[Secure-testing-commits] r5325 - data/CVE

Eder L. Marques frolic-guest at alioth.debian.org
Mon Jan 22 20:29:22 CET 2007 

Author: frolic-guest
Date: 2007-01-22 20:29:20 +0100 (Mon, 22 Jan 2007)
New Revision: 5325

Modified:
   data/CVE/list
Log:
some NFUs fixed.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-22 19:03:24 UTC (rev 5324)
+++ data/CVE/list	2007-01-22 19:29:20 UTC (rev 5325)
@@ -115,7 +115,7 @@
 CVE-2007-0313 (Unspecified vulnerability in GONICUS System Administration (GOsa) ...)
 	- gosa 2.5.8-1 (medium)
 CVE-2007-0312 (wcSimple Poll stores sensitive information under the web root with ...)
-	TODO: check
+	NOT-FOR-US: wcSimple
 CVE-2007-0311 (Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier ...)
 	NOT-FOR-US: Texas Imperial Software WFTPD Pro Server
 CVE-2007-0310 (BMC Remedy Action Request System 5.01.02 Patch 1267 generates ...)
@@ -135,7 +135,7 @@
 CVE-2007-0303 (Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have ...)
 	NOT-FOR-US: Zina
 CVE-2007-0302 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP ...)
-	TODO: check
+	NOT-FOR-US: InstantASP
 CVE-2007-0301 (PHP remote file inclusion vulnerability in _admin/admin_menu.php in ...)
 	NOT-FOR-US: FdWeB
 CVE-2007-0300 (PHP remote file inclusion vulnerability in i-accueil.php in TLM CMS ...)
@@ -298,25 +298,25 @@
 CVE-2007-0232 (PHP remote file inclusion vulnerability in ...)
 	TODO: check
 CVE-2007-0231 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) 3.33, ...)
-	TODO: check
+	NOT-FOR-US: Movable Type
 CVE-2007-0230 (** DISPUTED ** PHP remote file inclusion vulnerability in install.php ...)
 	TODO: check
 CVE-2007-0229 (Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and ...)
 	TODO: check
 CVE-2007-0228 (The DataCollector service in EIQ Networks Network Security Analyzer ...)
-	TODO: check
+	NOT-FOR-US: EIQ Networks Network Security Analyzer
 CVE-2007-0227 (slocate 3.1 does not properly manage database entries that specify ...)
 	TODO: check
 CVE-2007-0226 (SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier ...)
-	TODO: check
+	NOT-FOR-US: uniForum
 CVE-2007-0225 (Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in ...)
-	TODO: check
+	NOT-FOR-US: Shopping Cart 
 CVE-2007-0224 (SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP ...)
-	TODO: check
+	NOT-FOR-US: Shopping Cart
 CVE-2007-0223 (SQL injection vulnerability in shared/code/cp_functions_downloads.php ...)
 	TODO: check
 CVE-2007-0222 (Directory traversal vulnerability in the EmChartBean server side ...)
-	TODO: check
+	NOT-FOR-US: Oracle Application Server
 CVE-2007-0221
 	RESERVED
 CVE-2007-0220
@@ -348,33 +348,33 @@
 CVE-2007-0207
 	RESERVED
 CVE-2007-0206 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...)
-	TODO: check
+	NOT-FOR-US: OpenView Network Node Manager
 CVE-2006-6939 (GNU ed before 0.3 allows local users to overwrite arbitrary files via ...)
 	TODO: check
 CVE-2006-6938 (Directory traversal vulnerability in includes/common.php in NitroTech ...)
 	TODO: check
 CVE-2006-6937 (SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo ...)
-	TODO: check
+	NOT-FOR-US: ASP Photo Gallery
 CVE-2006-6936 (Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery ...)
-	TODO: check
+	NOT-FOR-US: ASP Photo Gallery
 CVE-2006-6935 (SQL injection vulnerability in the login component in Portix-PHP 0.4.2 ...)
 	TODO: check
 CVE-2006-6934 (Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP ...)
 	TODO: check
 CVE-2006-6933 (Easy Chat Server 2.1 stores sensitive information under the web root ...)
-	TODO: check
+	NOT-FOR-US: Easy Chat Server
 CVE-2006-6932 (Multiple SQL injection vulnerabilities in Image Gallery with Access ...)
-	TODO: check
+	NOT-FOR-US: Image Gallery
 CVE-2006-6931 (Algorithmic complexity vulnerability in Snort before 2.6.1, during ...)
 	TODO: check
 CVE-2006-6930 (SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 ...)
-	TODO: check
+	NOT-FOR-US: Rapid Classified
 CVE-2006-6929 (Multiple cross-site scripting (XSS) vulnerabilities in Rapid ...)
-	TODO: check
+	NOT-FOR-US: Rapid Classified
 CVE-2006-6928 (Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 ...)
-	TODO: check
+	NOT-FOR-US: Rialto
 CVE-2006-6927 (Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote ...)
-	TODO: check
+	NOT-FOR-US: Rialto
 CVE-2006-6926 (Buffer overflow in eXtremail 2.1 has unknown impact and attack ...)
 	TODO: check
 CVE-2006-6925 (Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 ...)
@@ -388,7 +388,7 @@
 CVE-2006-6921 (Unspecified versions of the Linux kernel allows local users to cause a ...)
 	- linux-2.6 <unfixed> (low)
 CVE-2005-4823 (Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2007-XXXX [udev wrong permissions on raid devices]
 	- linux-2.6 <unfixed> (bug #404927)
 CVE-2007-XXXX [yacas insecure rpath]
@@ -404,7 +404,7 @@
 CVE-2007-XXXX [mysql 5.0 several DoS vulns]
 	- mysql-dfsg-5.0 5.0.32-1
 CVE-2007-0205 (Multiple directory traversal vulnerabilities in @lex Guestbook 4.0.2 ...)
-	TODO: @alex
+	NOT-FOR-US: @alex
 CVE-2006-6920 (Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows ...)
 	NOT-FOR-US: Nucleus
 CVE-2006-6919 (Firefox Sage extension 1.3.8 and earlier allows remote attackers to ...)

More information about the Secure-testing-commits mailing list