[Secure-testing-commits] r3812 - data/CVE

Sat, 15 Apr 2006 02:10:33 -0700 

Author: fw
Date: 2006-04-15 09:09:55 +0000 (Sat, 15 Apr 2006)
New Revision: 3812

Modified:
   data/CVE/list
Log:
several NFUs
powersave issue (pinged maintainer)
slash issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-15 07:52:06 UTC (rev 3811)
+++ data/CVE/list       2006-04-15 09:09:55 UTC (rev 3812)
@@ -218,7 +218,7 @@
        - mozilla-thunderbird <unfixed> (low)
        NOTE: This is probably: 
https://bugzilla.mozilla.org/show_bug.cgi?id=320459
 CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 
4.0 ...)
-       TODO: check
+       NOT-FOR-US: ShopXS
 CVE-2006-1721 (Unspecified vulnerability in the CMU Cyrus Simple 
Authentication and ...)
        TODO: check
 CVE-2006-1720 (Cross-site scripting (XSS) vulnerability in search.php in 
SaphpLesson ...)
@@ -226,45 +226,47 @@
 CVE-2006-1719 (Internet Explorer 6 allows remote attackers to cause a denial 
of ...)
        TODO: check
 CVE-2006-1718 (Magus Perde Clever Copy 3.0 and earlier stores sensitive 
information ...)
-       TODO: check
+       NOT-FOR-US: Clever Copy
 CVE-2006-1717 (Cross-site scripting (XSS) vulnerability in newthread.php in 
MyBB (aka ...)
-       TODO: check
+       NOT-FOR-US: MyBB 
 CVE-2006-1716 (Cross-site scripting (XSS) vulnerability in 
inc/functions_post.php in ...)
-       TODO: check
+       NOT-FOR-US: MyBB 
 CVE-2006-1715 (Multiple directory traversal vulnerabilities in Christian 
Kindahl ...)
-       TODO: check
+       NOT-FOR-US: TUGZip
 CVE-2006-1714 (CRLF injection vulnerability in index.php in Christoph Roeder 
...)
-       TODO: check
+       NOT-FOR-US: phpMyForum
 CVE-2006-1713 (Cross-site scripting (XSS) vulnerability in index.php in 
Christoph ...)
-       TODO: check
+       NOT-FOR-US: phpMyForum
 CVE-2006-1710 (SQL injection vulnerability in admin.php in Design Nation 
DNGuestbook ...)
-       TODO: check
+       NOT-FOR-US: DNGuestbook
 CVE-2005-4784 (Multiple buffer overflows in the POSIX readdir_r function, as 
used in ...)
        TODO: check
 CVE-2005-4783 (kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does 
not ...)
-       TODO: check
+       NOT-FOR-US: NetBSD
 CVE-2005-4782 (NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the 
kernel is ...)
-       TODO: check
+       NOT-FOR-US: NetBSD
 CVE-2005-4781 (Multiple SQL injection vulnerabilities in SergiDs Top Music 
module 3.0 ...)
-       TODO: check
+       NOT-FOR-US: SergiD Top Music module
 CVE-2005-4780 (** DISPUTED ** ...)
-       TODO: check
+       NOT-FOR-US: LightHouse CMS
 CVE-2005-4779 (verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls 
NDINIT with ...)
-       TODO: check
+       NOT-FOR-US: NetBSD
 CVE-2005-4778 (The powersave daemon in SUSE Linux 10.0 before 20051007 has an 
...)
-       TODO: check
+       - powersave 0.12.7-1
+       NOTE: https://bugzilla.novell.com/show_bug.cgi?id=119628&x=18&y=11&=Find
+       TODO: Pinged maintainer.  Not clear if this bug has indeed been fixed.
 CVE-2005-4777 (Tashcom ASPEdit 2.9 stores the administration password (aka the 
FTP ...)
-       TODO: check
+       NOT-FOR-US: Tashcom ASPEdit
 CVE-2005-4776 (Integer overflow in the FreeBSD compatibility code 
(freebsd_misc.c) in ...)
-       TODO: check
+       NOT-FOR-US: NetBSD
 CVE-2005-4775 (Michael Scholz and Sebastian Stein Contineo 2.0, when the admin 
...)
-       TODO: check
+       NOT-FOR-US: Contineo
 CVE-2005-4774 (Cross-site scripting (XSS) vulnerability in Xerver 4.17 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: Xerver
 CVE-2005-4773 (The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and 
2.5.x ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2004-2656 (Multiple cross-site scripting (XSS) vulnerabilities in Slashdot 
Like ...)
-       TODO: check
+       - slash <unfixed> (medium)
 CVE-2006-XXXX [firebird local DoS]
        - firebird2 1.5.3.4870-4 (bug #362001)
 CVE-2006-1744 (Buffer overflow in pl_main.c in sail in BSDgames 2.17-7 allows 
local ...)
@@ -3181,7 +3183,7 @@
 CVE-2005-4676 (Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not 
null ...)
        TODO: check
 CVE-2003-1291 (VMware ESX Server 1.5.2 before Patch 4 allows local users to 
execute ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2006-0467 (Unspecified vulnerability in Pioneers (formerly gnocatan) 
before ...)
        {DSA-964-1}
        [woody] - gnocatan 0.6.1-5woody3


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to