Author: keescook-guest
Date: 2007-05-18 18:43:16 +0000 (Fri, 18 May 2007)
New Revision: 5879

Modified:
   data/CVE/list
Log:
NFUs: 3, unfixed: mutt wordpress, fixed: moin squirrelmail


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2007-05-18 16:16:41 UTC (rev 5878)
+++ data/CVE/list       2007-05-18 18:43:16 UTC (rev 5879)
@@ -71,7 +71,7 @@
 CVE-2007-2684
        RESERVED
 CVE-2007-2683 (Buffer overflow in Mutt 1.4.2 might allow local users to 
execute ...)
-       TODO: check
+       - mutt <unfixed> (low)
 CVE-2007-2682
        RESERVED
 CVE-2007-2681 (Directory traversal vulnerability in blogs/index.php in 
b2evolution ...)
@@ -79,7 +79,7 @@
 CVE-2007-2680 (Cross-site scripting (XSS) vulnerability in the management 
interface ...)
        NOT-FOR-US: Canon
 CVE-2007-2679 (PHP file inclusion vulnerability in index.php in Ivan Peevski 
gallery ...)
-       TODO: check
+       NOT-FOR-US: Simple PHP Scripts
 CVE-2007-2678 (Buffer overflow in the isChecked function in toolbar.dll in 
Netsprint ...)
        NOT-FOR-US: Netsprint
 CVE-2007-2677 (Multiple PHP remote file inclusion vulnerabilities in phpChess 
...)
@@ -163,7 +163,7 @@
 CVE-2007-2638 (eFileCabinet 3.3 allows remote attackers to bypass 
authentication and ...)
        NOT-FOR-US: eFileCabinet
 CVE-2007-2637 (MoinMoin before 20070507 does not properly enforce ACLs for 
calendars ...)
-       TODO: check
+       - moin 1.5.7-2 (low)
 CVE-2007-2636 (Unspecified vulnerability in phpTodo before 0.8.1 allows remote 
...)
        NOT-FOR-US: phpTodo
 CVE-2007-2635 (Unspecified vulnerability in Interchange before 5.4.2 allows 
remote ...)
@@ -183,7 +183,7 @@
 CVE-2007-2628 (PHP remote file inclusion vulnerability in include/logout.php 
in ...)
        NOT-FOR-US: PHPSecurityAdmin
 CVE-2007-2627 (Cross-site scripting (XSS) vulnerability in sidebar.php in 
WordPress, ...)
-       TODO: check
+       - wordpress <unfixed> (low)
 CVE-2007-2626 (** DISPUTED ** ...)
        NOT-FOR-US: SchoolBoard
 CVE-2007-2625 (Cross-site scripting (XSS) vulnerability in ...)
@@ -203,7 +203,7 @@
 CVE-2007-2618 (CRLF injection vulnerability in index.php in Drake CMS 0.4.0 
allows ...)
        NOT-FOR-US: Drake CMS
 CVE-2007-2617 (srsexec in Sun Remote Services (SRS) Net Connect Software Proxy 
Core ...)
-       TODO: check
+       NOT-FOR-US: Sun Solaris
 CVE-2007-2616 (Stack-based buffer overflow in the SSL version of the NMDMC.EXE 
...)
        NOT-FOR-US: Novell NetMail
 CVE-2007-2615 (Multiple PHP remote file inclusion vulnerabilities in Crie seu 
...)
@@ -219,7 +219,7 @@
 CVE-2007-2610 (Cross-site scripting (XSS) vulnerability in OpenLD before 
1.1.9, and ...)
        NOT-FOR-US: OpenLD
 CVE-2007-2609 (Multiple PHP remote file inclusion vulnerabilities in gnuedu 
1.3b2 ...)
-       TODO: check
+       NOT-FOR-US: gnuedu
 CVE-2007-2608 (PHP remote file inclusion vulnerability in ...)
        NOT-FOR-US: Miplex2
 CVE-2007-2607 (PHP remote file inclusion vulnerability in 
views/print/printbar.php in ...)
@@ -259,7 +259,7 @@
 CVE-2007-2590 (Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 
6.6.2.2, ...)
        NOT-FOR-US: Nokia
 CVE-2007-2589 (Cross-site request forgery (CSRF) vulnerability in compose.php 
in ...)
-       TODO: check
+       - squirrelmail 2:1.4.10a-1 (low)
 CVE-2003-1327 (Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and 
...)
        TODO: check
 CVE-2006-XXXX [PHP SOAP Extension HTTP Authentication Weak Nonce]


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to