[Secure-testing-commits] r3795 - data/CVE
Neil McGovern
neilm at costa.debian.org
Thu Apr 13 11:26:02 UTC 2006
Author: neilm
Date: 2006-04-13 11:25:55 +0000 (Thu, 13 Apr 2006)
New Revision: 3795
Modified:
data/CVE/list
Log:
Some NFUs
twiki potential viln.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-13 09:14:23 UTC (rev 3794)
+++ data/CVE/list 2006-04-13 11:25:55 UTC (rev 3795)
@@ -644,7 +644,7 @@
CVE-2006-1439
RESERVED
CVE-2006-1438 (Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP ...)
- TODO: check
+ NOT-FOR-US: aphpkb
CVE-2006-1437
RESERVED
CVE-2006-1436
@@ -740,49 +740,50 @@
CVE-2005-4744 (Off-by-one error in the sql_error function in sql_unixodbc.c in ...)
- freeradius 1.0.5-1
CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-1396 (Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL ...)
- TODO: check
+ NOT-FOR-US: Cholod
CVE-2006-1395 (SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message ...)
- TODO: check
+ NOT-FOR-US: Cholod
CVE-2006-1394 (Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft ...)
- TODO: check
+ NOT-FOR-US: Pubcookie
CVE-2006-1393 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
- TODO: check
+ NOT-FOR-US: Pubcookie
CVE-2006-1392 (Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in ...)
- TODO: check
+ NOT-FOR-US: Pubcookie
CVE-2006-1391 (The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web ...)
- TODO: check
+ NOT-FOR-US: Quick 'n Easy/Baby Web Server
CVE-2006-1390 (The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a ...)
NOT-FOR-US: Shortcoming of Gentoo-specific games packaging
CVE-2006-1389 (Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and ...)
- TODO: check
+ NOT-FOR-US: HP-UX
CVE-2006-1388 (Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows ...)
- TODO: check
+ NOT-FOR-US: Internet Explorer
CVE-2006-1387 (TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote ...)
- TODO: check
+ - twiki <unfixed>
+ TODO: see if fw's patch secures this in Debian
CVE-2006-1386 (The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore ...)
- TODO: check
+ - twiki <not-affected> (only affects 4.0.0 - 4.1.0, version in Debian too young)
CVE-2006-1385 (Stack-based buffer overflow in the parseTaggedData function in ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2006-1384 (Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the ...)
- TODO: check
+ NOT-FOR-US: IBM Tivoli Business Systems Manager
CVE-2006-1383 (Directory traversal vulnerability in Baby FTP Server 1.24 allows ...)
- TODO: check
+ NOT-FOR-US: Baby FTP Server
CVE-2006-1382 (PHP remote file inclusion vulnerability in impex/ImpExData.php in ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2006-1381 (Trend Micro OfficeScan 5.5, and probably other versions before 6.5, ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2006-1380 (ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2006-1379 (Trend Micro PC-cillin Internet Security 2006 14.00.1485 and ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2003-1300 (Unspecified vulnerability in Baby FTP Server versions before May 31, ...)
- TODO: check
+ NOT-FOR-US: Baby FTP Server
CVE-2003-1299 (Directory traversal vulnerability in Baby FTP Server versions before ...)
- TODO: check
+ NOT-FOR-US: Baby FTP Server
CVE-2002-2209 (Unspecified "security vulnerability" in Baby FTP Server versions ...)
- TODO: check
+ NOT-FOR-US: Baby FTP Server
CVE-2006-1378 (PasswordSafe 3.0, when running on Windows before XP, uses a weak ...)
NOT-FOR-US: PasswordSafe
CVE-2006-1377 (Cross-site scripting (XSS) vulnerability in img.php in (1) EasyMoblog ...)
More information about the Secure-testing-commits
mailing list