[Secure-testing-commits] r3386 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Sun Jan 29 20:14:37 UTC 2006
Author: jmm-guest
Date: 2006-01-29 20:14:28 +0000 (Sun, 29 Jan 2006)
New Revision: 3386
Modified:
data/CVE/list
Log:
lots of NFUs
new unzip issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-28 17:46:02 UTC (rev 3385)
+++ data/CVE/list 2006-01-29 20:14:28 UTC (rev 3386)
@@ -1,47 +1,48 @@
-begin claimed by jmm
CVE-2006-0433
RESERVED
CVE-2006-0432 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0431 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0430 (Certain configurations of BEA WebLogic Server and WebLogic Express ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0429 (BEA WebLogic Server and WebLogic Express 9.0 causes new security ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0428 (Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0427 (Unspecified vulnerability in BEA WebLogic Server and WebLogic Express ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0426 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, when ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0425 (BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0424 (BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0423 (BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0422 (Multiple unspecified vulnerabilities in BEA WebLogic Server and ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0421 (By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0420 (BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2006-0419 (BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 ...)
- TODO: check
+ NOT-FOR-US: BEA WebLogic
CVE-2005-4667 (Buffer overflow in UnZip 5.50 and earlier allows local users to ...)
- TODO: check
+ - unzip <unfixed> (medium; bug #349794)
+ NOTE: The scope of this issue is currently unclear, medium for now, but might be
+ NOTE: less severe
CVE-2006-0418 (Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 ...)
- TODO: check
+ NOT-FOR-US: 123 Flash Chat Server
CVE-2006-0417 (SQL injection vulnerability in login.php in miniBloggie 1.0 and ...)
- TODO: check
+ NOT-FOR-US: miniBloggie
CVE-2006-0416 (SleeperChat 0.3f an earlier allows remote attackers to bypass ...)
- TODO: check
+ NOT-FOR-US: SleeperChat
CVE-2006-0415 (Cross-site scripting (XSS) vulnerability in index.php in SleeperChat ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: SleeperChat
CVE-2006-0414 (Tor 0.1.1.10-alpha and earlier allows remote attackers to identify ...)
- tor <unfixed> (bug #349283)
+begin claimed by jmm
CVE-2006-0413 (Multiple SQL injection vulnerabilities in index.php in NewsPHP allow ...)
TODO: check
CVE-2006-0412 (SQL injection vulnerability in CyberShop allows remote attackers to ...)
@@ -132,6 +133,7 @@
TODO: check
CVE-2006-0369 (** DISPUTED ** ...)
TODO: check
+end claimed by jmm
CVE-2006-0368 (Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before ...)
NOT-FOR-US: Cisco CallManager
CVE-2006-0367 (Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 ...)
More information about the Secure-testing-commits
mailing list