[Secure-testing-commits] r3832 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Wed Apr 19 18:43:33 UTC 2006
Author: stef-guest
Date: 2006-04-19 18:43:26 +0000 (Wed, 19 Apr 2006)
New Revision: 3832
Modified:
data/CVE/list
Log:
some more NFUs
bugnum
oooold squid issue
claim
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-04-19 17:57:42 UTC (rev 3831)
+++ data/CVE/list 2006-04-19 18:43:26 UTC (rev 3832)
@@ -620,7 +620,7 @@
NOT-FOR-US: Microsoft Windows Help
CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage ...)
- acidbase <unfixed> (bug #363548)
- - acidlab <unfixed> (bug filed)
+ - acidlab <unfixed> (bug #363549)
CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows local ...)
NOT-FOR-US: NetBSD kernel
CVE-2006-1588 (The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not ...)
@@ -2380,27 +2380,27 @@
CVE-2006-0821 (SQL injection vulnerability in index.php in BXCP 0.299 allows remote ...)
NOT-FOR-US: BXCP
CVE-2006-0820 (Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 ...)
- TODO: check
+ NOT-FOR-US: Dwarf HTTP Server
CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source ...)
- TODO: check
+ NOT-FOR-US: Dwarf HTTP Server
CVE-2006-0818
RESERVED
CVE-2006-0817
RESERVED
CVE-2006-0816 (Orion Application Server before 2.0.7, when running on Windows, allows ...)
- TODO: check
+ NOT-FOR-US: Orion Application Server
CVE-2006-0815 (NetworkActiv Web Server 3.5.15 allows remote attackers to read script ...)
- TODO: check
+ NOT-FOR-US: NetworkActiv Web Server
CVE-2006-0814 (response.c in Lighttpd 1.4.10 and possibly previous versions, when run ...)
- TODO: check
+ NOT-FOR-US: Lighttpd under windows
CVE-2006-0813 (Heap-based buffer overflow in WinACE 2.60 allows user-complicit ...)
- TODO: check
+ NOT-FOR-US: WinACE
CVE-2006-0812 (The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server ...)
- TODO: check
+ NOT-FOR-US: WinACE VisNetic AntiVirus
CVE-2005-4727 (Cross-site scripting (XSS) vulnerability in gbook.cgi in gBook before ...)
- TODO: check
+ NOT-FOR-US: gBook
CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web Proxy Cache ...)
- TODO: check
+ - squid 2.5.6
CVE-2006-0811 (Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board ...)
NOT-FOR-US: Skate Board
CVE-2006-0810 (Unspecified vulnerability in config.php in Skate Board 0.9 allows ...)
@@ -2466,23 +2466,24 @@
CVE-2006-0781 (Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and ...)
NOT-FOR-US: PerlBlog
CVE-2006-0780 (Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in ...)
- TODO: check
+ NOT-FOR-US: PerlBlog
CVE-2006-0779 (Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums ...)
- TODO: check
+ NOT-FOR-US: XMB Forums
CVE-2006-0778 (Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier ...)
- TODO: check
+ NOT-FOR-US: XMB Forums
CVE-2006-0777 (Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 ...)
- TODO: check
+ NOT-FOR-US: Teca Scripts Guestex
CVE-2006-0776 (Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts ...)
- TODO: check
+ NOT-FOR-US: Teca Scripts Guestex
CVE-2006-0775 (Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 ...)
- TODO: check
+ NOT-FOR-US: BirthSys
+begin claimed by stef-guest
CVE-2006-0774 (SQL injection vulnerability in deleteSession() in DB_eSession library ...)
TODO: check
CVE-2006-0773 (Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - ...)
- TODO: check
+ NOT-FOR-US: Hitachi Business Logic
CVE-2006-0772 (SQL injection vulnerability in Hitachi Business Logic - Container ...)
- TODO: check
+ NOT-FOR-US: Hitachi Business Logic
CVE-2006-0771 (Format string vulnerability in PunkBuster 1.180 and earlier, as used ...)
TODO: check
CVE-2006-0770 (Cross-site scripting (XSS) vulnerability in calendar.php in ...)
@@ -2513,6 +2514,7 @@
TODO: check
CVE-2006-0757 (Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier ...)
TODO: check
+end claimed by stef-guest
CVE-2006-0756 (** DISPUTED ** ...)
NOT-FOR-US: dotProject
CVE-2006-0755 (** DISPUTED ** ...)
More information about the Secure-testing-commits
mailing list