[Secure-testing-commits] r3832 - data/CVE

Wed, 19 Apr 2006 11:44:09 -0700 

Author: stef-guest
Date: 2006-04-19 18:43:26 +0000 (Wed, 19 Apr 2006)
New Revision: 3832

Modified:
   data/CVE/list
Log:
some more NFUs
bugnum
oooold squid issue
claim


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-19 17:57:42 UTC (rev 3831)
+++ data/CVE/list       2006-04-19 18:43:26 UTC (rev 3832)
@@ -620,7 +620,7 @@
        NOT-FOR-US: Microsoft Windows Help 
 CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage 
...)
        - acidbase <unfixed> (bug #363548)
-       - acidlab <unfixed> (bug filed)
+       - acidlab <unfixed> (bug #363549)
 CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows 
local ...)
        NOT-FOR-US: NetBSD kernel
 CVE-2006-1588 (The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 
does not ...)
@@ -2380,27 +2380,27 @@
 CVE-2006-0821 (SQL injection vulnerability in index.php in BXCP 0.299 allows 
remote ...)
        NOT-FOR-US: BXCP
 CVE-2006-0820 (Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 
1.3.2 ...)
-       TODO: check
+       NOT-FOR-US: Dwarf HTTP Server
 CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the 
source ...)
-       TODO: check
+       NOT-FOR-US: Dwarf HTTP Server
 CVE-2006-0818
        RESERVED
 CVE-2006-0817
        RESERVED
 CVE-2006-0816 (Orion Application Server before 2.0.7, when running on Windows, 
allows ...)
-       TODO: check
+       NOT-FOR-US: Orion Application Server
 CVE-2006-0815 (NetworkActiv Web Server 3.5.15 allows remote attackers to read 
script ...)
-       TODO: check
+       NOT-FOR-US: NetworkActiv Web Server
 CVE-2006-0814 (response.c in Lighttpd 1.4.10 and possibly previous versions, 
when run ...)
-       TODO: check
+       NOT-FOR-US: Lighttpd under windows
 CVE-2006-0813 (Heap-based buffer overflow in WinACE 2.60 allows user-complicit 
...)
-       TODO: check
+       NOT-FOR-US: WinACE
 CVE-2006-0812 (The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 
...)
-       TODO: check
+       NOT-FOR-US: WinACE VisNetic AntiVirus
 CVE-2005-4727 (Cross-site scripting (XSS) vulnerability in gbook.cgi in gBook 
before ...)
-       TODO: check
+       NOT-FOR-US: gBook
 CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web 
Proxy Cache ...)
-       TODO: check
+       - squid 2.5.6
 CVE-2006-0811 (Cross-site scripting (XSS) vulnerability in reguser.php in 
Skate Board ...)
        NOT-FOR-US: Skate Board
 CVE-2006-0810 (Unspecified vulnerability in config.php in Skate Board 0.9 
allows ...)
@@ -2466,23 +2466,24 @@
 CVE-2006-0781 (Directory traversal vulnerability in weblog.pl in PerlBlog 
1.09b and ...)
        NOT-FOR-US: PerlBlog 
 CVE-2006-0780 (Multiple cross-site scripting (XSS) vulnerabilities in 
weblog.pl in ...)
-       TODO: check
+       NOT-FOR-US: PerlBlog
 CVE-2006-0779 (Cross-site scripting (XSS) vulnerability in u2u.php in XMB 
Forums ...)
-       TODO: check
+       NOT-FOR-US: XMB Forums
 CVE-2006-0778 (Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and 
earlier ...)
-       TODO: check
+       NOT-FOR-US: XMB Forums
 CVE-2006-0777 (Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 
1.0 ...)
-       TODO: check
+       NOT-FOR-US: Teca Scripts Guestex
 CVE-2006-0776 (Cross-site scripting (XSS) vulnerability in guestex.pl in Teca 
Scripts ...)
-       TODO: check
+       NOT-FOR-US: Teca Scripts Guestex
 CVE-2006-0775 (Multiple SQL injection vulnerabilities in show.php in BirthSys 
3.1 ...)
-       TODO: check
+       NOT-FOR-US: BirthSys
+begin claimed by stef-guest
 CVE-2006-0774 (SQL injection vulnerability in deleteSession() in DB_eSession 
library ...)
        TODO: check
 CVE-2006-0773 (Cross-site scripting (XSS) vulnerability in Hitachi Business 
Logic - ...)
-       TODO: check
+       NOT-FOR-US: Hitachi Business Logic
 CVE-2006-0772 (SQL injection vulnerability in Hitachi Business Logic - 
Container ...)
-       TODO: check
+       NOT-FOR-US: Hitachi Business Logic
 CVE-2006-0771 (Format string vulnerability in PunkBuster 1.180 and earlier, as 
used ...)
        TODO: check
 CVE-2006-0770 (Cross-site scripting (XSS) vulnerability in calendar.php in ...)
@@ -2513,6 +2514,7 @@
        TODO: check
 CVE-2006-0757 (Multiple eval injection vulnerabilities in HiveMail 1.3 and 
earlier ...)
        TODO: check
+end claimed by stef-guest
 CVE-2006-0756 (** DISPUTED ** ...)
        NOT-FOR-US: dotProject
 CVE-2006-0755 (** DISPUTED ** ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to