[Secure-testing-commits] r5302 - data/CVE
Alex de Oliveira Silva
enerv-guest at alioth.debian.org
Fri Jan 19 15:22:42 CET 2007
Author: enerv-guest
Date: 2007-01-19 15:22:39 +0100 (Fri, 19 Jan 2007)
New Revision: 5302
Modified:
data/CVE/list
Log:
some NFUs added.
new gosa and phpmyadmin issue fixed.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-01-19 09:15:33 UTC (rev 5301)
+++ data/CVE/list 2007-01-19 14:22:39 UTC (rev 5302)
@@ -1,5 +1,5 @@
CVE-2007-0363 (Cross-site scripting (XSS) vulnerability in admin-search.php in (1) ...)
- TODO: check
+ NOT-FOR-US: Openads
CVE-2007-0362 (Cross-site scripting (XSS) vulnerability in the RSS feed component in ...)
TODO: check
CVE-2007-0361 (PHP remote file inclusion vulnerability in mep/frame.php in ...)
@@ -15,15 +15,15 @@
CVE-2007-0356 (The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ...)
TODO: check
CVE-2007-0355 (Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2007-0354 (SQL injection vulnerability in email.php in MGB OpenSource Guestbook ...)
TODO: check
CVE-2007-0353 (Cross-site scripting (XSS) vulnerability in (1) index.php and (2) ...)
TODO: check
CVE-2007-0352 (Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-0351 (Microsoft Windows XP and Windows Server 2003 do not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2007-0350 (Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php ...)
TODO: check
CVE-2007-0349 (Directory traversal vulnerability in upgrade.php in nicecoder.com ...)
@@ -39,33 +39,33 @@
CVE-2007-0344 (Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) ...)
TODO: check
CVE-2007-0343 (OpenBSD before 20070116 allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: OpenBSD
CVE-2007-0342 (WebCore in Apple WebKit build 18794 allows remote attackers to cause a ...)
- TODO: check
+ NOT-FOR-US: Apple WebKit
CVE-2007-0341 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and ...)
- TODO: check
+ - phpmyadmin 4:2.9.1.1-2 (medium)
CVE-2007-0340 (SQL injection vulnerability in inc/header.inc.php in ThWboard ...)
- TODO: check
+ NOT-FOR-US: ThWboard
CVE-2007-0339 (SQL injection vulnerability in index.php (aka the login form) in ...)
TODO: check
CVE-2007-0338 (Heap-based buffer overflow in Dream FTP Server allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: BolinTech Dream FTP Server
CVE-2007-0337 (Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and ...)
- TODO: check
+ NOT-FOR-US: KGB
CVE-2007-0336 (Undercover.app/Contents/Resources/uc in Rixstep Undercover allows ...)
- TODO: check
+ NOT-FOR-US: Rixstep
CVE-2007-0335 (Multiple directory traversal vulnerabilities in Jax Petition Book ...)
- TODO: check
+ NOT-FOR-US: Jax Petition Book
CVE-2007-0334 (Unspecified vulnerability in the SIP module in InGate Firewall and ...)
- TODO: check
+ NOT-FOR-US: Outpost Firewall Pro
CVE-2007-0333 (Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access ...)
- TODO: check
+ NOT-FOR-US: Outpost Firewall Pro
CVE-2007-0332 ((1) admin/adminlien.php3 and (2) admin/modif.php3 in liens_dynamiques ...)
TODO: check
CVE-2007-0331 (Cross-site scripting (XSS) vulnerability in liens.php3 in ...)
TODO: check
CVE-2007-0330 (Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch ...)
- TODO: check
+ NOT-FOR-US: Ipswitch WS_FTP
CVE-2007-0329 (download.php in Joonas Viljanen JV2 Folder Gallery allows remote ...)
TODO: check
CVE-2007-0328
@@ -89,59 +89,61 @@
CVE-2007-0319
RESERVED
CVE-2007-0318 (The do_hfs_truncate function in Mac OS X 10.4.8 allows ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS
CVE-2007-0317 (Format string vulnerability in the LogMessage function in FileZilla ...)
- TODO: check
+ NOT-FOR-US: FileZilla
CVE-2007-0316 (Multiple SQL injection vulnerabilities in All In One Control Panel ...)
- TODO: check
+ NOT-FOR-US: All In One Control Panel (AIOCP)
CVE-2007-0315 (Multiple buffer overflows in FileZilla before 2.2.30a allow remote ...)
- TODO: check
+ NOT-FOR-US: FileZilla
CVE-2007-0314 (Multiple PHP remote file inclusion vulnerabilities in Article System ...)
- TODO: check
+ NOT-FOR-US: Article System
CVE-2007-0313 (Unspecified vulnerability in GONICUS System Administration (GOsa) ...)
- TODO: check
+ - gosa 2.5.8-1 (medium)
CVE-2007-0312 (wcSimple Poll stores sensitive information under the web root with ...)
TODO: check
CVE-2007-0311 (Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier ...)
- TODO: check
+ NOT-FOR-US: Texas Imperial Software WFTPD Pro Server
CVE-2007-0310 (BMC Remedy Action Request System 5.01.02 Patch 1267 generates ...)
- TODO: check
+ NOT-FOR-US: BMC Software
CVE-2007-0309 (SQL injection vulnerability in blocks/block-Old_Articles.php in ...)
TODO: check
CVE-2007-0308 (Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before ...)
- TODO: check
+ NOT-FOR-US: Poplar Gedcom Viewer
CVE-2007-0307 (PHP remote file inclusion vulnerability in include/common.php in ...)
TODO: check
CVE-2007-0306 (SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate ...)
- TODO: check
+ NOT-FOR-US: Digiappz
CVE-2007-0305 (SQL injection vulnerability in etkinlikbak.asp in Okul Web Otomasyon ...)
- TODO: check
+ NOT-FOR-US: Okul Merkezi Portal
CVE-2007-0304 (SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 ...)
- TODO: check
+ NOT-FOR-US: MiNT Haber Sistemi
CVE-2007-0303 (Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have ...)
- TODO: check
+ NOT-FOR-US: Zina
CVE-2007-0302 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP ...)
TODO: check
CVE-2007-0301 (PHP remote file inclusion vulnerability in _admin/admin_menu.php in ...)
- TODO: check
+ NOT-FOR-US: FdWeB
CVE-2007-0300 (PHP remote file inclusion vulnerability in i-accueil.php in TLM CMS ...)
- TODO: check
+ NOT-FOR-US: TLM CMS
CVE-2007-0299 (Integer overflow in the byte_swap_sbin function in ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS
CVE-2007-0298 (PHP remote file inclusion vulnerability in show.php in LunarPoll, when ...)
TODO: check
CVE-2006-6944 (phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...)
- TODO: check
-CVE-2006-6943 (hpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...)
- TODO: check
+ - phpmyadmin 4:2.9.1.1-2 (medium)
+CVE-2006-6943 [phpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...]
+ - phpmyadmin 4:2.9.1.1-2 (medium)
+ NOTE: Fixed name in CVE.
CVE-2006-6942 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin ...)
- TODO: check
+ - phpmyadmin 4:2.9.1.1-2 (medium)
+ NOTE: All versions 2.9.1 is vulnerable, solution is 2.9.1.1 or newer.
CVE-2006-6941 (index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: FreeWebshop
CVE-2006-6940 (Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP ...)
- TODO: check
+ NOT-FOR-US: OWA
CVE-2003-1318 (Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Twilight Webserver
CVE-2007-0297 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD ...)
NOT-FOR-US: Oracle
CVE-2007-0296 (Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD ...)
More information about the Secure-testing-commits
mailing list