[Secure-testing-commits] r3747 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Tue Apr 4 15:38:16 UTC 2006
Author: jmm-guest
Date: 2006-04-04 15:38:09 +0000 (Tue, 04 Apr 2006)
New Revision: 3747
Modified:
data/CVE/list
Log:
bsdgames not-affected
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-04 15:05:13 UTC (rev 3746)
+++ data/CVE/list 2006-04-04 15:38:09 UTC (rev 3747)
@@ -119,36 +119,34 @@
- libstruts1.2-java <unfixed> (bug #360551)
CVE-2006-1546 (Apache Software Foundation (ASF) Struts before 1.2.9 allows remote ...)
- libstruts1.2-java <unfixed> (bug #360551)
-begin claimed by jmm
CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php in ...)
- TODO: check
+ NOT-FOR-US: VNews
CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
- TODO: check
+ NOT-FOR-US: VNews
CVE-2006-1543 (Multiple SQL injection vulnerabilities in vscripts (aka Kuba ...)
- TODO: check
+ NOT-FOR-US: VNews
CVE-2006-1542 (Stack-based buffer overflow in Python 2.4.2 and earlier, running on ...)
- TODO: check
+ TODO: check further
CVE-2006-1541 (SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and ...)
- TODO: check
+ NOT-FOR-US: EzASPSite
CVE-2006-1540 (Microsoft Office 2002 (aka Office XP) allows user-complicit attackers ...)
NOT-FOR-US: Microsoft
CVE-2006-1539 (Multiple buffer overflows in the checkscores function in scores.c in ...)
- TODO: check
+ - bsdgames <not-affected> (Gentoo specific flaw)
CVE-2006-1538 (The Enova X-Wall ASIC encrypts with a key obtained via Microwire from ...)
- TODO: check
+ NOT-FOR-US: Enova X-Wall ASIC
CVE-2006-1537 (Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Craig Knudsen WebCalendar
CVE-2006-1536 (Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts ...)
- TODO: check
+ NOT-FOR-US: Phoetux.net PhxContacts
CVE-2006-1535 (Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net ...)
- TODO: check
+ NOT-FOR-US: Phoetux.net PhxContacts
CVE-2006-1534 (Multiple SQL injection vulnerabilities in Null news allow remote ...)
- TODO: check
+ NOT-FOR-US: Null news
CVE-2006-1533 (SQL injection vulnerability in newsletter.php in Sourceworkshop ...)
- TODO: check
+ NOT-FOR-US: Sourceworkshop newsletter
CVE-2006-1532 (Cross-site scripting (XSS) vulnerability in search.php in PHP ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: PHP Classifieds
CVE-2006-1531
RESERVED
CVE-2006-1530
@@ -193,6 +191,7 @@
NOT-FOR-US: Microsoft
CVE-2006-1510 (Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll ...)
NOT-FOR-US: Microsoft
+begin claimed by jmm
CVE-2006-1509 (/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 ...)
TODO: check
CVE-2006-1508 (Multiple cross-site scripting (XSS) vulnerabilities in MH Software ...)
@@ -231,6 +230,7 @@
TODO: check
CVE-2005-4748 (PHP remote file include vulnerability in functions_admin.php in ...)
TODO: check
+end claimed by jmm
CVE-2006-XXXX [unixodbc rpath set to /home]
- unixodbc 2.2.11-11 (bug #358142; low)
[sarge] - unixodbc <not-affected> (rpath not set to /home in Sarge)
More information about the Secure-testing-commits
mailing list