[Secure-testing-commits] r4497 - data/CVE

Thu Aug 3 22:50:17 UTC 2006

Author: stef-guest
Date: 2006-08-03 22:50:15 +0000 (Thu, 03 Aug 2006)
New Revision: 4497

Modified:
   data/CVE/list
Log:
new libmikmod2 issue and some NFUs

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-08-03 22:34:02 UTC (rev 4496)
+++ data/CVE/list	2006-08-03 22:50:15 UTC (rev 4497)
@@ -3,7 +3,7 @@
 CVE-2006-3969 (PHP remote file inclusion vulnerability in ...)
 	TODO: check
 CVE-2006-3968 (The crypto provider in Sun Solaris 10 3/05 HW2 without patch ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2006-3967 (PHP remote file inclusion vulnerability in ...)
 	TODO: check
 CVE-2006-3966 (PHP remote file inclusion vulnerability in ...)
@@ -17,7 +17,7 @@
 CVE-2006-3962 (PHP remote file inclusion vulnerability in ...)
 	TODO: check
 CVE-2006-3961 (Unspecified vulnerability in McAfee Internet Security Suite 2006, ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2006-3960 (SQL injection vulnerability in top.php in X-Scripts X-Poll 1.10 allows ...)
 	TODO: check
 CVE-2006-3959 (SQL injection vulnerability in protect.php in X-Scripts X-Protection ...)
@@ -31,9 +31,9 @@
 CVE-2006-3955 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...)
 	TODO: check
 CVE-2006-3954 (Directory traversal vulnerability in usercp.php in MyBB (aka ...)
-	TODO: check
+	NOT-FOR-US: mybb
 CVE-2006-3953 (Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka ...)
-	TODO: check
+	NOT-FOR-US: mybb
 CVE-2006-3952 (Stack-based buffer overflow in EFS Software Easy File Sharing FTP ...)
 	TODO: check
 CVE-2006-3951 (PHP remote file inclusion vulnerability in moodle.php in Mam-moodle ...)
@@ -43,19 +43,19 @@
 CVE-2006-3949 (PHP remote file inclusion vulnerability in artlinks.dispnew.php in the ...)
 	TODO: check
 CVE-2006-3948 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...)
-	TODO: check
+	NOT-FOR-US: php-nuke
 CVE-2006-3947 (PHP remote file inclusion vulnerability in ...)
 	TODO: check
 CVE-2006-3946 (The KHTMLParser::popOneBlock function in Apple Safari 2.0.4 on Mac OS ...)
 	TODO: check
 CVE-2006-3945 (The CSS functionality in Opera 9 on Windows XP SP2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2006-3944 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3943 (Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3942 (The server driver (srv.sys) in Microsoft Windows 2000 SP4, Server 2003 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3941 (Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 ...)
 	TODO: check
 CVE-2006-3940 (Multiple SQL injection vulnerabilities in phpbb-Auction allow remote ...)
@@ -97,9 +97,9 @@
 CVE-2006-3922 (PHP remote file inclusion vulnerability in mod_membre/inscription.php ...)
 	TODO: check
 CVE-2006-3921 (Sun Java System Application Server (SJSAS) 7 through 8.1 and Web ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System Application Server
 CVE-2006-3920 (The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 ...)
-	TODO: check
+	NOT-FOR-US: Sun Solaris
 CVE-2006-3919 (SQL injection vulnerability in index.php in SD Studio CMS allows ...)
 	TODO: check
 CVE-2006-3918 (http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 ...)
@@ -110,25 +110,25 @@
 CVE-2006-3916 (Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka ...)
 	TODO: check
 CVE-2006-3915 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3914 (Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite ...)
 	TODO: check
 CVE-2006-3913 (Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul ...)
 	- freeciv <unfixed> (bug filed; medium)
 CVE-2006-3912 (Stack-based buffer overflow in the SFX module in WinRAR before 3.60 ...)
-	TODO: check
+	NOT-FOR-US: WinRAR
 CVE-2006-3911 (PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 ...)
 	TODO: check
 CVE-2006-3910 (Internet Explorer 6 on Windows XP SP2, when Outlook is installed, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3909 (Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads ...)
 	TODO: check
 CVE-2006-3908 (Format string vulnerability in the flush_output function in ...)
-	TODO: check
+	NOT-FOR-US: Game Network Engine (GNE)
 CVE-2006-3907 (Siemens SpeedStream 2624 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2006-3906 (Internet Key Exchange (IKE) version 1 protocol, as implemented on ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2006-3905 (SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote ...)
 	TODO: check
 CVE-2006-3904 (SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 ...)
@@ -142,11 +142,11 @@
 CVE-2006-3900 (Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book ...)
 	TODO: check
 CVE-2006-3899 (Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3898 (Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3897 (Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-3896
 	RESERVED
 CVE-2006-3895
@@ -182,7 +182,7 @@
 CVE-2006-3880 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-3879 (Integer overflow in the loadChunk function in loaders/load_gt2.c in ...)
-	TODO: check
+	- libmikmod2 <unfixed> (bug filed)
 CVE-2006-3878 (Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql ...)
 	TODO: check
 CVE-2006-3877
@@ -530,7 +530,7 @@
 	TODO: check
 CVE-2006-3747 (Off-by-one error in the the ldap scheme handling in the Rewrite module ...)
 	{DSA-1132-1 DSA-1131-1}
-	- apache <unfixed> (medium; bug 380231)
+	- apache <unfixed> (medium; bug #380231)
 	- apache2 <unfixed> (medium; bug #380182)
 CVE-2006-3746 (Buffer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote ...)
 	- gnupg 1.4.5-1 (medium)


