[Secure-testing-commits] r3459 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Fri Feb 10 17:38:59 UTC 2006
Author: jmm-guest
Date: 2006-02-10 17:38:54 +0000 (Fri, 10 Feb 2006)
New Revision: 3459
Modified:
data/CVE/list
Log:
new powersave issue, already resolved
lots of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-10 17:18:04 UTC (rev 3458)
+++ data/CVE/list 2006-02-10 17:38:54 UTC (rev 3459)
@@ -3,90 +3,89 @@
CVE-2006-XXXX [pioneers meta-server DoS]
- pioneers 0.9.55-1 (bug #351986; medium)
[sarge] - gnocatan <not-affected> (Not exploitable in Sarge per maintainer)
-begin claimed by jmm
CVE-2006-0644 (Multiple directory traversal vulnerabilities in install.php in ...)
- TODO: check
+ NOT-FOR-US: CPG-Nuke Dragonfly CMS
CVE-2006-0643 (Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web ...)
- TODO: check
+ NOT-FOR-US: WiredRed e/pop Web Conferencing
CVE-2006-0642 (Trend Micro ServerProtect 5.58, and possibly InterScan Messaging ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2006-0641 (Orbicule Undercover uses a third-party web server to determine the IP ...)
- TODO: check
+ NOT-FOR-US: Orbicule Undercover
CVE-2006-0640 (Orbicule Undercover allows attackers with physical or root access to ...)
- TODO: check
+ NOT-FOR-US: Orbicule Undercover
CVE-2006-0639 (Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-0638 (SQL injection vulnerability in moderation.php in MyBB (aka ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-0637 (Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows ...)
- TODO: check
+ NOT-FOR-US: QUALCOMM Eudora WorldMail
CVE-2006-0636 (desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the ...)
- TODO: check
+ NOT-FOR-US: eyeOS
CVE-2006-0635 (Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the ...)
- tcc <unfixed> (bug #352202; medium)
NOTE: Sarge status not yet analysed
CVE-2006-0634 (Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition ...)
- TODO: check
+ NOT-FOR-US: Borland C++Builder
CVE-2006-0633 (The make_password function in ipsclass.php in Invision Power Board ...)
- TODO: check
+ NOT-FOR-US: Invision Power Board
CVE-2006-0632 (The gen_rand_string function in phpBB 2.0.19 uses insufficiently ...)
- TODO: check
+ NOTE: Sounds irrelevant, pinged phpbb maintainers
CVE-2006-0631 (CRLF injection vulnerability in Erik C. Thauvin mailback allows remote ...)
- TODO: check
+ NOT-FOR-US: Erik C. Thauvin mailback
CVE-2006-0630 (RITLabs The Bat! before 3.0.0.15 displays certain important headers ...)
- TODO: check
+ NOT-FOR-US: The Bat!
CVE-2006-0629 (Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 ...)
- TODO: check
+ NOT-FOR-US: AIM
CVE-2006-0628 (myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Dale Ray MyQuiz
CVE-2006-0627 (Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and ...)
- TODO: check
+ NOT-FOR-US: Clever Copy
CVE-2006-0624 (SQL injection vulnerability in check.asp in Whomp Real Estate Manager ...)
- TODO: check
+ NOT-FOR-US: Whomp Real Estate Manager
CVE-2006-0623 (QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2006-0622 (QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2006-0621 (Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2006-0620 (Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2006-0619 (Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2006-0618 (Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2006-0617 (Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 ...)
- TODO: check
+ NOT-FOR-US: Sun Java
CVE-2006-0616 (Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and ...)
- TODO: check
+ NOT-FOR-US: Sun Java
CVE-2006-0615 (Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 ...)
- TODO: check
+ NOT-FOR-US: Sun Java
CVE-2006-0614 (Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and ...)
- TODO: check
+ NOT-FOR-US: Sun Java
CVE-2006-0613 (Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in ...)
- TODO: check
+ NOT-FOR-US: Sun Java
CVE-2006-0612 (Powersave daemon before 0.10.15.2 allows local users to gain ...)
- TODO: check
+ - powersave 0.11.2-1
CVE-2006-0611 (Directory traversal vulnerability in compose.pl in @Mail 4.3 and ...)
- TODO: check
+ NOT-FOR-US: @Mail
CVE-2006-0610 (Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, ...)
- TODO: check
+ NOT-FOR-US: 2200net Calender system
CVE-2006-0609 (Cross-site scripting (XSS) vulnerability in add.php in Hinton Design ...)
- TODO: check
+ NOT-FOR-US: Hinton Design phphd
CVE-2006-0608 (Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 ...)
- TODO: check
+ NOT-FOR-US: Hinton Design phphd
CVE-2006-0607 (check.php in Hinton Design phphd 1.0 does not check passwords when ...)
- TODO: check
+ NOT-FOR-US: Hinton Design phphd
CVE-2006-0606 (SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 ...)
- TODO: check
+ NOT-FOR-US: Unknown Domain Shoutbox
CVE-2006-0605 (Multiple cross-site scripting (XSS) vulnerabilities in Unknown Domain ...)
- TODO: check
+ NOT-FOR-US: Unknown Domain Shoutbox
CVE-2006-0604 (check.php in Hinton Design phphg Guestbook 1.2 does not check the user ...)
- TODO: check
+ NOT-FOR-US: Hinton Design phphd
CVE-2006-0603 (Multiple cross-site scripting vulnerabilities in signed.php in Hinton ...)
- TODO: check
+ NOT-FOR-US: Hinton Design phphd
CVE-2006-0602 (Multiple SQL injection vulnerabilities in Hinton Design phphg ...)
- TODO: check
+ NOT-FOR-US: Hinton Design phphd
CVE-2006-0601
RESERVED
CVE-2006-0596
@@ -96,10 +95,9 @@
CVE-2006-0594
RESERVED
CVE-2005-4711 (SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 ...)
- TODO: check
+ NOT-FOR-US: Land Down Under
CVE-2005-4710 (Unspecified vulnerability in multiple Autodesk and AutoCAD products ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: AutoCAD
CVE-2006-0598 [elog: buffer overflow in write_logfile]
RESERVED
- elog 2.6.1+r1642-1
More information about the Secure-testing-commits
mailing list