[Secure-testing-commits] r3930 - data/CVE

Stefan Fritsch stef-guest at costa.debian.org
Tue May 9 19:46:49 UTC 2006 

Author: stef-guest
Date: 2006-05-09 19:46:45 +0000 (Tue, 09 May 2006)
New Revision: 3930

Modified:
   data/CVE/list
Log:
tiff bugnum; some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-09 19:32:30 UTC (rev 3929)
+++ data/CVE/list	2006-05-09 19:46:45 UTC (rev 3930)
@@ -285,7 +285,7 @@
 CVE-2006-2134 (PHP remote file inclusion vulnerability in /includes/kb_constants.php ...)
 	TODO: check
 CVE-2005-4794 (Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2006-2148 (Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 ...)
 	- cgiirc <unfixed> (bug #365680; medium)
 	[sarge] - cgiirc <unfixed> (bug #365680; medium)
@@ -317,7 +317,7 @@
 CVE-2006-2121 (PHP remote file include vulnerability in admin/config_settings.tpl.php ...)
 	TODO: check
 CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...)
-	- tiff 3.8.1 (bug filed; medium)
+	- tiff 3.8.1 (bug #366588; medium)
 CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in Artmedic ...)
 	TODO: check
 CVE-2006-2118 (JMK's Picture Gallery allows remote attackers to bypass authentication ...)
@@ -335,7 +335,7 @@
 CVE-2006-2112
 	RESERVED
 CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly other ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...)
 	TODO: check
 CVE-2006-2109 (Cross-site scripting (XSS) vulnerability in the parse_query_str ...)
@@ -369,13 +369,13 @@
 CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of service ...)
 	TODO: check
 CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-complicit ...)
 	TODO: check
 CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for Windows ...)
 	TODO: check
 CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Virtual War
 CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x ...)
 	TODO: check
 CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in ...)
@@ -383,11 +383,11 @@
 CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open ...)
 	TODO: check
 CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Groupmax
 CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx ...)
-	TODO: check
+	NOT-FOR-US: juniper SSL-VPN
 CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in ...)
-	TODO: check
+	NOT-FOR-US: SpeedProject Squeez
 CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 ...)
 	TODO: check
 CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended ...)
@@ -397,7 +397,7 @@
 CVE-2006-2082
 	RESERVED
 CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky ...)
 	TODO: check
 CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky ...)
@@ -411,7 +411,7 @@
 CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to ...)
 	TODO: check
 CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series routers ...)
-	TODO: check
+	NOT-FOR-US: Juniper Networks JUNOSe
 CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to cause ...)
 	TODO: check
 CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and ...)
@@ -421,7 +421,7 @@
 CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...)
 	TODO: check
 CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to execute a ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...)
 	TODO: check
 CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 ...)
@@ -429,7 +429,7 @@
 CVE-2006-2069 (The recursor in PowerDNS before 3.0.1 allows remote attackers to cause ...)
 	TODO: check
 CVE-2006-2068 (Unspecified vulnerability in Hitachi JP1 products allow remote ...)
-	TODO: check
+	NOT-FOR-US: Hitachi JP1
 CVE-2006-2067 (SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, ...)
 	TODO: check
 CVE-2006-2066 (Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in ...)
@@ -455,9 +455,9 @@
 CVE-2006-2056 (Argument injection vulnerability in Internet Explorer 6 for Windows XP ...)
 	TODO: check
 CVE-2006-2055 (Argument injection vulnerability in Micrsoft Outlook 2003 SP1 allows ...)
-	TODO: check
+	NOT-FOR-US: Micrsoft Outlook
 CVE-2006-2054 (3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before ...)
-	TODO: check
+	NOT-FOR-US: 3Com
 CVE-2006-2053 (Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier ...)
 	TODO: check
 CVE-2006-2052 (Cross-site scripting (XSS) vulnerability in Verosky Media Instant ...)
@@ -505,7 +505,7 @@
 CVE-2006-2031 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin ...)
 	TODO: check
 CVE-2006-2030 (The Allied Telesyn AT-9724TS switch allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: Allied Telesyn
 CVE-2006-2029 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog ...)
 	TODO: check
 CVE-2006-2028 (Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy ...)

More information about the Secure-testing-commits mailing list