[Secure-testing-commits] r3826 - data/CVE

Stefan Fritsch Tue, 18 Apr 2006 12:44:04 -0700

Author: stef-guest
Date: 2006-04-18 19:43:06 +0000 (Tue, 18 Apr 2006)
New Revision: 3826


Modified:
   data/CVE/list
Log:
doomsday itp
sysklogd issue unimportant

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-18 18:47:10 UTC (rev 3825)
+++ data/CVE/list       2006-04-18 19:43:06 UTC (rev 3826)
@@ -543,29 +543,31 @@
 CVE-2006-1625 (Cross-site scripting (XSS) vulnerability in 
inc/functions_post.php in ...)
        NOT-FOR-US: MyBB
 CVE-2006-1624 (The default configuration of syslogd in the Linux sysklogd 
package ...)
-       TODO: check
+       - sysklogd <unimportant>
+       NOTE: No sane person will open a network socket for syslog without 
apropriate
+       NOTE: firewall rules. The default is not to listen to the network.
 CVE-2006-1623 (Unspecified vulnerability in main.php in an unspecified 
&quot;file created ...)
-       TODO: check
+       NOT-FOR-US: FleXiBle Development
 CVE-2006-1622 (Cross-site scripting (XSS) vulnerability in PHPSelect 
linksubmit ...)
-       TODO: check
+       NOT-FOR-US: PHPSelect
 CVE-2006-1621 (Directory traversal vulnerability in 
admin/folders/saveuploadfiles.asp ...)
-       TODO: check
+       NOT-FOR-US: Hosting Controller
 CVE-2006-1620 (admin/accounts/AccountActions.asp in Hosting Controller 2002 RC 
1 ...)
-       TODO: check
+       NOT-FOR-US: Hosting Controller
 CVE-2006-1619 (IBM WebSphere Application Server 4.0.1 through 4.0.3 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: WebSphere
 CVE-2006-1618 (Format string vulnerability in the (1) Con_message and (2) 
conPrintf ...)
-       TODO: check
+       - doomsday <itp> (bug #319419)
 CVE-2006-1617 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced 
Poll ...)
-       TODO: check
+       NOT-FOR-US: Advanced Poll
 CVE-2006-1616 (Multiple SQL injection vulnerabilities in Advanced Poll 2.02 
allow ...)
-       TODO: check
+       NOT-FOR-US: Advanced Poll
 CVE-2006-1613 (Multiple SQL injection vulnerabilities in aWebNews 1.0 allow 
remote ...)
-       TODO: check
+       NOT-FOR-US: aWebNews
 CVE-2006-1612 (Multiple cross-site scripting (XSS) vulnerabilities in 
visview.php in ...)
-       TODO: check
+       NOT-FOR-US: aWebNews
 CVE-2006-1611 (Directory traversal vulnerability in KGB Archiver before 
1.1.5.22 ...)
-       TODO: check
+       NOT-FOR-US: KGB Archiver
 CVE-2006-1610 (PHP remote file inclusion vulnerability in lib/armygame.php in 
SQuery ...)
        TODO: check
 CVE-2006-1609 (Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, 
XFIT/S/ZGN, ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3826 - data/CVE

Reply via email to