[Secure-testing-commits] r4938 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Wed Nov 8 21:16:38 CET 2006 

Author: stef-guest
Date: 2006-11-08 21:16:37 +0100 (Wed, 08 Nov 2006)
New Revision: 4938

Modified:
   data/CVE/list
Log:
some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-08 20:14:45 UTC (rev 4937)
+++ data/CVE/list	2006-11-08 20:16:37 UTC (rev 4938)
@@ -175,7 +175,7 @@
 CVE-2006-5705 (Directory traversal vulnerability in plugins/wp-db-backup.php in ...)
 	TODO: check
 CVE-2006-5704 (HP NonStop Server G06.29, when running Standard Security T6533G06 ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in tiki-featured_link.php in ...)
 	- tikiwiki 1.9.6+dfsg-1 (low)
 CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information ...)
@@ -227,63 +227,63 @@
 CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows ...)
 	TODO: check
 CVE-2006-5678 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: Les Visiteurs
 CVE-2006-5677 (resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and ...)
-	TODO: check
+	NOT-FOR-US: TORQUE Resource Manager
 CVE-2006-5676 (SQL injection vulnerability in consult/classement.php in Uni-Vert ...)
-	TODO: check
+	NOT-FOR-US: PhpLeague
 CVE-2006-5675 (Multiple unspecified vulnerabilities in Pentaho Business Intelligence ...)
-	TODO: check
+	NOT-FOR-US: Pentaho Business Intelligence (BI) Suite
 CVE-2006-5674 (Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and ...)
-	TODO: check
+	NOT-FOR-US: miniBB
 CVE-2006-5673 (PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB ...)
-	TODO: check
+	NOT-FOR-US: miniBB
 CVE-2006-5672 (PHP remote file inclusion vulnerability in web/init_mysource.php in ...)
-	TODO: check
+	NOT-FOR-US: MySource CMS
 CVE-2006-5671 (PHP remote file inclusion vulnerability in contact.php in Free Image ...)
-	TODO: check
+	NOT-FOR-US: Free Image Hosting
 CVE-2006-5670 (PHP remote file inclusion vulnerability in forgot_pass.php in Free ...)
-	TODO: check
+	NOT-FOR-US: Free Image Hosting
 CVE-2006-5669 (PHP remote file inclusion vulnerability in gestion/savebackup.php in ...)
-	TODO: check
+	NOT-FOR-US: Gepi
 CVE-2006-5668 (Unspecified vulnerability in Ampache 3.3.2 and earlier, when ...)
-	TODO: check
+	NOT-FOR-US: Ampache
 CVE-2006-5667 (Multiple PHP remote file inclusion vulnerabilities in P-Book 1.17 and ...)
-	TODO: check
+	NOT-FOR-US: P-Book
 CVE-2006-5666 (SQL injection vulnerability in includes/menu.inc.php in E-Annu 1.0 ...)
-	TODO: check
+	NOT-FOR-US: E-Annu
 CVE-2006-5665 (PHP remote file inclusion vulnerability in admin/modules_data.php in ...)
-	TODO: check
+	NOT-FOR-US: phpBB module Spider Friendly
 CVE-2006-5664 (The installation script in IBM Informix Dynamic Server 10.00, Informix ...)
-	TODO: check
+	NOT-FOR-US: IBM Informix
 CVE-2006-5663 (IBM Informix Dynamic Server 10.00, Informix Client Software ...)
-	TODO: check
+	NOT-FOR-US: IBM Informix
 CVE-2006-5662 (SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows ...)
-	TODO: check
+	NOT-FOR-US: easy notesManager (eNM)
 CVE-2006-5661 (Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech ...)
-	TODO: check
+	NOT-FOR-US: Netquery
 CVE-2006-5660 (Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2006-5659 (PAM_extern before 0.2 sends a password as a command line argument, ...)
-	TODO: check
+	NOT-FOR-US: PAM_extern
 CVE-2006-5658 (BlooMooWeb ActiveX control (AidemATL.dll) allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: BlooMooWeb ActiveX control
 CVE-2006-5657 (Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 ...)
-	TODO: check
+	NOT-FOR-US: Vilistextum
 CVE-2006-5656 (Memory leak in the push_align function in src/util.c in Vilistextum ...)
-	TODO: check
+	NOT-FOR-US: Vilistextum
 CVE-2006-5655 (SQL injection vulnerability in index.php in OpenDocMan 1.2p3 allows ...)
-	TODO: check
+	NOT-FOR-US: OpenDocMan
 CVE-2006-5654 (Unspecified vulnerability in the Network Security Services (NSS) in ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System Web Server
 CVE-2006-5653 (Cross-site scripting (XSS) vulnerability in the errorHTML function in ...)
-	TODO: check
+	NOT-FOR-US: Sun Java System Messenger Express
 CVE-2006-5652 (Cross-site scripting (XSS) vulnerability in Sun iPlanet Messaging ...)
-	TODO: check
+	NOT-FOR-US: Sun
 CVE-2006-5651 (list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: DigiOz Guestbook
 CVE-2006-5650 (The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ ...)
-	TODO: check
+	NOT-FOR-US: ICQPhone.SipxPhoneManager
 CVE-2006-XXXX [phpmyadmin XSS (PMASA-2006-6)]
 	- phpmyadmin 4:2.9.0.3-1 (low; bug #396638)
 	[sarge]	- phpmyadmin <not-affected> (Vulnerable code not present)
@@ -302,77 +302,77 @@
