[Secure-testing-commits] r3688 - data/CVE

Fri Mar 24 15:05:42 UTC 2006

Author: jmm-guest
Date: 2006-03-24 15:05:30 +0000 (Fri, 24 Mar 2006)
New Revision: 3688

Modified:
   data/CVE/list
Log:
NFUS



Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-03-24 14:37:52 UTC (rev 3687)
+++ data/CVE/list	2006-03-24 15:05:30 UTC (rev 3688)
@@ -717,9 +717,9 @@
 CVE-2006-1052
 	RESERVED
 CVE-2006-1051 (SQL injection vulnerability in Akarru Social BookMarking Engine before ...)
-	TODO: check
+	NOT-FOR-US: Akurru Social BookMarking Engine
 CVE-2006-1050 (Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the ...)
-	TODO: check
+	NOT-FOR-US: Kwik-Pay Payroll
 CVE-2005-4728 (Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian ...)
 	- amaya 9.4-1 (bug #341424)
 CVE-2006-1319 (chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little ...)
@@ -966,30 +966,28 @@
 	NOTE: Only an example, not in the binary package
 CVE-2006-1321 (Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 ...)
 	- webcheck 1.9.6
-begin claimed by jmm
 CVE-2006-0937 (U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: U.N.U. Mailgust
 CVE-2006-0936 (Free Host Shop Website Generator 3.3 allows remote authenticated users ...)
-	TODO: check
+	NOT-FOR-US: Free Host Shop Website Generator
 CVE-2006-0935 (Microsoft Word 2003 allows remote attackers to cause a denial of ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-0934 (Cross-site scripting (XSS) vulnerability in webinsta Limbo 1.0.4.2 ...)
-	TODO: check
+	NOT-FOR-US: webinsta Limbo
 CVE-2006-0933 (Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote ...)
-	TODO: check
+	NOT-FOR-US: PHPX
 CVE-2006-0932 (Directory traversal vulnerability in zip.lib.php 0.1.1 in ...)
-	TODO: check
+	NOT-FOR-US: zip.lib.php
 CVE-2006-0931 (Directory traversal vulnerability in PEAR::Archive_Tar 1.2 allows ...)
-	TODO: check
+	TODO: check, whether this is included in PEAR from PHP
 CVE-2006-0930 (Directory traversal vulnerability in Webmail in ArGoSoft Mail Server ...)
-	TODO: check
+	NOT-FOR-US: ArgoSoft Mail Server
 CVE-2006-0929 (Directory traversal vulnerability in the IMAP server in ArGoSoft Mail ...)
-	TODO: check
+	NOT-FOR-US: ArgoSoft Mail Server
 CVE-2006-0928 (The POP3 Server in ArGoSoft Mail Server Pro 1.8 allows remote ...)
-	TODO: check
+	NOT-FOR-US: ArgoSoft Mail Server
 CVE-2006-0927 (Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA ...)
-	TODO: check
-end claimed by jmm
+	NOT-FOR-US: Woltlab Burning Board 
 CVE-2006-0926 (Multiple directory traversal vulnerabilities in Allume StuffIt ...)
 	TODO: check
 CVE-2006-0925 (Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon ...)


