[Secure-testing-commits] r3680 - data/CVE

Fri, 24 Mar 2006 02:25:11 -0800 

Author: jmm-guest
Date: 2006-03-24 10:24:20 +0000 (Fri, 24 Mar 2006)
New Revision: 3680

Modified:
   data/CVE/list
Log:
new freeradius issue (unfixed)
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-03-24 10:20:13 UTC (rev 3679)
+++ data/CVE/list       2006-03-24 10:24:20 UTC (rev 3680)
@@ -47,7 +47,7 @@
 CVE-2006-1355 (avast! Antivirus 4.6.763 and earlier sets 
"BUILTIN\Everyone" ...)
        TODO: check
 CVE-2006-1354 (Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 
allows ...)
-       TODO: check
+       - freeradius <unfixed>
 CVE-2006-1353 (Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and 
earlier ...)
        TODO: check
 CVE-2006-1352 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 
7.0 SP6 ...)
@@ -156,44 +156,42 @@
        RESERVED
 CVE-2006-1299
        RESERVED
-begin claimed by jmm
 CVE-2006-1298 (Format string vulnerability in the Job Engine service 
(bengine.exe) in ...)
-       TODO: check
+       NOT-FOR-US: Veritas Backup
 CVE-2006-1297 (Unspecified vulnerability in Veritas Backup Exec for Windows 
Server ...)
-       TODO: check
+       NOT-FOR-US: Veritas Backup
 CVE-2006-1296 (Untrusted search path vulnerability in Beagle 0.2.2.1 might 
allow ...)
        - beagle 0.2.3-1 (bug #357392; low)
 CVE-2006-1295 (Cross-site scripting (XSS) vulnerability in recherche.php3 in 
SPIP ...)
-       TODO: check
+       NOT-FOR-US: SPIP
 CVE-2006-1294 (PHP remote file include vulnerability in PageController.php in 
...)
-       TODO: check
+       NOT-FOR-US: KnowledgebasePublisher
 CVE-2006-1293 (Cross-site scripting (XSS) vulnerability in index.php in 
Contrexx CMS ...)
-       TODO: check
+       NOT-FOR-US: Contrexx
 CVE-2006-1292 (Directory traversal vulnerability in Jim Hu and Chad Little PHP 
...)
-       TODO: check
+       NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
 CVE-2006-1291 (publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 
and ...)
-       TODO: check
+       NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
 CVE-2006-1290 (Multiple cross-site scripting (XSS) vulnerabilities in 
Milkeyway ...)
-       TODO: check
+       NOT-FOR-US: Milkeyway Captive Portal 
 CVE-2006-1289 (Multiple SQL injection vulnerabilities in Milkeyway Captive 
Portal 0.1 ...)
-       TODO: check
+       NOT-FOR-US: Milkeyway Captive Portal 
 CVE-2006-1288 (Multiple SQL injection vulnerabilities in Invision Power Board 
(IPB) ...)
-       TODO: check
+       NOT-FOR-US: Invision Power Board
 CVE-2006-1287 (Cross-site scripting (XSS) vulnerability in Invision Power 
Board (IPB) ...)
-       TODO: check
+       NOT-FOR-US: Invision Power Board
 CVE-2006-1286 (Buffer overflow in the login dialog in dbisqlc.exe in 
SQLAnywhere for ...)
-       TODO: check
+       NOT-FOR-US: Symantec Ghost
 CVE-2006-1285 (SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec 
Ghost ...)
-       TODO: check
+       NOT-FOR-US: Symantec Ghost
 CVE-2006-1284 (The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, 
as used ...)
-       TODO: check
-end claimed by jmm
+       NOT-FOR-US: Symantec Ghost
 CVE-2006-1283 (opiepasswd in One-Time Passwords in Everything (OPIE) in 
FreeBSD ...)
        TODO: check
 CVE-2006-1282 (CRLF injection vulnerability in inc/function.php in 
MyBulletinBoard ...)
-       TODO: check
+       NOT-FOR-US: MyBB
 CVE-2006-1281 (Cross-site scripting (XSS) in member.php in MyBulletinBoard 
(MyBB) ...)
-       TODO: check
+       NOT-FOR-US: MyBB
 CVE-2006-1280 (CGI::Session 4.03-1 does not set proper permissions on 
temporary files ...)
        - libcgi-session-perl 4.07-1
 CVE-2006-1279 (CGI::Session 4.03-1 allows local users to overwrite arbitrary 
files ...)
@@ -273,17 +271,17 @@
 CVE-2005-4741 (NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 
20051031 ...)
        TODO: check
 CVE-2005-4740 (IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 
allows ...)
-       TODO: check
+       NOT-FOR-US: IBM DB2
 CVE-2005-4739 (IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 
...)
-       TODO: check
+       NOT-FOR-US: IBM DB2
 CVE-2005-4738 (IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 
does not ...)
-       TODO: check
+       NOT-FOR-US: IBM DB2
 CVE-2005-4737 (IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 
allows ...)
-       TODO: check
+       NOT-FOR-US: IBM DB2
 CVE-2005-4736 (IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: IBM DB2
 CVE-2005-4735 (IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: IBM DB2
 CVE-2005-4734 (Stack-based buffer overflow in IISWebAgentIF.dll in RSA 
Authentication ...)
        TODO: check
 CVE-2005-4733 (NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 
allow ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to