[Secure-testing-commits] r3176 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Thu Dec 29 00:57:42 UTC 2005
Author: jmm-guest
Date: 2005-12-29 00:57:37 +0000 (Thu, 29 Dec 2005)
New Revision: 3176
Modified:
data/CVE/list
Log:
more syntax conversions
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-28 09:14:21 UTC (rev 3175)
+++ data/CVE/list 2005-12-29 00:57:37 UTC (rev 3176)
@@ -21402,7 +21402,7 @@
CVE-2002-0996 (Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C ...)
NOT-FOR-US: Novell
CVE-2002-0994 (SunPCi II VNC uses a weak authentication scheme, which allows remote ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US:SunPci II VNC
CVE-2002-0993 (Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) ...)
NOT-FOR-US: HP
CVE-2002-0992 (Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced ...)
@@ -21434,51 +21434,51 @@
CVE-2002-0971 (Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to ...)
NOT-FOR-US: Microsoft Windows specific
CVE-2002-0966 (Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: 4D web server
CVE-2002-0963 (SQL injection vulnerability in comment.php for GeekLog 1.3.5 and ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: GeekLog
CVE-2002-0962 (Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: GeekLog
CVE-2002-0961 (Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Voxel Dot Net CBMS
CVE-2002-0960 (Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Voxel Dot Net CBMS
CVE-2002-0959 (Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Splatt Forum
CVE-2002-0957 (The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: BlackICE Agent
CVE-2002-0956 (BlackICE Agent 3.1.eal does not always reactivate after a system ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: BlackICE Agent
CVE-2002-0955 (Cross-site scripting vulnerability in YaBB.cgi for Yet Another ...)
NOT-FOR-US: YaBB
CVE-2002-0954 (The encryption algorithms for enable and passwd commands on Cisco PIX ...)
NOT-FOR-US: Cisco
CVE-2002-0951 (SQL injection vulnerability in Ruslan <Body>Builder allows remote ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Ruslan
CVE-2002-0950 (Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: TransWARE Active!
CVE-2002-0949 (Telindus 1100 series ADSL router allows remote attackers to gain ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Telindus ADSL router
CVE-2002-0948 (Scripts For Educators MakeBook 2.2 CGI program allows remote attackers ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: MakeBook
CVE-2002-0944 (Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: DeepMetrix LiveStats
CVE-2002-0943 (MetaCart2.sql stores the user database under the web document root ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: MetaCart
CVE-2002-0942 (Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers ...)
- NOT-FOR-US: Microsoft
+ NOT-FOR-US: Lugiment Log Explorer
CVE-2002-0940 (domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: nCipher MSCAPI
CVE-2002-0939 (The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: nCipher MSCAPI
CVE-2002-0937 (The Java Server Pages (JSP) engine in JRun allows web page owners to ...)
NOT-FOR-US: JRun
CVE-2002-0936 (The Java Server Pages (JSP) engine in Tomcat allows web page owners to ...)
- tomcat 3.2.3-1
CVE-2002-0934 (Directory traversal vulnerability in Jon Hedley AlienForm2 (typically ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Jon Hedley AlienForm2
CVE-2002-0933 (Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Datalex PLC BooktIt Consumer
CVE-2002-0932 (SQL injection vulnerability in index.php for MyHelpDesk 20020509, and ...)
NOT-FOR-US: MyHelpDesk
CVE-2002-0931 (Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and ...)
@@ -21510,13 +21510,13 @@
CVE-2002-0917 (CGIScript.net csPassword.cgi stores .htpasswd files under the web ...)
NOT-FOR-US: CGIScript.net not int Debian
CVE-2002-0915 (autorun in Xandros based Linux distributions allows local users to ...)
- NOT-FOR-US: Xandros specific
+ NOT-FOR-US: Xandros specific tool
CVE-2002-0913 (Format string vulnerability in log_doit function of Slurp NNTP client ...)
NOT-FOR-US: Slurp NNTP
CVE-2002-0912 (in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other ...)
NOTE: DSA-129
CVE-2002-0910 (Buffer overflows in netstd 3.07-17 package allows remote DNS servers ...)
- NOT-FOR-US: netstd not in Debian anymore
+ NOTE: netstd
CVE-2002-0909 (Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote ...)
NOT-FOR-US: mnews
CVE-2002-0908 (Directory traversal vulnerability in the web server for Cisco IDS ...)
