[Secure-testing-commits] r3461 - data/CVE

Sun Feb 12 22:58:37 UTC 2006

Author: jmm-guest
Date: 2006-02-12 22:58:32 +0000 (Sun, 12 Feb 2006)
New Revision: 3461

Modified:
   data/CVE/list
Log:
new gallery, heimdal issues
NFUs


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-02-10 21:14:23 UTC (rev 3460)
+++ data/CVE/list	2006-02-12 22:58:32 UTC (rev 3461)
@@ -115,58 +115,68 @@
 	{DSA-967-1}
 	- elog 2.6.1+r1642-1
 CVE-2006-0593 (Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion 
 CVE-2006-0592 (Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server ...)
-	TODO: check
+	NOT-FOR-US: Lexmark Printer
 CVE-2006-0591 (The crypt_gensalt functions for BSDI-style extended DES-based and ...)
-	TODO: check
+	NOT-FOR-US: crypt_blowfish implementation from OWL, does not seem to be in Debian
 CVE-2006-0590 (MyTopix 1.2.3 allows remote attackers to obtain the installation path ...)
-	TODO: check
+	NOT-FOR-US: MyTopix
 CVE-2006-0589 (MyTopix 1.2.3 allows remote attackers to obtain the installation path ...)
-	TODO: check
+	NOT-FOR-US: MyTopix
 CVE-2006-0588 (SQL injection vulnerability in search.php in MyTopix 1.2.3 allows ...)
-	TODO: check
+	NOT-FOR-US: MyTopix
 CVE-2006-0587 (Unspecified vulnerability in Gallery before 1.5.2-pl2 allows remote ...)
-	TODO: check
+	- gallery 1.5.2-pl2-1
 CVE-2006-0586 (Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2006-0585 (jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-0584 (The PSCipher function in PeopleSoft People Tools 8.4x uses weak ...)
-	TODO: check
+	NOT-FOR-US: PeopleSoft People Tools
 CVE-2006-0583 (SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and ...)
-	TODO: check
+	NOT-FOR-US: Clever Copy
 CVE-2006-0582 (Unspecified vulnerability in Heimdal rshd 0.6.x before 0.6.6 and 0.7.x ...)
-	TODO: check
+	- heimdal <unfixed>
 CVE-2006-0581 (SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 ...)
-	TODO: check
+	NOT-FOR-US: Hosting Controller
 CVE-2006-0580 (IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial ...)
-	TODO: check
+	NOT-FOR-US: Lotus Domino
 CVE-2006-0579 (Multiple integer overflows in (1) the new_demux_packet function in ...)
-	TODO: check
+	TODO: check, whether the vulnerable code is present in xine-lib or ffmpeg
 CVE-2006-0578 (Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce ...)
-	TODO: check
+	NOT-FOR-US: Blue Coat Proxy Security Gateway OS
 CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...)
-	TODO: check
+	NOT-FOR-US: Lexmark printer
 CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in Papoo ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in Outblaze ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before 0.5.1, ...)
+	NOT-FOR-US: 
 	TODO: check
 CVE-2006-XXXX [bluez-hcidump DoS]
 	- bluez-hcidump <unfixed> (bug #351881)


