[Secure-testing-commits] r3863 - data/CVE

Micah Anderson micah at costa.debian.org
Sun Apr 23 14:57:20 UTC 2006


Author: micah
Date: 2006-04-23 14:57:12 +0000 (Sun, 23 Apr 2006)
New Revision: 3863

Modified:
   data/CVE/list
Log:
awstats issue, some NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-23 14:21:01 UTC (rev 3862)
+++ data/CVE/list	2006-04-23 14:57:12 UTC (rev 3863)
@@ -58,25 +58,28 @@
 	RESERVED
 	NOT-FOR-US: SolarWinds TFTP Server
 CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in ...)
-	TODO: check
+	NOT-FOR-US: PerlCoders BannerFarm
 CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and ...)
-	TODO: check
+	NOT-FOR-US: NicPlex PlexCart
 CVE-2006-1948 (The "Add Sender to Address Book" operation ...)
-	TODO: check
+	NOT-FOR-US: Lotus Notes
 CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum ...)
-	TODO: check
+	NOT-FOR-US: NicPlex PlexCart
 CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and ...)
-	TODO: check
+	NOT-FOR-US: Visale
 CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 ...)
-	TODO: check
+	- awstats <unfixed> (bug #364443; medium)
+	NOTE: this might be the same core issue as CVE-2005-2732
 CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft ...)
-	TODO: check
+	NOT-FOR-US: SibSoft CommuniMail
 CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts ...)
-	TODO: check
+	NOT-FOR-US: Smarter Scripts IntelliLink Pro
 CVE-2006-1942 (Mozilla Firefox 1.5.0.2 allows user-complicit remote attackers to open ...)
 	TODO: check
+	NOTE: pkg-mozilla-maintainers are preparing a big security release, I've pinged them
+	NOTE: to ask about this issue
 CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: Neon Responder
 CVE-2006-1940
 	RESERVED
 CVE-2006-1939




More information about the Secure-testing-commits mailing list