[Secure-testing-commits] r3745 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Tue Apr 4 14:59:02 UTC 2006


Author: jmm-guest
Date: 2006-04-04 14:58:55 +0000 (Tue, 04 Apr 2006)
New Revision: 3745

Modified:
   data/CVE/list
Log:
NFUs
mantis sucks


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-04 14:46:23 UTC (rev 3744)
+++ data/CVE/list	2006-04-04 14:58:55 UTC (rev 3745)
@@ -1,45 +1,43 @@
-begin claimed by jmm
 CVE-2006-1586 (SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan ...)
-	TODO: check
+	NOT-FOR-US: Egypt SiteMan
 CVE-2006-1585 (Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote ...)
-	TODO: check
+	NOT-FOR-US: MonAlbum 
 CVE-2006-1584 (Unspecified vulnerability in index.php in Warcraft III Replay Parser ...)
-	TODO: check
+	NOT-FOR-US: Warcraft III Replay
 CVE-2006-1583 (Cross-site scripting (XSS) vulnerability in index.php in Warcraft III ...)
-	TODO: check
+	NOT-FOR-US: Warcraft III Replay
 CVE-2006-1582 (Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg ...)
-	TODO: check
+	NOT-FOR-US: Blank'N'Berg
 CVE-2006-1581 (Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 ...)
-	TODO: check
+	NOT-FOR-US: Blank'N'Berg
 CVE-2006-1580 (Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 ...)
-	TODO: check
+	NOT-FOR-US: Bugzero
 CVE-2006-1579 (SQL injection vulnerability in topics.php in Dynamic Bulletin Board ...)
-	TODO: check
+	NOT-FOR-US: Dynamic Bulletin Board System
 CVE-2006-1578 (Multiple SQL injection vulnerabilities in Keystone Digital Library ...)
-	TODO: check
+	NOT-FOR-US: Keystone Digital Library Suite 
 CVE-2006-1577 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	- mantis <unfixed>
 CVE-2006-1576 (Direct static code injection vulnerability in QLnews 1.2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: QLnews
 CVE-2006-1575 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
-	TODO: check
+	NOT-FOR-US: QLnews
 CVE-2006-1574 (Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, ...)
-	TODO: check
+	NOT-FOR-US: Groupmax World Wide Web et. al.
 CVE-2006-1573 (PHP remote file inclusion vulnerability in index.php in MediaSlash ...)
-	TODO: check
+	NOT-FOR-US: MediaSlash Gallery
 CVE-2006-1572 (SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Oxygen
 CVE-2006-1571 (Multiple SQL injection vulnerabilities in loginprocess.php in ...)
-	TODO: check
+	NOT-FOR-US: qliteNews
 CVE-2006-1570 (Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 ...)
-	TODO: check
+	NOT-FOR-US: Esqlanelapse 
 CVE-2006-1569 (Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote ...)
-	TODO: check
+	NOT-FOR-US: RedCMS
 CVE-2006-1568 (Multiple cross-site scripting (XSS) vulnerabilities in register.php in ...)
-	TODO: check
+	NOT-FOR-US: RedCMS
 CVE-2006-1567 (Cross-site scripting (XSS) vulnerability in searchresults.asp in ...)
-	TODO: check
-end claimed by jmm
+	NOT-FOR-US: SiteSearch Indexer
 CVE-2006-1566 (Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in ...)
 	- libtunepimp 0.4.2-3 (bug #359241; low)
 	[sarge] - libtunepimp <not-affected> (rpath not set to /tmp in Sarge)
@@ -49,6 +47,7 @@
 CVE-2006-1564 (Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for ...)
 	- subversion 1.3.0-5 (bug #359234; low)
 	[sarge] - subversion <not-affected> (No rpaths set in Sarge)
+begin claimed by jmm
 CVE-2006-1563 (Direct static code injection vulnerability in config.php in vscripts ...)
 	TODO: check
 CVE-2006-1562 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
@@ -77,6 +76,7 @@
 	RESERVED
 CVE-2006-1549
 	RESERVED
+end claimed by jmm
 CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 ...)
 	NOT-FOR-US: BEA WebLogic
 CVE-2005-4766 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 ...)




More information about the Secure-testing-commits mailing list