[Secure-testing-commits] r3680 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Fri Mar 24 10:24:26 UTC 2006 

Author: jmm-guest
Date: 2006-03-24 10:24:20 +0000 (Fri, 24 Mar 2006)
New Revision: 3680

Modified:
   data/CVE/list
Log:
new freeradius issue (unfixed)
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-03-24 10:20:13 UTC (rev 3679)
+++ data/CVE/list	2006-03-24 10:24:20 UTC (rev 3680)
@@ -47,7 +47,7 @@
 CVE-2006-1355 (avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" ...)
 	TODO: check
 CVE-2006-1354 (Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows ...)
-	TODO: check
+	- freeradius <unfixed>
 CVE-2006-1353 (Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier ...)
 	TODO: check
 CVE-2006-1352 (BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 ...)
@@ -156,44 +156,42 @@
 	RESERVED
 CVE-2006-1299
 	RESERVED
-begin claimed by jmm
 CVE-2006-1298 (Format string vulnerability in the Job Engine service (bengine.exe) in ...)
-	TODO: check
+	NOT-FOR-US: Veritas Backup
 CVE-2006-1297 (Unspecified vulnerability in Veritas Backup Exec for Windows Server ...)
-	TODO: check
+	NOT-FOR-US: Veritas Backup
 CVE-2006-1296 (Untrusted search path vulnerability in Beagle 0.2.2.1 might allow ...)
 	- beagle 0.2.3-1 (bug #357392; low)
 CVE-2006-1295 (Cross-site scripting (XSS) vulnerability in recherche.php3 in SPIP ...)
-	TODO: check
+	NOT-FOR-US: SPIP
 CVE-2006-1294 (PHP remote file include vulnerability in PageController.php in ...)
-	TODO: check
+	NOT-FOR-US: KnowledgebasePublisher
 CVE-2006-1293 (Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS ...)
-	TODO: check
+	NOT-FOR-US: Contrexx
 CVE-2006-1292 (Directory traversal vulnerability in Jim Hu and Chad Little PHP ...)
-	TODO: check
+	NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
 CVE-2006-1291 (publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and ...)
-	TODO: check
+	NOT-FOR-US: Jim Hu and Chad Little PHP iCalendar
 CVE-2006-1290 (Multiple cross-site scripting (XSS) vulnerabilities in Milkeyway ...)
-	TODO: check
+	NOT-FOR-US: Milkeyway Captive Portal 
 CVE-2006-1289 (Multiple SQL injection vulnerabilities in Milkeyway Captive Portal 0.1 ...)
-	TODO: check
+	NOT-FOR-US: Milkeyway Captive Portal 
 CVE-2006-1288 (Multiple SQL injection vulnerabilities in Invision Power Board (IPB) ...)
-	TODO: check
+	NOT-FOR-US: Invision Power Board
 CVE-2006-1287 (Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) ...)
-	TODO: check
+	NOT-FOR-US: Invision Power Board
 CVE-2006-1286 (Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for ...)
-	TODO: check
+	NOT-FOR-US: Symantec Ghost
 CVE-2006-1285 (SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost ...)
-	TODO: check
+	NOT-FOR-US: Symantec Ghost
 CVE-2006-1284 (The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used ...)
-	TODO: check
-end claimed by jmm
+	NOT-FOR-US: Symantec Ghost
 CVE-2006-1283 (opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD ...)
 	TODO: check
 CVE-2006-1282 (CRLF injection vulnerability in inc/function.php in MyBulletinBoard ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2006-1281 (Cross-site scripting (XSS) in member.php in MyBulletinBoard (MyBB) ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2006-1280 (CGI::Session 4.03-1 does not set proper permissions on temporary files ...)
 	- libcgi-session-perl 4.07-1
 CVE-2006-1279 (CGI::Session 4.03-1 allows local users to overwrite arbitrary files ...)
@@ -273,17 +271,17 @@
 CVE-2005-4741 (NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 ...)
 	TODO: check
 CVE-2005-4740 (IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2005-4739 (IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2005-4738 (IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2005-4737 (IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2005-4736 (IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2005-4735 (IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2005-4734 (Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication ...)
 	TODO: check
 CVE-2005-4733 (NetBSD 2.0 before 20050316 and NetBSD-current before 20050112 allow ...)

More information about the Secure-testing-commits mailing list