[Secure-testing-commits] r3036 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Wed Dec 14 09:51:00 UTC 2005
Author: jmm-guest
Date: 2005-12-14 09:50:56 +0000 (Wed, 14 Dec 2005)
New Revision: 3036
Modified:
data/CVE/list
Log:
four of the horde XSS issues have been CVEfied,
MITRE seems to have missed turba, I've pinged them
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-14 09:36:36 UTC (rev 3035)
+++ data/CVE/list 2005-12-14 09:50:56 UTC (rev 3036)
@@ -66,25 +66,27 @@
NOT-FOR-US: MyBB
CVE-2005-4198 (SQL injection vulnerability in index.php in Netref 3.0 allows remote ...)
NOT-FOR-US: Netref
-begin claimed by jmm
CVE-2005-4197 (tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Nortel SSL VPN
CVE-2005-4196 (Multiple cross-site scripting (XSS) vulnerabilities in Scout Portal ...)
- TODO: check
+ NOT-FOR-US: Scout Portal Toolkit
CVE-2005-4195 (Multiple SQL injection vulnerabilities in Scout Portal Toolkit (SPT) ...)
- TODO: check
+ NOT-FOR-US: Scout Portal Toolkit
CVE-2005-4194 (Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming ...)
- TODO: check
+ NOT-FOR-US: Sights 'n Sounds Streaming Media Server
CVE-2005-4193 (Cross-site scripting (XSS) vulnerability in UseBB before 0.7 allows ...)
- TODO: check
+ NOT-FOR-US: UseBB
+CVE-2005-XXXX [XSS in Turba]
+ - turba2 <unfixed> (bug #342946; medium)
+ NOTE: CVE requested
CVE-2005-4192 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ - mnemo2 <unfixed> (bug #342944; medium)
CVE-2005-4191 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ - nag2 <unfixed> (bug #342945; medium)
CVE-2005-4190 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Framework ...)
- TODO: check
+ - horde3 <unfixed> (bug #342942; medium)
CVE-2005-4189 (Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith ...)
- TODO: check
+ - kronolith <unfixed> (bug #342943; medium)
CVE-2005-4188
RESERVED
CVE-2005-4187
@@ -106,32 +108,31 @@
CVE-2005-4179
RESERVED
CVE-2005-4177 (Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book ...)
- TODO: check
+ NOT-FOR-US: Magic Book Personal and Professional
CVE-2005-4176 (AWARD Bios Modular 4.50pg does not clear the keyboard buffer after ...)
- TODO: check
+ NOT-FOR-US: AWARD BIOS
CVE-2005-4175 (Insyde BIOS V190 does not clear the keyboard buffer after reading the ...)
- TODO: check
+ NOT-FOR-US: Insyde BIOS
CVE-2005-4174 (eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4173 (eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4172 (eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4171 (The "Upload new image" command in the "Manage Images" eFiction 1.1, ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4170 (SQL injection vulnerability in eFiction 1.1 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4169 (Multiple SQL injection vulnerabilities in eFiction 1.0 allow remote ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4168 (Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4167 (Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 ...)
- TODO: check
+ NOT-FOR-US: eFiction
CVE-2005-4166 (Cross-site scripting (XSS) vulnerability in password.asp in DUWare ...)
- TODO: check
+ NOT-FOR-US: DUportal
CVE-2005-4165 (Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: ASP-DEV ASP Resources Forum
CVE-2005-XXXX [Another fib_lookup DoS]
- linux-2.6 <unfixed>
CVE-2005-XXXX [DoS in i82365 driver]
@@ -185,16 +186,6 @@
NOT-FOR-US: Lyris ListManager
CVE-2005-4142 (The web interface for subscribing new users in Lyris ListManager 5.0 ...)
NOT-FOR-US: Lyris ListManager
-CVE-2005-XXXX [Multiple issues in Horde]
- - horde3 <unfixed> (bug #342942; medium)
-CVE-2005-XXXX [XSS in Kronolith]
- - kronolith <unfixed> (bug #342943; medium)
-CVE-2005-XXXX [XSS in Mnemo]
- - mnemo2 <unfixed> (bug #342944; medium)
-CVE-2005-XXXX [XSS in Nag]
- - nag2 <unfixed> (bug #342945; medium)
-CVE-2005-XXXX [XSS in Turba]
- - turba2 <unfixed> (bug #342946; medium)
CVE-2005-4141 (Multiple SQL injection vulnerabilities in ASPMForum allow remote ...)
NOT-FOR-US: ASPMForum
CVE-2005-4140 (SQL injection vulnerability in admin/login/index.php in Website Baker ...)
More information about the Secure-testing-commits
mailing list