[Secure-testing-commits] r6413 - data/CVE
stef-guest at alioth.debian.org
stef-guest at alioth.debian.org
Mon Aug 27 20:41:52 UTC 2007
Author: stef-guest
Date: 2007-08-27 20:41:52 +0000 (Mon, 27 Aug 2007)
New Revision: 6413
Modified:
data/CVE/list
Log:
some minor IRC script issues
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-08-27 11:08:58 UTC (rev 6412)
+++ data/CVE/list 2007-08-27 20:41:52 UTC (rev 6413)
@@ -133,19 +133,25 @@
CVE-2007-4401 (Multiple CRLF injection vulnerabilities in the Advanced mIRC ...)
NOT-FOR-US: mirc
CVE-2007-4400 (CRLF injection vulnerability in the included media script in ...)
- TODO: check
+ - konversation <unfixed> (low; bug #439837)
+ [etch] - konversation <no-dsa> (minor issue)
+ [sarge] - konversation <no-dsa> (minor issue)
CVE-2007-4399 (CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX ...)
- TODO: check
+ NOT-FOR-US: xmms.bx 1.0 script for BitchX (not included in Debian package)
CVE-2007-4398 (Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and ...)
- TODO: check
+ - irssi-scripts <unfixed> (low; bug #439840)
+ - weechat-scripts <unfixed> (low; bug #439839)
+ [etch] - irssi-scripts <no-dsa> (minor issue)
+ [etch] - weechat-scripts <no-dsa> (minor issue)
+ [sarge] - irssi-scripts <no-dsa> (minor issue)
CVE-2007-4397 (Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) ...)
- TODO: check
+ NOT-FOR-US: various IRC now_playing scripts
CVE-2007-4396 (Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) ...)
TODO: check
CVE-2007-4395 (Multiple unspecified vulnerabilities in the Role Based Access Control ...)
- TODO: check
+ NOT-FOR-US: Sun Solaris 8
CVE-2007-4394 (Unspecified vulnerability in a "core clean" cron job created by the ...)
- TODO: check
+ NOT-FOR-US: findutils-locate on SUSE Linux
CVE-2007-4393 (The installation script for orarun on SUSE Linux before 20070810 ...)
NOT-FOR-US: oracle
CVE-2007-4392 (Winamp 5.35 allows remote attackers to cause a denial of service ...)
@@ -155,15 +161,15 @@
CVE-2007-4390 (The Command Line Interface (CLI) on the BlueCat Networks Adonis ...)
NOT-FOR-US: BlueCat
CVE-2007-4389 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire ...)
- TODO: check
+ NOT-FOR-US: 2wire
CVE-2007-4388 (2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly ...)
- TODO: check
+ NOT-FOR-US: 2wire
CVE-2007-4387 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire ...)
- TODO: check
+ NOT-FOR-US: 2wire
CVE-2007-4386 (SQL injection vulnerability in search.php in GetMyOwnArcade allows ...)
- TODO: check
+ NOT-FOR-US: GetMyOwnArcade
CVE-2007-4385 (OWASP Stinger before 2.5 allows remote attackers to bypass input ...)
- TODO: check
+ NOT-FOR-US: Stinger
CVE-2007-4384 (Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in ...)
NOT-FOR-US: Stephane Pineau VOTE
CVE-2007-4383 (** DISPUTED ** ...)
More information about the Secure-testing-commits
mailing list