[Secure-testing-commits] r3772 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Apr 7 10:51:33 UTC 2006
Author: jmm-guest
Date: 2006-04-07 10:51:25 +0000 (Fri, 07 Apr 2006)
New Revision: 3772
Modified:
data/CVE/list
Log:
new mantis issues
new thunderbird issues
Well, all not very new, but noone cared to check them in time
older xscreensaver issues already fixed in sarge
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-07 09:21:17 UTC (rev 3771)
+++ data/CVE/list 2006-04-07 10:51:25 UTC (rev 3772)
@@ -1500,11 +1500,11 @@
CVE-2006-0992
RESERVED
CVE-2006-0991 (Buffer overflow in the NetBackup Sharepoint Services server daemon ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2006-0990 (Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2006-0989 (Stack-based buffer overflow in the volume manager daemon (vmd) in ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2006-0988 (The default configuration of the DNS Server service on Windows Server ...)
NOT-FOR-US: MS Windows issue
CVE-2006-0987 (The default configuration of ISC BIND, when configured as a caching ...)
@@ -1729,11 +1729,13 @@
CVE-2006-0885 (Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews ...)
NOT-FOR-US: CuteNews
CVE-2006-0884 (The WYSIWYG rendering engine in Mozilla Thunderbird 1.0.7 and earlier ...)
- TODO: check
+ - mozilla-thunderbird <unfixed>
CVE-2003-1295 (Unspecified vulnerability in xscreensaver 4.12, and possibly other ...)
- TODO: check
+ - xscreensaver 4.21-1
+ NOTE: Might be fixed earlier, but I've verified that the SuSE patch is included
+ NOTE: in the Sarge version --jmm
CVE-2003-1294 (Xscreensaver before 4.15 creates temporary files insecurely in (1) ...)
- TODO: check
+ - xscreensaver 4.15-1
CVE-2006-0883 (OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not ...)
- openssh 3.8.1p1-4
[woody] - openssh <not-affected>
@@ -1823,17 +1825,17 @@
CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows ...)
TODO: check
CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 ...)
- TODO: check
+ - mantis <unfixed>
CVE-2006-0840 (manage_user_page.php in Mantis 1.00rc4 and earlier does not properly ...)
- TODO: check
+ - mantis <unfixed>
CVE-2006-0839 (The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly ...)
TODO: check
CVE-2006-0838 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext ...)
- TODO: check
+ NOT-FOR-US: Tivoli
CVE-2006-0837 (IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable ...)
- TODO: check
+ NOT-FOR-US: Tivoli
CVE-2006-0836 (Mozilla Thunderbird 1.5 allows user-complicit attackers to cause an ...)
- TODO: check
+ - mozilla-thunderbird <unfixed>
CVE-2006-0835 (SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar ...)
TODO: check
CVE-2006-0834 (Uniden UIP1868P VoIP Telephone and Router has a default password of ...)
@@ -1845,7 +1847,7 @@
CVE-2006-0831 (PHP remote file include vulnerability in index.php in Tasarim Rehberi ...)
TODO: check
CVE-2006-0830 (The scripting engine in Internet Explorer allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-0829 (Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows ...)
TODO: check
CVE-2006-0828 (Unspecified vulnerability in ESS/ Network Controller and MicroServer ...)
More information about the Secure-testing-commits
mailing list