Author: jmm-guest
Date: 2006-03-24 14:08:20 +0000 (Fri, 24 Mar 2006)
New Revision: 3685
Modified:
data/CVE/list
Log:
new wordpress issue (fixed)
new minor zoo issue (unfixed, probably won't get fixed in stable)
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-24 13:45:39 UTC (rev 3684)
+++ data/CVE/list 2006-03-24 14:08:20 UTC (rev 3685)
@@ -197,42 +197,41 @@
- libcgi-session-perl 4.07-1
CVE-2006-1279 (CGI::Session 4.03-1 allows local users to overwrite arbitrary
files ...)
- libcgi-session-perl 4.07-1
-begin claimed by jmm
CVE-2006-1278 (SQL injection vulnerability in @1 File Store 2006.03.07 allows
remote ...)
- TODO: check
+ NOT-FOR-US: @1 File Store
CVE-2006-1277 (Cross-site scripting (XSS) vulnerability in signup.php in @1
File ...)
- TODO: check
+ NOT-FOR-US: @1 File Store
CVE-2006-1276 (admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0
allows ...)
- TODO: check
+ NOT-FOR-US: PHP SimpleNEWS
CVE-2006-1275 (GGZ Gaming Zone 0.0.12 allows remote attackers to cause a
denial of ...)
- TODO: check
+ NOT-FOR-US: GGZ Gaming Zone
CVE-2006-1274 (Classic Planer in AntiVir PersonalEdition Classic 7 does not
drop ...)
- TODO: check
+ NOT-FOR-US: Antivir
CVE-2006-1273 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Reportedly problem with a firefox addon
CVE-2006-1272 (Multiple cross-site scripting (XSS) vulnerabilities in
member.php in ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-1271 (SQL injection vulnerability in index.php in OxyNews allows
remote ...)
- TODO: check
+ NOT-FOR-US: OxyNews
CVE-2006-1270 (Multiple cross-site scripting (XSS) vulnerabilities in
zones.php in ...)
- TODO: check
+ NOT-FOR-US: Inprotect
CVE-2006-1269 (Buffer overflow in the parse function in parse.c in zoo 2.10
might ...)
- TODO: check
+ - zoo <unfixed> (low)
CVE-2006-1268 (The Internet Key Exchange implementation in Funkwerk X2300
7.2.1 ...)
- TODO: check
+ NOT-FOR-US: Funkwerk X2300
CVE-2006-1267 (Invision Power Board 2.1.4 allows remote attackers to hijack
sessions ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2006-1266 (Cross-site scripting (XSS) vulnerability in
Service_Requests.asp in ...)
- TODO: check
+ NOT-FOR-US: VPMi Enterprise
CVE-2006-1265 (SQL injection vulnerability in discussion.class.php in
xhawk.net ...)
- TODO: check
+ NOT-FOR-US: xhawk.net discussion
CVE-2006-1264 (Cross-site scripting (XSS) vulnerability in xhawk.net
discussion 2.0 ...)
- TODO: check
+ NOT-FOR-US: xhawk.net discussion
CVE-2006-1263 (Multiple cross-site scripting (XSS) vulnerabilities in
WordPress ...)
- TODO: check
+ - wordpress 2.0.2-1
CVE-2006-1262 (Multiple SQL injection vulnerabilities in ASPPortal 3.00 have
unknown ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: ASPPortal
+begin claimed by jmm
CVE-2006-1261 (Multiple cross-site scripting (XSS) vulnerabilities in
ASPPortal 3.00 ...)
TODO: check
CVE-2006-1260 (Horde Application Framework 3.0.9 allows remote attackers to
read ...)
@@ -253,6 +252,7 @@
TODO: check
CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight
Calendar (LWC) ...)
TODO: check
+end claimed by jmm
CVE-2006-1251 (greylistclean.cron in sa-exim 4.2 allows remote attackers to
delete ...)
- sa-exim 4.2.1-1 (bug #345071; bug #356301)
CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail
before 4.3 ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
