer overflow in FileZilla Server Terminal 0.9.4d may allow 
remote ...)
        NOT-FOR-US: FileZilla
 CVE-2005-3588 (SQL injection vulnerability in admin.php in Advanced Guestbook 
2.2 ...)
@@ -522,7 +522,7 @@
 CVE-2005-3509 (Multiple SQL injection vulnerabilities in JPortal allow remote 
...)
        NOT-FOR-US: JPortal
 CVE-2005-3508 (SQL injection vulnerability in showGallery.php in Gallery 
(Galerie) ...)
-       TODO: check
+       NOT-FOR-US: Tonio gallery (not the one in the gallery debian package)
 CVE-2005-3507 (Directory traversal vulnerability in CuteNews 1.4.1 allows 
remote ...)
        NOT-FOR-US: CuteNews
 CVE-2005-3506 (Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar 
Server ...)
@@ -672,9 +672,9 @@
 CVE-2003-1234 (Integer overflow in the f_count counter in FreeBSD before 4.2 
through ...)
        NOT-FOR-US: Old FreeBSD bug, should be fixed wrt the KFreeBSD port
 CVE-2002-2207 (Buffer overflow in ssldump 0.9b2 and earlier, when running in 
...)
-       TODO: check
+       - ssldump 0.9b3
 CVE-2002-2206 (The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 
allows ...)
-       TODO: check
+       NOT-FOR-US: Norton AntiVirus
 CVE-2002-2205 (Buffer overflow in Webresolve 0.1.0 and earlier allows remote 
...)
        TODO: check
 CVE-2002-2204 (The default --checksig setting in RPM Package Manager 4.0.4 
checks ...)
@@ -1252,8 +1252,10 @@
 CVE-2005-3323 (docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 
allows ...)
        - zope2.8 2.8.1-7 (bug #334055; bug #334054; high)
        - zope2.7 2.7.8-1 (bug #334055; bug #334054; high)
+begin claimed-by stef-guest
 CVE-2005-3322 (Unspecified vulnerability in Squid on SUSE Linux 9.0 allows 
remote ...)
        TODO: check
+end claimed-by stef-guest
 CVE-2005-3321 (chkstat in SuSE Linux 9.0 through 10.0 allows local users to 
modify ...)
        NOT-FOR-US: SuSE-specific tool
 CVE-2005-3320 (Cross-site scripting (XSS) vulnerability in SiteTurn Domain 
Manager ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to