[Secure-testing-commits] r2911 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Dec 1 10:00:12 UTC 2005
Author: jmm-guest
Date: 2005-12-01 10:00:08 +0000 (Thu, 01 Dec 2005)
New Revision: 2911
Modified:
data/CVE/list
Log:
webcalendar CVEfied
new nufw issue
lots of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-01 09:48:12 UTC (rev 2910)
+++ data/CVE/list 2005-12-01 10:00:08 UTC (rev 2911)
@@ -32,44 +32,43 @@
RESERVED
CVE-2006-0018
REJECTED
-begin claimed by jmm
CVE-2005-3961 (WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar ...)
- TODO: check
+ - webcalendar <unfixed> (bug #341208; medium)
CVE-2005-3960 (Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: Kadu
CVE-2005-3959 (Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 ...)
- TODO: check
+ NOT-FOR-US: FreeWebStat
CVE-2005-3958 (SQL injection vulnerability in index.php in Entergal MX 2.0 allows ...)
- TODO: check
+ NOT-FOR-US: Entergal MX
CVE-2005-3957 (Unspecified vulnerability in the Trackback functionality in DotClear ...)
- TODO: check
+ NOT-FOR-US: DotClear
CVE-2005-3956 (Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 ...)
- TODO: check
+ NOT-FOR-US: DMANews
CVE-2005-3955 (Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, ...)
- TODO: check
+ NOT-FOR-US: MagpieRSS
CVE-2005-3954 (Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows ...)
- TODO: check
+ NOT-FOR-US: blogBuddies
CVE-2005-3953 (SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Bedeng PSP
CVE-2005-3952 (SQL injection vulnerability in PHP Labs Top Auction allows remote ...)
- TODO: check
+ NOT-FOR-US: PHP Labs Top Auction
CVE-2005-3951 (SQL injection vulnerability in survey.php in PHP Labs Survey Wizard ...)
- TODO: check
+ NOT-FOR-US: PHP Labs Survey Wizard
CVE-2005-3950 (nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users ...)
- TODO: check
+ - nufw <unfixed> (bug filed; medium)
CVE-2005-3949 (Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow ...)
- TODO: check
+ - webcalendar <unfixed> (bug #341208; medium)
CVE-2005-3948 (Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and ...)
- TODO: check
+ NOT-FOR-US: PHPAlbum
CVE-2005-3947 (Directory traversal vulnerability in index.php in PHP Upload Center ...)
- TODO: check
+ NOT-FOR-US: PHP Upload Center
CVE-2005-3946 (Opera 8.50 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Opera
CVE-2005-3945 (The SynAttackProtect protection in Microsoft Windows 2003 before SP1 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2005-3944 (SQL injection vulnerability in survey.php in ilyav Survey System 1.1 ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: ilyav Survey System
+begin claimed by jmm
CVE-2005-3943 (Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and ...)
TODO: check
CVE-2005-3942 (SQL injection vulnerability in knowledgebase-control.php in Orca ...)
@@ -136,6 +135,7 @@
TODO: check
CVE-2005-3911 (Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 ...)
TODO: check
+end claimed by jmm
CVE-2005-3910 (merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with ...)
TODO: check
CVE-2005-3909 (SQL injection vulnerability in merchants/index.php in Post Affiliate ...)
@@ -474,8 +474,6 @@
- phpgroupware 0.9.14.007
CVE-2004-2573 (PHP remote file include vulnerability in tables_update.inc.php in ...)
- phpgroupware 0.9.14.007
-CVE-2005-XXXX [Multiple issues in webcalendar]
- - webcalendar <unfixed> (bug #341208; medium)
CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before ...)
[sarge] - kernel-source-2.6.8 2.6.8-16sarge2
CVE-2005-3847 (The handle_stop_signal function in signal.c in Linux kernel before ...)
More information about the Secure-testing-commits
mailing list