 CVE-2006-5644
 	RESERVED
 CVE-2006-5643 (Cross-site scripting (XSS) vulnerability in search_de.html in foresite ...)
-	TODO: check
+	NOT-FOR-US: foresite CMS
 CVE-2006-5642 (Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown ...)
-	TODO: check
+	NOT-FOR-US: NmnLogger
 CVE-2006-5641 (SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams ...)
 	NOT-FOR-US: Techno Dreams
 CVE-2006-5640 (SQL injection vulnerability in guestbookview.asp in Techno Dreams ...)
 	NOT-FOR-US: Techno Dreams
 CVE-2006-5639 (Unspecified vulnerability in the random number generator in OpenWBEM ...)
-	TODO: check
+	NOT-FOR-US: OpenWBEM
 CVE-2006-5638 (Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing ...)
-	TODO: check
+	NOT-FOR-US: PHPMyRing
 CVE-2006-5637 (PHP remote file inclusion vulnerability in faq_reply.php in Faq ...)
-	TODO: check
+	NOT-FOR-US: Faq Administrator
 CVE-2006-5636 (PHP remote file inclusion vulnerability in common.php in Simple ...)
-	TODO: check
+	NOT-FOR-US: Simple Website Software
 CVE-2006-5635 (SQL injection vulnerability in forum/search.asp in Web Wiz Forums ...)
-	TODO: check
+	NOT-FOR-US: Web Wiz Forums
 CVE-2006-5634 (Multile PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...)
-	TODO: check
+	NOT-FOR-US: phpProfiles
 CVE-2006-5633 (Firefox 1.5.0.7 and 2.0 allows remote attackers to cause a denial of ...)
 	TODO: check
 CVE-2006-5632 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
-	TODO: check
+	NOT-FOR-US: iG Shop
 CVE-2006-5631 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
-	TODO: check
+	NOT-FOR-US: iG Shop
 CVE-2006-5630 (Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Hosting Controller
 CVE-2006-5629 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 ...)
-	TODO: check
+	NOT-FOR-US: Hosting Controller
 CVE-2006-5628 (SQL injection vulnerability in login.asp in UNISOR Content Management ...)
-	TODO: check
+	NOT-FOR-US: UNISOR Content Management System (CMS)
 CVE-2006-5627 (Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and ...)
-	TODO: check
+	NOT-FOR-US: QnECMS
 CVE-2006-5626 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: phpFaber
 CVE-2006-5625 (PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in ...)
-	TODO: check
+	NOT-FOR-US: N/X 2002 Professional Edition Web Content Management System (WCMS) 
 CVE-2006-5624 (Multiple PHP remote file inclusion vulnerabilities in Multi-Page ...)
-	TODO: check
+	NOT-FOR-US: Multi-Page Comment System (MPCS)
 CVE-2006-5623 (PHP remote file inclusion vulnerability in ip.inc.php in Electronic ...)
-	TODO: check
+	NOT-FOR-US: Electronic Engineering Tool (EE Tool)
 CVE-2006-5622 (SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery ...)
-	TODO: check
+	NOT-FOR-US: Coppermine Photo Gallery
 CVE-2006-5621 (PHP remote file inclusion vulnerability in end.php in ask_rave 0.9 PR ...)
-	TODO: check
+	NOT-FOR-US: ask_rave
 CVE-2006-5620 (PHP remote file inclusion vulnerability in include/menu_builder.php in ...)
-	TODO: check
+	NOT-FOR-US: MiniBILL
 CVE-2006-5619 (The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in ...)
 	- linux-2.6 2.6.18-4 (low)
 CVE-2006-5618 (Directory traversal vulnerability in script/cat_for_aff.php in Netref ...)
-	TODO: check
+	NOT-FOR-US: Netref
 CVE-2006-5617 (Directory traversal vulnerability in index.php in Thepeak File Upload ...)
-	TODO: check
+	NOT-FOR-US: Thepeak File Upload Manager
 CVE-2006-5616 (Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux ...)
-	TODO: check
+	NOT-FOR-US: OpenPBS
 CVE-2006-5615 (PHP remote file inclusion vulnerability in publish.php in Textpattern ...)
-	TODO: check
+	NOT-FOR-US: Textpattern
 CVE-2006-5614 (Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-5613 (PHP remote file inclusion in Core/core.inc.php in MP3 Streaming ...)
-	TODO: check
+	NOT-FOR-US: MP3 Streaming DownSampler (mp3SDS)
 CVE-2006-5612 (PHP remote file inclusion vulnerability in aide.php3 in GestArt beta ...)
-	TODO: check
+	NOT-FOR-US: GestArt
 CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 ...)
-	TODO: check
+	NOT-FOR-US: Toshiba
 CVE-2006-5610 (PHP remote file inclusion vulnerability in player/includes/common.php ...)
-	TODO: check
+	NOT-FOR-US: Teake Nutma Foing
 CVE-2006-5609 (Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows ...)
 	- torrentflux 2.1-5 (bug #395930; medium)
 CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before ...)
-	TODO: check
+	NOT-FOR-US: Extended Tracker (xtracker) for Drupal
 CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 ...)
 	TODO: check
 CVE-2006-5606 (Multiple SQL injection vulnerabilities in BytesFall Explorer ...)

More information about the Secure-testing-commits mailing list