[Secure-testing-commits] r3512 - data/CVE
Micah Anderson
micah at costa.debian.org
Sun Feb 19 19:45:16 UTC 2006
Author: micah
Date: 2006-02-19 19:45:10 +0000 (Sun, 19 Feb 2006)
New Revision: 3512
Modified:
data/CVE/list
Log:
25 more NFUs and one ITP that was miscategorized as a NFU before
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-19 19:17:34 UTC (rev 3511)
+++ data/CVE/list 2006-02-19 19:45:10 UTC (rev 3512)
@@ -116,7 +116,7 @@
NOT-FOR-US: powerd
NOTE: powerd supposedly normally comes with sysvinit, but not in debian
CVE-2006-0680 (Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote ...)
- NOT-FOR-US: WebGUI
+ - webgui <itp> (bug #139749)
CVE-2006-0679
RESERVED
CVE-2006-0678 (PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before ...)
@@ -611,60 +611,59 @@
NOT-FOR-US: CRE Loaded
CVE-2006-0477 (Buffer overflow in git-checkout-index in GIT before 1.1.5 allows ...)
- git-core 1.1.5-1 (bug #350274)
-claimed by micah
CVE-2006-0476 (Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Winamp
CVE-2006-0475 (PHP-Ping 1.3 does not properly validate ping counts, which allows ...)
- TODO: check
+ NOT-FOR-US: PHP-Ping
CVE-2006-0474 (Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers ...)
- TODO: check
+ NOT-FOR-US: Shareaza
CVE-2006-0473 (Cross-site scripting (XSS) vulnerability in the bbcode function in ...)
- TODO: check
+ NOT-FOR-US: My little homepage
CVE-2006-0472 (Cross-site scripting (XSS) vulnerability in guestbook.php in my little ...)
- TODO: check
+ NOT-FOR-US: My little homepage
CVE-2006-0471 (Cross-site scripting (XSS) vulnerability in the bbcode function in ...)
- TODO: check
+ NOT-FOR-US: My little homepage
CVE-2006-0470 (Cross-site scripting (XSS) vulnerability in search.php in ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-0469 (Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and ...)
- TODO: check
+ NOT-FOR-US: uebimiau
+ NOTE: this had an ITP back in 2002, but it never was done (bug #164116)
CVE-2006-0468 (CommuniGate Pro Core Server before 5.0.7 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: CommuniGate Pro
CVE-2005-4707 (Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before ...)
- TODO: check
+ NOT-FOR-US: PHP GEN
CVE-2005-4706 (Unspecified vulnerability in the "privilege management" feature of Sun ...)
- TODO: check
+ NOT-FOR-US: Solaris 10
CVE-2005-4705 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2005-4704 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2005-4703 (Apache Tomcat 4.0.3, when running on Windows, allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Windows Tomcat vulnerability
CVE-2005-4702 (SQL injection vulnerability in the favorites module in index.php in ...)
- TODO: check
+ NOT-FOR-US: IPBProArcade
CVE-2005-4701 (Unspecified vulnerability in Process File System (procfs) in Sun ...)
- TODO: check
+ NOT-FOR-US: Solaris 10
CVE-2005-4700 (TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) ...)
- TODO: check
+ NOT-FOR-US: TellMe
CVE-2005-4699 (Argument injection vulnerability in TellMe 1.2 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: TellMe
CVE-2005-4698 (Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier ...)
- TODO: check
+ NOT-FOR-US: TellMe
CVE-2005-4697 (The Microsoft Wireless Zero Configuration system (WZCS) allows local ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2005-4696 (The Microsoft Wireless Zero Configuration system (WZCS) stores WEP ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2005-4695 (Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Symantec Brightmail AntiSpam
CVE-2005-4694 (Unspecified vulnerability in the www_add method in Asset.pm in Plain ...)
- TODO: check
+ - webgui <itp> (bug #139749)
CVE-2005-4693 (Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to ...)
- gaim-encryption <unfixed> (bug #337127)
CVE-2005-4692 (Unspecified vulnerability in mroovca stats (mroovcastats) before ...)
- TODO: check
+ NOT-FOR-US: mroovca
CVE-2005-4691 (imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, ...)
- TODO: check
-end claimed by micah
+ NOT-FOR-US: NetBSD
CVE-2005-4690 (Six Apart Movable Type 3.16 allows local users with blog-creation ...)
TODO: check
CVE-2005-4689 (Six Apart Movable Type 3.16 stores account names and password hashes ...)
@@ -1442,7 +1441,7 @@
CVE-2006-0166 (Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 ...)
NOT-FOR-US: Symantec SystemWorks
CVE-2006-0165 (Cross-site scripting (XSS) vulnerability in the DataForm Entries ...)
- NOT-FOR-US: Plain Black WebGUI
+ - webgui <itp> (bug #139749)
CVE-2006-0164 (phgstats.inc.php in phgstats before 0.5.1, if register_globals is ...)
NOT-FOR-US: phgstats
CVE-2006-0163 (SQL injection vulnerability in the search module ...)
@@ -6740,7 +6739,7 @@
CVE-2005-2838 (SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and ...)
NOT-FOR-US: myBloggie
CVE-2005-2837 (Multiple eval injection vulnerabilities in PlainBlack Software WebGUI ...)
- NOT-FOR-US: WebGUI
+ - webgui <itp> (bug #139749)
CVE-2005-2836 (Multiple cross-site scripting (XSS) vulnerabilities in Phorum 5.0.17a ...)
NOT-FOR-US: Phorum
CVE-2005-2835
More information about the Secure-testing-commits
mailing list