[Secure-testing-commits] r3398 - data/CVE
Moritz Muehlenhoff
jmm-guest at costa.debian.org
Tue Jan 31 14:53:48 UTC 2006
Author: jmm-guest
Date: 2006-01-31 14:53:43 +0000 (Tue, 31 Jan 2006)
New Revision: 3398
Modified:
data/CVE/list
Log:
one new minor mediawiki issue
lots of NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-01-31 11:54:25 UTC (rev 3397)
+++ data/CVE/list 2006-01-31 14:53:43 UTC (rev 3398)
@@ -223,61 +223,60 @@
NOT-FOR-US: Cisco CallManager
CVE-2006-0367 (Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 ...)
NOT-FOR-US: Cisco CallManager
-begin claimed by jmm
CVE-2006-0366 (Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) ...)
- TODO: check
+ NOT-FOR-US: Phpclanwebsite
CVE-2006-0365 (Cross-site scripting (XSS) vulnerability in XMB (aka extreme message ...)
- TODO: check
+ NOT-FOR-US: XMB
CVE-2006-0364 (Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-0363 (The "Remember my Password" feature in MSN Messenger 7.5 stores ...)
- TODO: check
+ NOT-FOR-US: MSN Messenger
CVE-2006-0362 (TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, ...)
- TODO: check
+ NOT-FOR-US: TippingPoint IPS
CVE-2006-0361 (Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 ...)
- TODO: check
+ NOT-FOR-US: Bit 5 Blog
CVE-2006-0360 (MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: MPM SIP IP Phone
CVE-2006-0359 (Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote ...)
- TODO: check
+ NOT-FOR-US: eyeBeam SIP Softphone
CVE-2006-0358 (Multiple SQL injection vulnerabilities in PowerPortal, possibly 1.1 ...)
- TODO: check
+ NOT-FOR-US: PowerPortal
CVE-2006-0357 (Grant Averett Cerberus FTP Server 2.32, and possibly earlier versions, ...)
- TODO: check
+ NOT-FOR-US: Grant Averett Cerberus FTP Server
CVE-2006-0356 (Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to cause ...)
- TODO: check
+ NOT-FOR-US: Ari Pikivirta Home Ftp Server
CVE-2006-0355 (Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Helmsman Research (aka CoolUtils) HomeFtp
CVE-2006-0354 (Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) ...)
NOT-FOR-US: Cisco IOS
CVE-2006-0352 (The default configuration of Fluffington FLog 1.01 installs ...)
- TODO: check
+ NOT-FOR-US: Fluffington FLog
CVE-2006-0351 (Unspecified "critical denial-of-service vulnerability" in MyDNS before ...)
- mydns 1.1.0+pre-3 (medium; bug #348826)
CVE-2006-0350 (Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote ...)
- TODO: check
+ NOT-FOR-US: eggblog
CVE-2006-0349 (SQL injection vulnerability in eggblog 2.0 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: eggblog
CVE-2006-0348 (Format string vulnerability in the write_logfile function in ELOG ...)
- elog <unfixed> (bug #349528; medium)
CVE-2006-0347 (Directory traversal vulnerability in ELOG before 2.6.1 allows remote ...)
- elog <unfixed> (bug #349528; medium)
CVE-2006-0346 (Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows ...)
- TODO: check
+ NOT-FOR-US: SaralBlog
CVE-2006-0345 (Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote ...)
- TODO: check
+ NOT-FOR-US: SaralBlog
CVE-2006-0344 (Directory traversal vulnerability in Intervations FileCOPA FTP Server ...)
- TODO: check
+ NOT-FOR-US: FileCOPA FTP Server
CVE-2006-0343 (Unspecified vulnerability in the Port Discovery Standard and Advanced ...)
- TODO: check
+ NOT-FOR-US: Hitachi JP1/NetInsight II
CVE-2006-0342 (RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows ...)
- TODO: check
+ NOT-FOR-US: RockLiffe MailSite
CVE-2006-0341 (Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe ...)
- TODO: check
+ NOT-FOR-US: RockLiffe MailSite
CVE-2006-0340 (Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) ...)
NOT-FOR-US: Cisco IOS
CVE-2006-0339 (Buffer overflow in BitComet Client 0.60 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: BitComet
CVE-2006-0338 (Multiple F-Secure Anti-Virus products and versions for Windows and ...)
NOT-FOR-US: F-Secure
CVE-2006-0337 (Buffer overflow in multiple F-Secure Anti-Virus products and versions ...)
@@ -287,36 +286,35 @@
CVE-2006-0335 (Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before ...)
NOT-FOR-US: Kerio Firewall
CVE-2006-0334 (Cross-site scripting (XSS) vulnerability in search.php in My Amazon ...)
- TODO: check
+ NOT-FOR-US: My Amazon Store Manager
CVE-2006-0333 (Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote ...)
- TODO: check
+ NOT-FOR-US: ar-blog
CVE-2006-0332 (Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments ...)
- ecartis <unfixed> (medium; bug #348824)
NOTE: Sarge and Woody are affected
CVE-2006-0331 (Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin ...)
- TODO: check
+ NOT-FOR-US: Squirrelmail plugin
CVE-2006-0330 (Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 ...)
- gallery 1.5.2-1
CVE-2006-0329 (SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, ...)
- TODO: check
+ NOT-FOR-US: HITSENSER Data Mart Server BS
CVE-2006-0328 (Format string vulnerability in Tftpd32 2.81 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Tftpd32, different from the tftpd in Debian
CVE-2006-0327 (TYPO3 3.7.1 allows remote attackers to obtain sensitive information ...)
- typo3-src <unfixed> (unimportant)
NOTE: Only path disclosure
CVE-2006-0326
RESERVED
CVE-2006-0325 (Etomite Content Management System 0.6, and possibly earlier versions, ...)
- TODO: check
+ NOT-FOR-US: Etomite CMS
CVE-2006-0324 (SQL injection vulnerability in WebspotBlogging 3.0 allows remote ...)
- TODO: check
+ NOT-FOR-US: WebspotBlogging
CVE-2006-0323
RESERVED
CVE-2006-0322 (Unspecified vulnerability the edit comment formatting functionality in ...)
- TODO: check
+ - mediawiki <unfixed> (low)
CVE-2005-4666 (Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 ...)
- TODO: check
-end claimed by jmm
+ NOT-FOR-US: PHlyMail
CVE-2006-XXXX [mydns remote DoS]
- mydns 1.1.0+pre-3 (medium)
CVE-2006-0353 (unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to ...)
More information about the Secure-testing-commits
mailing list