[Secure-testing-commits] r3539 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Sun Feb 26 16:11:34 UTC 2006 

Author: stef-guest
Date: 2006-02-26 16:11:28 +0000 (Sun, 26 Feb 2006)
New Revision: 3539

Modified:
   data/CVE/list
Log:
new php-auth, popfile, mambo issues
claim some more


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-26 15:00:56 UTC (rev 3538)
+++ data/CVE/list	2006-02-26 16:11:28 UTC (rev 3539)
@@ -1,60 +1,58 @@
 CVE-2006-0883
 	RESERVED
-	
-begin claimed by stef-guest
-
 CVE-2006-0882 (Directory traversal vulnerability in include.php in Noah's Classifieds ...)
-	TODO: check
+	NOT-FOR-US: Noah's Classifieds
 CVE-2006-0881 (Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php ...)
-	TODO: check
+	NOT-FOR-US: Noah's Classifieds
 CVE-2006-0880 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
-	TODO: check
+	NOT-FOR-US: Noah's Classifieds
 CVE-2006-0879 (SQL injection vulnerability in the search tool in Noah's Classifieds ...)
-	TODO: check
+	NOT-FOR-US: Noah's Classifieds
 CVE-2006-0878 (Noah's Classifieds 1.3 allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: Noah's Classifieds
 CVE-2006-0877 (Cross-site scripting vulnerability in Easy Forum 2.5 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Easy Forum
 CVE-2006-0876 (POPFile before 0.22.4 allows remote attackers to cause a denial of ...)
-	TODO: check
+	- popfile <unfixed> (bug #354464; medium)
 CVE-2006-0875 (Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 ...)
-	TODO: check
+	NOT-FOR-US: runCMS
 CVE-2006-0874 (Multiple unspecified vulnerabilities in Intensive Point iUser ...)
-	TODO: check
+	NOT-FOR-US: Intensive Point iUser Ecommerce
 CVE-2006-0873 (Absolute path traversal vulnerability in docs/showdocs.php in ...)
-	TODO: check
+	- coppermine <itp> (bug #259206)
 CVE-2006-0872 (Directory traversal vulnerability in init.inc.php in Coppermine Photo ...)
-	TODO: check
+	- coppermine <itp> (bug #259206)
 CVE-2006-0871 (Unspecified vulnerability in Mambo 4.5.3, 4.5.3h, and possibly ...)
-	TODO: check
+	- mambo <unfixed> (bug #354468)
+	NOTE: only in experimental
 CVE-2006-0870 (SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 ...)
-	TODO: check
+	NOT-FOR-US: Mini-Nuke CMS
 CVE-2006-0869 (Directory traversal vulnerability in the &quot;remember me&quot; feature in PHP ...)
-	TODO: check
+	NOT-FOR-US: PHP PEAR LiveUser
 CVE-2006-0868 (Multiple unspecified injection vulnerabilities in unspecified Auth ...)
-	TODO: check
+	- php-auth <unfixed> (bug #354474)
 CVE-2006-0867 (Buffer overflow in certain versions of South River (aka SRT) WebDrive, ...)
-	TODO: check
+	NOT-FOR-US: WebDrive
 CVE-2006-0866 (PunBB 1.2.10 and earlier allows remote attackers to conduct brute ...)
-	TODO: check
+	NOT-FOR-US: PunBB 
 CVE-2006-0865 (PunBB 1.2.10 and earlier allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: PunBB 
 CVE-2006-0864 (filescan in Global Hauri ViRobot 2.0 20050817 does not verify the ...)
-	TODO: check
+	NOT-FOR-US: Global Hauri ViRobot
 CVE-2006-0863 (InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote ...)
-	TODO: check
+	NOT-FOR-US: InfoVista PortalSE
 CVE-2006-0862 (Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on ...)
-	TODO: check
+	NOT-FOR-US: InfoVista PortalSE
 CVE-2006-0861 (Michael Salzer Guestbox 0.6 allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: Michael Salzer Guestbox
 CVE-2006-0860 (Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer ...)
-	TODO: check
+	NOT-FOR-US: Michael Salzer Guestbox
 CVE-2006-0859 (Michael Salzer Guestbox 0.6 allows remote attackers to post an admin ...)
-	TODO: check
+	NOT-FOR-US: Michael Salzer Guestbox
 CVE-2006-0858 (Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the ...)
-	TODO: check
+	NOT-FOR-US: StarForce Safe'n'Sec Personal
 
-end claimed by stef-guest
+begin claimed by stef-guest
 
 CVE-2006-0857 (Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 ...)
 	TODO: check
@@ -86,6 +84,9 @@
 	TODO: check
 CVE-2006-0843 (Leif M. Wright's Blog 3.5 stores the config file and other txt files ...)
 	TODO: check
+
+end claimed by stef-guest
+
 CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows ...)
 	TODO: check
 CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 ...)

More information about the Secure-testing-commits mailing list