[Secure-testing-commits] r3998 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Sat May 20 12:08:55 UTC 2006
Author: alec-guest
Date: 2006-05-20 12:08:51 +0000 (Sat, 20 May 2006)
New Revision: 3998
Modified:
data/CVE/list
Log:
* Many NFUs
* Critical Nagios remote vulnerability; Secunia says that Debian's maintainer
found it, but I'm going to file bugs to keep track of things.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-20 09:34:12 UTC (rev 3997)
+++ data/CVE/list 2006-05-20 12:08:51 UTC (rev 3998)
@@ -1,23 +1,24 @@
CVE-2006-2492 (Buffer overflow in Microsoft Word XP and Word 2003 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-2491 (Cross-site scripting (XSS) vulnerability in (1) index.php and (2) ...)
- TODO: check
+ NOT-FOR-US: BoastMachine
CVE-2006-2490 (Multiple cross-site scripting (XSS) vulnerabilities in Mobotix IP ...)
- TODO: check
+ NOT-FOR-US: Mobotix
CVE-2006-2489 (Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x ...)
- TODO: check
+ - nagios <unfixed> (high)
+ - nagios2 <unfixed> (high)
CVE-2006-2488 (Multiple cross-site scripting (XSS) vulnerabilities in Spymac WebOS ...)
- TODO: check
+ NOT-FOR-US: Spymac
CVE-2006-2487 (Multiple PHP remote file inclusion vulnerabilities in ScozNews 1.2.1 ...)
- TODO: check
+ NOT-FOR-US: ScozNews
CVE-2006-2486 (SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier ...)
- TODO: check
+ NOT-FOR-US: YapBB
CVE-2006-2485 (PHP remote file inclusion vulnerability in includes/class_template.php ...)
- TODO: check
+ NOT-FOR-US: Quezza
CVE-2006-2484 (Cross-site scripting (XSS) vulnerability in index.html in IceWarp ...)
- TODO: check
+ NOT-FOR-US: IceWarp
CVE-2006-2483 (PHP remote file inclusion vulnerability in cart_content.php in ...)
- TODO: check
+ NOT-FOR-US: Squirrelcart
CVE-2006-2482
RESERVED
CVE-2006-2481
More information about the Secure-testing-commits
mailing list