[Secure-testing-commits] r4500 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Fri Aug 4 17:08:58 UTC 2006
Author: stef-guest
Date: 2006-08-04 17:08:55 +0000 (Fri, 04 Aug 2006)
New Revision: 4500
Modified:
data/CVE/list
Log:
- new ipcal issue (low)
- some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-08-04 16:40:22 UTC (rev 4499)
+++ data/CVE/list 2006-08-04 17:08:55 UTC (rev 4500)
@@ -1,35 +1,35 @@
CVE-2006-3970 (PHP remote file inclusion vulnerability in lmo.php in the LMO ...)
- TODO: check
+ NOT-FOR-US: LMO for joomla
CVE-2006-3969 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Colophon for joomla
CVE-2006-3968 (The crypto provider in Sun Solaris 10 3/05 HW2 without patch ...)
NOT-FOR-US: Solaris
CVE-2006-3967 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: moskool
CVE-2006-3966 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: MyNewsGroups
CVE-2006-3965 (Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web ...)
- TODO: check
+ NOT-FOR-US: Banex PHP MySQL Banner Exchange
CVE-2006-3964 (PHP remote file inclusion vulnerability in members.php in Banex PHP ...)
- TODO: check
+ NOT-FOR-US: Banex PHP MySQL Banner Exchange
CVE-2006-3963 (Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner ...)
- TODO: check
+ NOT-FOR-US: Banex PHP MySQL Banner Exchange
CVE-2006-3962 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: com_bayesiannaivefilter for mambo
CVE-2006-3961 (Unspecified vulnerability in McAfee Internet Security Suite 2006, ...)
NOT-FOR-US: McAfee
CVE-2006-3960 (SQL injection vulnerability in top.php in X-Scripts X-Poll 1.10 allows ...)
- TODO: check
+ NOT-FOR-US: X-Scripts X-Poll
CVE-2006-3959 (SQL injection vulnerability in protect.php in X-Scripts X-Protection ...)
- TODO: check
+ NOT-FOR-US: X-Scripts X-Protection
CVE-2006-3958 (Multiple unspecified cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: Taskjitsu
CVE-2006-3957 (PHP remote file inclusion vulnerability in payment.php in BosDev ...)
- TODO: check
+ NOT-FOR-US: BosDates
CVE-2006-3956 (Multiple cross-site scripting (XSS) vulnerabilities in contact.php in ...)
- TODO: check
+ NOT-FOR-US: Advanced Webhost Billing System
CVE-2006-3955 (Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum ...)
- TODO: check
+ NOT-FOR-US: MiniBB Forum
CVE-2006-3954 (Directory traversal vulnerability in usercp.php in MyBB (aka ...)
NOT-FOR-US: mybb
CVE-2006-3953 (Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka ...)
@@ -39,13 +39,13 @@
CVE-2006-3951 (PHP remote file inclusion vulnerability in moodle.php in Mam-moodle ...)
TODO: check
CVE-2006-3950 (SQL injection vulnerability in x-statistics.php in X-Scripts ...)
- TODO: check
+ NOT-FOR-US: X-Statistics
CVE-2006-3949 (PHP remote file inclusion vulnerability in artlinks.dispnew.php in the ...)
- TODO: check
+ NOT-FOR-US: com_artlinks for Mambo
CVE-2006-3948 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...)
NOT-FOR-US: php-nuke
CVE-2006-3947 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Mambatstaff
CVE-2006-3946 (The KHTMLParser::popOneBlock function in Apple Safari 2.0.4 on Mac OS ...)
TODO: check
CVE-2006-3945 (The CSS functionality in Opera 9 on Windows XP SP2 allows remote ...)
@@ -57,9 +57,9 @@
CVE-2006-3942 (The server driver (srv.sys) in Microsoft Windows 2000 SP4, Server 2003 ...)
NOT-FOR-US: Microsoft
CVE-2006-3941 (Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 ...)
- TODO: check
+ NOT-FOR-US: N1 Grid Engine
CVE-2006-3940 (Multiple SQL injection vulnerabilities in phpbb-Auction allow remote ...)
- TODO: check
+ NOT-FOR-US: phpbb-Auction
CVE-2006-3939 (ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform ...)
TODO: check
CVE-2006-3938 (DotClear allows remote attackers to obtain sensitive information via a ...)
@@ -73,7 +73,7 @@
CVE-2006-3934 (Absolute path traversal vulnerability in downloadTrigger.jsp in ...)
TODO: check
CVE-2006-3933 (Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before ...)
- TODO: check
+ NOT-FOR-US: OpenCms
CVE-2006-3932 (SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 ...)
TODO: check
CVE-2006-3931 (Buffer overflow in the daemon function in midirecord.cc in Tuomas ...)
@@ -89,7 +89,7 @@
CVE-2006-3926 (Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote ...)
TODO: check
CVE-2006-3925 (Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control ...)
- TODO: check
+ NOT-FOR-US: ITIRecorder.MicRecorder ActiveX control
CVE-2006-3924 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before ...)
TODO: check
CVE-2006-3923 (Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse ...)
@@ -134,7 +134,7 @@
CVE-2006-3904 (SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 ...)
TODO: check
CVE-2006-3903 (CRLF injection vulnerability in (1) index.php and (2) admin.php in ...)
- TODO: check
+ NOT-FOR-US: myWebland MyBloggie
CVE-2006-3902 (Cross-site scripting (XSS) vulnerability in index.php in phpFaber ...)
TODO: check
CVE-2006-3901 (Multiple stack-based buffer overflows in Tumbleweed Email Firewall ...)
@@ -242,29 +242,29 @@
CVE-2006-3850 (** DISPUTED ** ...)
TODO: check
CVE-2006-3849 (Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection ...)
- TODO: check
+ NOT-FOR-US: Warzone
CVE-2006-3848 (Cross-site scripting (XSS) vulnerability in CGI wrapper for IP ...)
- TODO: check
+ NOT-FOR-US: ipcalc <unfixed> (bug #381469; low)
CVE-2006-3847 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: MoSpray
CVE-2006-3846 (PHP remote file inclusion vulnerability in extadminmenus.class.php in ...)
- TODO: check
+ NOT-FOR-US: MultiBanners
CVE-2006-3845 (Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 ...)
- TODO: check
+ NOT-FOR-US: WinRAR
CVE-2006-3844 (Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: Quick 'n Easy FTP Server
CVE-2006-3843 (PHP remote file inclusion vulnerability in com_calendar.php in ...)
- TODO: check
+ NOT-FOR-US: Calendar Mambo Module
CVE-2006-3842 (Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 ...)
- TODO: check
+ NOT-FOR-US: Zoho Virtual Office
CVE-2006-3841 (Cross-site scripting (XSS) vulnerability in WebScarab before ...)
- TODO: check
+ NOT-FOR-US: WebScarab
CVE-2006-3840 (The SMB Mailslot parsing functionality in PAM in multiple ISS products ...)
- TODO: check
+ NOT-FOR-US: various ISS products
CVE-2006-3839
RESERVED
CVE-2006-3838 (Multiple stack-based buffer overflows in eIQnetworks Enterprise ...)
- TODO: check
+ NOT-FOR-US: eIQnetworks Enterprise
CVE-2006-XXXX [syslog-ng dos]
- syslog-ng 2.0rc1-2
CVE-2006-XXXX [courier-authdaemon: wrong socket permissions may lead to password disclosure]
More information about the Secure-testing-commits
mailing list