[Secure-testing-commits] r2903 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Wed Nov 30 15:59:12 UTC 2005


Author: jmm-guest
Date: 2005-11-30 15:59:07 +0000 (Wed, 30 Nov 2005)
New Revision: 2903

Modified:
   data/CVE/list
Log:
six phpgroupware issues already fixed
astats issue already fixed by removal from the archive


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2005-11-30 14:41:53 UTC (rev 2902)
+++ data/CVE/list	2005-11-30 15:59:07 UTC (rev 2903)
@@ -216,19 +216,19 @@
 CVE-2005-3782
 	RESERVED
 CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with ...)
-	TODO: check
+	NOT-FOR-US: Linksys hardware
 CVE-2004-2605 (aStats 1.6.5 allows local users to overwrite arbitrary files via a ...)
-	TODO: check
+	- astats <removed> (bug #287604)
 CVE-2004-2604 (Cross-site scripting (XSS) vulnerability in index.php in PHProxy ...)
-	TODO: check
+	NOT-FOR-US: PHProxy
 CVE-2004-2603 (Cross-site scripting (XSS) vulnerability in the Search module in ...)
-	TODO: check
+	NOT-FOR-US: UberTec Help Center Live
 CVE-2004-2602 (PHP remote file include vulnerability in UberTec Help Center Live ...)
-	TODO: check
+	NOT-FOR-US: UberTec Help Center Live
 CVE-2004-2601 (PHP file include vulnerability in UberTec Help Center Live (HCL) ...)
-	TODO: check
+	NOT-FOR-US: UberTec Help Center Live
 CVE-2004-2600 (The firmware for Intelligent Platform Management Interface (IPMI) ...)
-	TODO: check
+	NOT-FOR-US: Intel hardware
 CVE-2004-2599 (Multiple buffer overflows in Quake II server before R1Q2, as used in ...)
 	- quake2 <unfixed> (bug #280573; low)
 	NOTE: There is a big note in the quake2 package stating that it is not secure.
@@ -248,43 +248,43 @@
 CVE-2004-2592 (Quake II server before R1Q2, as used in multiple products, allows ...)
 	- quake2 <unfixed> (bug #280573; low)
 CVE-2004-2591 (The data-overwrite capability of ButtUglySoftware CleanCache 2.19 does ...)
-	TODO: check
+	NOT-FOR-US: ButtUglySoftware CleanCache
 CVE-2004-2590 (Unspecified vulnerability in meindlSOFT Cute PHP Library (aka cphplib) ...)
-	TODO: check
+	NOT-FOR-US: meindlSOFT Cute PHP Library
 CVE-2004-2589 (Gaim before 0.82 allows remote servers to cause a denial of service ...)
-	TODO: check
+	- gaim 0.82-1 (medium)
 CVE-2004-2588 (Intentional information leak in phpinfo.php in XMB (aka extreme ...)
-	TODO: check
+	NOT-FOR-US: XMB
 CVE-2004-2587 (login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2004-2586 (Directory traversal vulnerability in frmGetAttachment.aspx in ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2004-2585 (Cross-site scripting (XSS) vulnerability in frmCompose.aspx in ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2004-2584 (frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2004-2583 (SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2004-2582 (Novell iChain 2.3 includes the build number in the VIA line of the ...)
-	TODO: check
+	NOT-FOR-US: iChain
 CVE-2004-2581 (Novell iChain 2.3 allows attackers to cause a denial of service via a ...)
-	TODO: check
+	NOT-FOR-US: iChain
 CVE-2004-2580 (Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows ...)
-	TODO: check
+	NOT-FOR-US: iChain
 CVE-2004-2579 (ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access ...)
-	TODO: check
+	NOT-FOR-US: iChain
 CVE-2004-2578 (phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) ...)
-	TODO: check
+	- phpgroupware 0.9.16.002-1
 CVE-2004-2577 (The acl_check function in phpGroupWare 0.9.16RC2 always returns True, ...)
-	TODO: check
+	- phpgroupware 0.9.14-0.RC3.1
 CVE-2004-2576 (class.vfs_dav.inc.php in phpGroupWare 0.9.16.000 does not create ...)
-	TODO: check
+	- phpgroupware 0.9.16.000.1.cvs.20040620-1
 CVE-2004-2575 (phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain ...)
-	TODO: check
+	- phpgroupware 0.9.14.007
 CVE-2004-2574 (Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare ...)
-	TODO: check
+	- phpgroupware 0.9.14.007
 CVE-2004-2573 (PHP remote file include vulnerability in tables_update.inc.php in ...)
-	TODO: check
+	- phpgroupware 0.9.14.007
 CVE-2005-XXXX [Multiple issues in webcalendar]
 	- webcalendar <unfixed> (bug filed; medium)
 CVE-2005-3848 (Memory leak in the icmp_push_reply function in Linux 2.6 before ...)




More information about the Secure-testing-commits mailing list