[Secure-testing-commits] r4939 - data/CVE

Stefan Fritsch stef-guest at alioth.debian.org
Wed Nov 8 21:27:50 CET 2006 

Author: stef-guest
Date: 2006-11-08 21:27:49 +0100 (Wed, 08 Nov 2006)
New Revision: 4939

Modified:
   data/CVE/list
Log:
some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-08 20:16:37 UTC (rev 4938)
+++ data/CVE/list	2006-11-08 20:27:49 UTC (rev 4939)
@@ -374,43 +374,43 @@
 CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before ...)
 	NOT-FOR-US: Extended Tracker (xtracker) for Drupal
 CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 ...)
-	TODO: check
+	NOT-FOR-US: INCA IM-204
 CVE-2006-5606 (Multiple SQL injection vulnerabilities in BytesFall Explorer ...)
-	TODO: check
+	NOT-FOR-US: BytesFall Explorer (bfExplorer)
 CVE-2006-5605 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	TODO: check
+	NOT-FOR-US: phpCards
 CVE-2006-5604 (Directory traversal vulnerability in phpcards.header.php in phpCards ...)
-	TODO: check
+	NOT-FOR-US: phpCards
 CVE-2006-5603 (SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 ...)
 	NOT-FOR-US: Snitz Forums
 CVE-2006-5600 (Axalto Protiva 1.1, possibly only non-commercial versions, stores ...)
-	TODO: check
+	NOT-FOR-US: Axalto Protiva 
 CVE-2006-5599 (Cross-site scripting (XSS) vulnerability in Oracle Application Express ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2006-5598 (Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery ...)
-	TODO: check
+	NOT-FOR-US: GOOP Gallery
 CVE-2006-5597 (join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows ...)
 	NOT-FOR-US: MiniHTTP Web Forum
 CVE-2006-5596 (Directory traversal vulnerability in the SSL server in AEP Smartgate ...)
-	TODO: check
+	NOT-FOR-US: AEP Smartgate
 CVE-2006-5595 (Unspecified vulnerability in the AirPcap support in Wireshark ...)
 	- wireshark 0.99.4-1 (bug #396258)
 CVE-2006-5594 (PHP remote file inclusion vulnerability in University of British ...)
-	TODO: check
+	NOT-FOR-US: iPeer
 CVE-2006-5593 (Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow ...)
-	TODO: check
+	NOT-FOR-US: Desknet's (niokeru)
 CVE-2006-5592 (Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote attackers to ...)
 	NOT-FOR-US: PacPoll
 CVE-2006-5591 (Multiple SQL injection vulnerabilities in Admin/check.asp in PacPoll ...)
 	NOT-FOR-US: PacPoll
 CVE-2006-5590 (PHP remote file inclusion vulnerability in index.php in ArticleBeach ...)
-	TODO: check
+	NOT-FOR-US: ArticleBeach Script
 CVE-2006-5589 (Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and ...)
-	TODO: check
+	NOT-FOR-US: LedgerSMB (LSMB)
 CVE-2006-5588 (Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 ...)
-	TODO: check
+	NOT-FOR-US: CMS Faethon
 CVE-2006-5587 (Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and ...)
-	TODO: check
+	NOT-FOR-US: MDweb
 CVE-2006-5586
 	RESERVED
 CVE-2006-5585
@@ -452,21 +452,21 @@
 CVE-2006-5567 (Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before ...)
 	NOT-FOR-US: WinAmp
 CVE-2006-5566 (CRLF injection vulnerability in premium/index.php in Shop-Script ...)
-	TODO: check
+	NOT-FOR-US: Shop-Script
 CVE-2006-5565 (CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote ...)
-	TODO: check
+	NOT-FOR-US: MAXdev MD-Pro
 CVE-2006-5564 (Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro ...)
-	TODO: check
+	NOT-FOR-US: MAXdev MD-Pro
 CVE-2006-5563 (Unspecified vulnerability in Yahoo! Messenger (Service 18) before ...)
-	TODO: check
+	NOT-FOR-US: Yahoo! Messenger
 CVE-2006-5562 (PHP remote file inclusion vulnerability in include/database.php in ...)
-	TODO: check
+	NOT-FOR-US: SourceForge (gforge is not affected)
 CVE-2006-5561 (SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows ...)
-	TODO: check
+	NOT-FOR-US: Discuz! GBK
 CVE-2006-5560 (Cross-site scripting (XSS) vulnerability in heading.php in Boesch ...)
-	TODO: check
+	NOT-FOR-US: ProgSys
 CVE-2006-5559 (The ADODB.Connection 2.7 ActiveX control object (ADODB.Connection.2.7) ...)
-	TODO: check
+	NOT-FOR-US: ADODB.Connection 2.7 ActiveX control
 CVE-2006-5558 (Format string vulnerability in the swask command in HP-UX B.11.11 and ...)
 	NOT-FOR-US: HP-UX
 CVE-2006-5557 (Stack-based buffer overflow in the (1) swpackage and (2) swmodify ...)
@@ -474,9 +474,9 @@
 CVE-2006-5556 (Buffer overflow in the localtime_r function, and certain other ...)
 	NOT-FOR-US: swask
 CVE-2006-5555 (PHP remote file inclusion vulnerability in constantes.inc.php in ...)
-	TODO: check
+	NOT-FOR-US: EPNadmin
 CVE-2006-5554 (Directory traversal vulnerability in index.php in Imageview 5 allows ...)
-	TODO: check
+	NOT-FOR-US: Imageview
 CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 ...)
 	NOT-FOR-US: Cisco Security Agent 
 CVE-2006-5552 (Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and ...)

More information about the Secure-testing-commits mailing list