[Secure-testing-commits] r3539 - data/CVE

Stefan Fritsch Sun, 26 Feb 2006 08:12:02 -0800

Author: stef-guest
Date: 2006-02-26 16:11:28 +0000 (Sun, 26 Feb 2006)
New Revision: 3539


Modified:
   data/CVE/list
Log:
new php-auth, popfile, mambo issues
claim some more


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-02-26 15:00:56 UTC (rev 3538)
+++ data/CVE/list       2006-02-26 16:11:28 UTC (rev 3539)
@@ -1,60 +1,58 @@
 CVE-2006-0883
        RESERVED
-       
-begin claimed by stef-guest
-
 CVE-2006-0882 (Directory traversal vulnerability in include.php in Noah's 
Classifieds ...)
-       TODO: check
+       NOT-FOR-US: Noah's Classifieds
 CVE-2006-0881 (Multiple PHP remote file include vulnerabilities in 
gorum/gorumlib.php ...)
-       TODO: check
+       NOT-FOR-US: Noah's Classifieds
 CVE-2006-0880 (Multiple cross-site scripting (XSS) vulnerabilities in 
index.php in ...)
-       TODO: check
+       NOT-FOR-US: Noah's Classifieds
 CVE-2006-0879 (SQL injection vulnerability in the search tool in Noah's 
Classifieds ...)
-       TODO: check
+       NOT-FOR-US: Noah's Classifieds
 CVE-2006-0878 (Noah's Classifieds 1.3 allows remote attackers to obtain the 
...)
-       TODO: check
+       NOT-FOR-US: Noah's Classifieds
 CVE-2006-0877 (Cross-site scripting vulnerability in Easy Forum 2.5 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: Easy Forum
 CVE-2006-0876 (POPFile before 0.22.4 allows remote attackers to cause a denial 
of ...)
-       TODO: check
+       - popfile <unfixed> (bug #354464; medium)
 CVE-2006-0875 (Cross-site scripting vulnerability in ratefile.php in RunCMS 
1.3a5 ...)
-       TODO: check
+       NOT-FOR-US: runCMS
 CVE-2006-0874 (Multiple unspecified vulnerabilities in Intensive Point iUser 
...)
-       TODO: check
+       NOT-FOR-US: Intensive Point iUser Ecommerce
 CVE-2006-0873 (Absolute path traversal vulnerability in docs/showdocs.php in 
...)
-       TODO: check
+       - coppermine <itp> (bug #259206)
 CVE-2006-0872 (Directory traversal vulnerability in init.inc.php in Coppermine 
Photo ...)
-       TODO: check
+       - coppermine <itp> (bug #259206)
 CVE-2006-0871 (Unspecified vulnerability in Mambo 4.5.3, 4.5.3h, and possibly 
...)
-       TODO: check
+       - mambo <unfixed> (bug #354468)
+       NOTE: only in experimental
 CVE-2006-0870 (SQL injection vulnerability in pages.asp in Mini-Nuke CMS 
System 1.8.2 ...)
-       TODO: check
+       NOT-FOR-US: Mini-Nuke CMS
 CVE-2006-0869 (Directory traversal vulnerability in the &quot;remember 
me&quot; feature in PHP ...)
-       TODO: check
+       NOT-FOR-US: PHP PEAR LiveUser
 CVE-2006-0868 (Multiple unspecified injection vulnerabilities in unspecified 
Auth ...)
-       TODO: check
+       - php-auth <unfixed> (bug #354474)
 CVE-2006-0867 (Buffer overflow in certain versions of South River (aka SRT) 
WebDrive, ...)
-       TODO: check
+       NOT-FOR-US: WebDrive
 CVE-2006-0866 (PunBB 1.2.10 and earlier allows remote attackers to conduct 
brute ...)
-       TODO: check
+       NOT-FOR-US: PunBB 
 CVE-2006-0865 (PunBB 1.2.10 and earlier allows remote attackers to cause a 
denial of ...)
-       TODO: check
+       NOT-FOR-US: PunBB 
 CVE-2006-0864 (filescan in Global Hauri ViRobot 2.0 20050817 does not verify 
the ...)
-       TODO: check
+       NOT-FOR-US: Global Hauri ViRobot
 CVE-2006-0863 (InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote 
...)
-       TODO: check
+       NOT-FOR-US: InfoVista PortalSE
 CVE-2006-0862 (Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 
on ...)
-       TODO: check
+       NOT-FOR-US: InfoVista PortalSE
 CVE-2006-0861 (Michael Salzer Guestbox 0.6 allows remote attackers to obtain 
the ...)
-       TODO: check
+       NOT-FOR-US: Michael Salzer Guestbox
 CVE-2006-0860 (Multiple cross-site scripting (XSS) vulnerabilities in Michael 
Salzer ...)
-       TODO: check
+       NOT-FOR-US: Michael Salzer Guestbox
 CVE-2006-0859 (Michael Salzer Guestbox 0.6 allows remote attackers to post an 
admin ...)
-       TODO: check
+       NOT-FOR-US: Michael Salzer Guestbox
 CVE-2006-0858 (Unquoted Windows search path vulnerability in (1) snsmcon.exe, 
(2) the ...)
-       TODO: check
+       NOT-FOR-US: StarForce Safe'n'Sec Personal
 
-end claimed by stef-guest
+begin claimed by stef-guest
 
 CVE-2006-0857 (Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 
in e107 ...)
        TODO: check
@@ -86,6 +84,9 @@
        TODO: check
 CVE-2006-0843 (Leif M. Wright's Blog 3.5 stores the config file and other txt 
files ...)
        TODO: check
+
+end claimed by stef-guest
+
 CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 
allows ...)
        TODO: check
 CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 
1.00rc4 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3539 - data/CVE

Reply via email to