Author: stef-guest
Date: 2006-04-22 14:05:52 +0000 (Sat, 22 Apr 2006)
New Revision: 3849
Modified:
data/CVE/list
Log:
a few NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-22 10:58:06 UTC (rev 3848)
+++ data/CVE/list 2006-04-22 14:05:52 UTC (rev 3849)
@@ -271,21 +271,23 @@
CVE-2006-1845 (Buffer overflow in the POP3 server in Kinesphere Corporation
EXchange ...)
TODO: check
CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2)
base-config ...)
- TODO: check
+ NOTE: seems to be a duplicate of CVE-2006-1376
+ - shadow 1:4.0.14-9 (bug #358210; bug #356939)
+ - base-config 2.68 (bug #254068; low)
CVE-2006-1843 (Cross-site scripting (XSS) vulnerability in global.php in
ShoutBOOK ...)
- TODO: check
+ NOT-FOR-US: ShoutBOOK
CVE-2006-1842 (Cross-site scripting (XSS) vulnerability in global.php in
ShoutBOOK ...)
- TODO: check
+ NOT-FOR-US: ShoutBOOK
CVE-2006-1841 (Cross-site scripting (XSS) vulnerability in search.php in
boastMachine ...)
- TODO: check
+ NOT-FOR-US: boastMachine
CVE-2006-1840 (Multiple unspecified vulnerabilities in Empire Server before
4.3.1 ...)
- TODO: check
+ NOT-FOR-US: Wolfpack Empire Server (vms-empire in Debian is a different
game)
CVE-2006-1839 (PHP remote file inclusion vulnerability in language.php in PHP
Album ...)
- TODO: check
+ NOT-FOR-US: PHP Album
CVE-2006-1838 (edit_kategorie.php in Fuju News 1.0 allows remote attackers to
bypass ...)
- TODO: check
+ NOT-FOR-US: Fuju News
CVE-2006-1837 (SQL injection vulnerability in archiv2.php in Fuju News 1.0
allows ...)
- TODO: check
+ NOT-FOR-US: Fuju News
CVE-2006-1836 (Untrusted search path vulnerability in unspecified components
in ...)
NOT-FOR-US: Symantec LiveUpdate
CVE-2006-1835 (Cross-site scripting (XSS) vulnerability in yearcal.php in
Calendarix ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
