[Secure-testing-commits] r6424 - data/CVE

thijs at alioth.debian.org thijs at alioth.debian.org
Wed Aug 29 07:00:24 UTC 2007 

Author: thijs
Date: 2007-08-29 07:00:24 +0000 (Wed, 29 Aug 2007)
New Revision: 6424

Modified:
   data/CVE/list
Log:
update unimportant mantis issue
fetchmail denial of service: low
some nfu's


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-08-29 00:24:57 UTC (rev 6423)
+++ data/CVE/list	2007-08-29 07:00:24 UTC (rev 6424)
@@ -1,5 +1,5 @@
 CVE-2007-4580 (Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows ...)
-	TODO: check
+	NOT-FOR-US: BufferZone (Windows)
 CVE-2007-4579 (Heap-based buffer overflow in Microsoft MSN Messenger 7.x and Live ...)
 	NOT-FOR-US: MSN
 CVE-2007-4578 (Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows ...)
@@ -37,17 +37,17 @@
 	RESERVED
 	TODO: check
 CVE-2007-4566 (Multiple buffer overflows in the login mechanism in sidvault in Alpha ...)
-	TODO: check
+	NOT-FOR-US: SIDVault
 CVE-2007-4565 (fetchmail before 6.3.9 allows context-dependent attackers to cause a ...)
-	TODO: check
+	- fetchmail <unfixed> (low)
 CVE-2007-4564 (Cosminexus Manager in Cosminexus Application Server 07-00 and later ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Cosminexus
 CVE-2007-4563 (Cosminexus Manager in Cosminexus Application Server 06-50 and later ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Cosminexus
 CVE-2007-4562 (Unspecified vulnerability in Hitachi DABroker before 03-02-/D and ...)
-	TODO: check
+	NOT-FOR-US: Hitachi DABroker
 CVE-2007-4561 (Heap-based buffer overflow in the RTSP service in Helix DNA Server ...)
-	TODO: check
+	NOT-FOR-US: Helix DNA Server
 CVE-2007-4560 (clamav-milter in ClamAV before 0.91.2, when run in black hole mode, ...)
 	- clamav 0.91.2-1 (high)
 CVE-2007-4559 (Directory traversal vulnerability in the (1) extract and (2) ...)
@@ -12108,7 +12108,7 @@
 CVE-2006-6516 (Multiple PHP remote file inclusion vulnerabilities in KDPics 1.16 and ...)
 	NOT-FOR-US: KDPics
 CVE-2006-6515 (Mantis before 1.1.0a2 sets the default value of ...)
-	- mantis <unfixed> (unimportant)
+	- mantis 1.0.6+dfsg-1 (unimportant)
 	NOTE: http://www.mantisbt.org/bugs/print_bug_page.php?bug_id=5163
 	NOTE: Not a security bug, only a very annoying feature.
 CVE-2006-6514 (Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient ...)

More information about the Secure-testing-commits mailing list