@@ -21536,17 +21536,17 @@
CVE-2002-0896 (The throttle capability in Swatch may fail to report certain events if ...)
- swatch 3.0.4-1
CVE-2002-0894 (NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: NewAtlanta ServletExec
CVE-2002-0893 (Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: NewAtlanta ServletExec
CVE-2002-0888 (3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, ...)
NOT-FOR-US: 3com
CVE-2002-0886 (Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote ...)
NOT-FOR-US: Cisco
CVE-2002-0885 (Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Solaris
CVE-2002-0884 (Multiple format string vulnerabilities in in.rarpd (ARP server) on ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Solaris
CVE-2002-0883 (Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator ...)
NOT-FOR-US: Compaq
CVE-2002-0882 (The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 ...)
@@ -21628,11 +21628,11 @@
CVE-2002-0820 (FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 ...)
NOT-FOR-US: FreeBSD
CVE-2002-0819 (Format string vulnerability in artsd, when called by artswrapper, ...)
- NOT-FOR-US: artscontrol not suid root
+ - arts <not-affected> (artscontrol not suid root)
CVE-2002-0815 (The Javascript "Same Origin Policy" (SOP), as implemented in (1) ...)
- mozilla 2:1.0.0-1
CVE-2002-0812 (Information leak in Compaq WL310, and the Orinoco Residential Gateway ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Compaq hardware
CVE-2002-0811 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote ...)
NOTE: bugzilla 2.16.0-2.1
CVE-2002-0807 (Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, ...)
@@ -21640,9 +21640,9 @@
CVE-2002-0803 (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote ...)
NOTE: bugzilla 2.16.0-2.1
CVE-2002-0800 (BadBlue 1.7.0 allows remote attackers to list the contents of ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: BadBlue
CVE-2002-0799 (Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: YoungZoft
CVE-2002-0798 (Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local ...)
NOT-FOR-US: HP
CVE-2002-0797 (Buffer overflow in the MIB parsing component of mibiisa for Solaris ...)
@@ -21656,11 +21656,11 @@
CVE-2002-0791 (Novell Netware FTP server NWFTPD before 5.02r allows remote attackers ...)
NOT-FOR-US: Novell
CVE-2002-0787 (Cross-site scripting vulnerabilities in iCon administrative web server ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: iCon
CVE-2002-0786 (iCon administrative web server for Critical Path inJoin Directory ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Critical Path inJoin Directory Server
CVE-2002-0784 (Directory traversal vulnerability in Lysias Lidik web server 0.7b ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Lidik web server
CVE-2002-0783 (Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary ...)
NOT-FOR-US: Opera
CVE-2002-0782 (Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled ...)
@@ -21672,17 +21672,17 @@
CVE-2002-0779 (FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote ...)
NOT-FOR-US: Novell
CVE-2002-0775 (browse.asp in Hosting Controller allows remote attackers to view ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Hosting Controller
CVE-2002-0774 (Hosting Controller creates a default user AdvWebadmin with a default ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Hosting Controller
CVE-2002-0773 (imp_rootdir.asp for Hosting Controller allows remote attackers to copy ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Hosting Controller
CVE-2002-0772 (Directory traversal vulnerability in dsnmanager.asp for Hosting ...)
- NOT-FOR-US: no_package
+ NOT-FOR-US: Hosting Controller
CVE-2002-0771 (Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 ...)
- viewcvs 0.9.2-5
CVE-2002-0770 (Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain ...)
- NOT-FOR-US: Quake server
+ TODO: Check quake2
CVE-2002-0769 (The web-based configuration interface for the Cisco ATA 186 Analog ...)
NOT-FOR-US: Cisco
CVE-2002-0767 (simpleinit on Linux systems does not close a read/write FIFO file ...)
@@ -21724,7 +21724,7 @@
CVE-2002-0739 (Cross-site scripting in PostCalendar 3.02 allows remote attackers to ...)
NOT-FOR-US: PostCalendat
CVE-2002-0735 (Format string vulnerability in the logging() function in C-Note Squid ...)
- NOT-FOR-US: only potato was vulnerable
+ - squid <not-affected> (Historic vulnerability, fixed before Woody was released)
CVE-2002-0732 (Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote ...)
NOT-FOR-US: MyGuestbook
CVE-2002-0731 (Cross-site scripting vulnerability in demonstration scripts for ...)
More information about the Secure-testing-commits
mailing list