[Secure-testing-commits] r3463 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Mon Feb 13 08:17:44 UTC 2006
Author: jmm-guest
Date: 2006-02-13 08:17:38 +0000 (Mon, 13 Feb 2006)
New Revision: 3463
Modified:
data/CVE/list
Log:
two not-affected
removed a non-issue
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-12 23:03:24 UTC (rev 3462)
+++ data/CVE/list 2006-02-13 08:17:38 UTC (rev 3463)
@@ -153,35 +153,25 @@
CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...)
NOT-FOR-US: Lexmark printer
CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...)
- NOT-FOR-US:
TODO: check
CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...)
- NOT-FOR-US:
- TODO: check
+ - fcron <not-affected> (Not included in Debian package)
CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: phpstatus
CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: phpstatus
CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: phpstatus
CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in Papoo ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: Papoo
CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in Outblaze ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: Outblaze
CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before 0.5.1, ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: Xaraya
CVE-2006-XXXX [bluez-hcidump DoS]
- bluez-hcidump <unfixed> (bug #351881)
CVE-2006-0566 (The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote ...)
@@ -2454,8 +2444,7 @@
CVE-2005-4218 (SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows ...)
NOT-FOR-US: PHPWebThings
CVE-2005-4217 (Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges ...)
- TODO: check, whether this affects Debian's perl
- NOTE: no actual data on what the hole is
+ - perl <not-affected> (MacOS specific vulnerability)
CVE-2005-4216 (The Administration Service (FMSAdmin.exe) in Macromedia Flash Media ...)
NOT-FOR-US: Macromedia Flash Media Server
CVE-2005-4215 (Motorola SB5100E Cable Modem allows remote attackers to cause a denial ...)
@@ -7927,10 +7916,6 @@
CVE-2005-XXXX [Insecure usage of temporary files in x11perfcomp and other security issues]
- xfree86 <unfixed> (bug #321447; low)
- xorg-x11 <unfixed> (bug #321447; low)
-CVE-2005-XXXX [kdebase: startkde does not check lnusertemp's result?]
- NOTE: This hardly has security implications, lots of applications do not cope
- NOTE: with a filled up /tmp dir.
- - kdebase <unfixed> (bug #292078; low)
CVE-2005-XXXX [gs-esp: Insecure usage of /tmp in source code]
- gs-esp <unfixed> (bug #291452; low)
CVE-2005-XXXX [Format string bug in sysklogd's syslog_tst sources]
More information about the Secure-testing-commits
mailing list