[Secure-testing-commits] r3831 - data/CVE

Wed, 19 Apr 2006 10:58:24 -0700 

Author: stef-guest
Date: 2006-04-19 17:57:42 +0000 (Wed, 19 Apr 2006)
New Revision: 3831

Modified:
   data/CVE/list
Log:
some more NFUs; bugnum

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-19 17:26:00 UTC (rev 3830)
+++ data/CVE/list       2006-04-19 17:57:42 UTC (rev 3831)
@@ -619,7 +619,7 @@
 CVE-2006-1591 (Heap-based buffer overflow in Microsoft Windows Help 
winhlp32.exe ...)
        NOT-FOR-US: Microsoft Windows Help 
 CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage 
...)
-       - acidbase <unfixed> (bug filed)
+       - acidbase <unfixed> (bug #363548)
        - acidlab <unfixed> (bug filed)
 CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows 
local ...)
        NOT-FOR-US: NetBSD kernel
@@ -712,7 +712,7 @@
 CVE-2006-1552 (ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote 
attackers to ...)
        NOT-FOR-US: Apple 
 CVE-2006-1551 (Eval injection vulnerability in pajax_call_dispatcher.php in 
PAJAX ...)
-       TODO: check
+       NOT-FOR-US: PAJAX
 CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash 
(segmentation ...)
        - php4 <unfixed> (bug #361854)
        - php5 <unfixed> (bug #361917)
@@ -1022,9 +1022,9 @@
 CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's 
PHP ...)
        NOT-FOR-US: aphpkb
 CVE-2006-1437 (UPOINT @1 Event Publisher stores sensitive information under 
the web ...)
-       TODO: check
+       NOT-FOR-US: UPOINT
 CVE-2006-1436 (Multiple cross-site scripting (XSS) vulnerabilities in UPOINT 
@1 Event ...)
-       TODO: check
+       NOT-FOR-US: UPOINT
 CVE-2006-1435 (Cross-site scripting (XSS) vulnerability in genmessage.php in 
...)
        NOT-FOR-US: Accounting Receiving and Inventory Administration (ARIA), 
different from debian aria
 CVE-2006-1434 (Cross-site scripting (XSS) vulnerability in inscription.php in 
...)
@@ -2342,6 +2342,7 @@
        - mantis <unfixed>
 CVE-2006-0839 (The frag3 preprocessor in Sourcefire Snort 2.4.3 does not 
properly ...)
        TODO: check
+       NOTE: frag3 is only in 2.4, currently there is 2.3.3 in sid
 CVE-2006-0838 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext 
...)
        NOT-FOR-US: Tivoli
 CVE-2006-0837 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has 
world-readable ...)
@@ -2349,35 +2350,35 @@
 CVE-2006-0836 (Mozilla Thunderbird 1.5 allows user-complicit attackers to 
cause an ...)
        - mozilla-thunderbird <unfixed>
 CVE-2006-0835 (SQL injection vulnerability in dropbase.php in MitriDAT Web 
Calendar ...)
-       TODO: check
+       NOT-FOR-US: MitriDAT Web Calendar
 CVE-2006-0834 (Uniden UIP1868P VoIP Telephone and Router has a default 
password of ...)
-       TODO: check
+       NOT-FOR-US: Uniden UIP1868P VoIP Telephone
 CVE-2006-0833 (Multiple cross-site scripting (XSS) vulnerabilities in 
Barracuda ...)
-       TODO: check
+       NOT-FOR-US: Barracuda Directory
 CVE-2006-0832 (Multiple SQL injection vulnerabilities in admin.asp in WPC.easy 
allow ...)
-       TODO: check
+       NOT-FOR-US: WPC.easy
 CVE-2006-0831 (PHP remote file include vulnerability in index.php in Tasarim 
Rehberi ...)
-       TODO: check
+       NOT-FOR-US: Tasarim Rehberi
 CVE-2006-0830 (The scripting engine in Internet Explorer allows remote 
attackers to ...)
        NOT-FOR-US: Microsoft
 CVE-2006-0829 (Cross-site scripting vulnerability in E-Blah Platinum 9.7 
allows ...)
-       TODO: check
+       NOT-FOR-US: E-Blah Platinum
 CVE-2006-0828 (Unspecified vulnerability in ESS/ Network Controller and 
MicroServer ...)
-       TODO: check
+       NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
 CVE-2006-0827 (Cross-site scripting vulnerability in ESS/ Network Controller 
and ...)
-       TODO: check
+       NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
 CVE-2006-0826 (Unspecified vulnerability in ESS/ Network Controller and 
MicroServer ...)
-       TODO: check
+       NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
 CVE-2006-0825 (Multiple unspecified vulnerabilities in ESS/ Network Controller 
and ...)
-       TODO: check
+       NOT-FOR-US: Xerox WorkCentre / ESS/ Network Controller
 CVE-2006-0824 (Multiple unspecified vulnerabilities in lib-common.php in 
Geeklog ...)
-       TODO: check
+       NOT-FOR-US: Geeklog
 CVE-2006-0823 (Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 
...)
-       TODO: check
+       NOT-FOR-US: Geeklog
 CVE-2006-0822 (Unspecified vulnerability in EmuLinker Kaillera Server before 
0.99.17 ...)
-       TODO: check
+       NOT-FOR-US: EmuLinker Kaillera Server
 CVE-2006-0821 (SQL injection vulnerability in index.php in BXCP 0.299 allows 
remote ...)
-       TODO: check
+       NOT-FOR-US: BXCP
 CVE-2006-0820 (Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 
1.3.2 ...)
        TODO: check
 CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the 
source ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to