[Secure-testing-commits] r7233 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Tue Nov 6 22:09:21 UTC 2007 

Author: nion
Date: 2007-11-06 22:09:21 +0000 (Tue, 06 Nov 2007)
New Revision: 7233

Modified:
   data/CVE/list
Log:
CVE-2007-5837 fixed in yarssr 0.2.2-3
CVE-2007-5827 iscsitarget fixed in 0.4.15-5
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-11-06 21:43:24 UTC (rev 7232)
+++ data/CVE/list	2007-11-06 22:09:21 UTC (rev 7233)
@@ -1,71 +1,71 @@
 CVE-2007-5837 (GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, ...)
-	TODO: check
+	- yarssr 0.2.2-3 (bug #448721)
 CVE-2007-5836 (SQL injection vulnerability in Amazing Flash AFCommerce allows remote ...)
-	TODO: check
+	NOT-FOR-US: Amazing Flash AFCommerce
 CVE-2007-5835 (Install.php in BosDev BosNews 4 and 5 does not require authentication ...)
-	TODO: check
+	NOT-FOR-US: BosDev BosNews
 CVE-2007-5834 (Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows ...)
-	TODO: check
+	NOT-FOR-US: BosDev BosNews
 CVE-2007-5833 (Multiple cross-site scripting (XSS) vulnerabilities in BosDev ...)
-	TODO: check
+	NOT-FOR-US: BosDev BosMarket Business Directory System
 CVE-2007-5832 (Unspecified vulnerability in selectLanguage.do in SSL-Explorer before ...)
-	TODO: check
+	NOT-FOR-US: SSL-Explorer
 CVE-2007-5831 (Directory traversal vulnerability in fileSystem.do in SSL-Explorer ...)
-	TODO: check
+	NOT-FOR-US: SSL-Explorer
 CVE-2007-5830 (Unspecified vulnerability in the administrative interface in Avaya ...)
-	TODO: check
+	NOT-FOR-US: Avaya Messaging Storage Server
 CVE-2007-5829 (The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and ...)
-	TODO: check
+	NOT-FOR-US: Symantec AntiVirus
 CVE-2007-5828 (Cross-site request forgery (CSRF) vulnerability in the admin panel in ...)
 	TODO: check
 CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...)
-	TODO: check
+	- iscsitarget 0.4.15-5 (bug #448873)
 CVE-2007-5826 (Absolute path traversal vulnerability in the EDraw Flowchart ActiveX ...)
-	TODO: check
+	NOT-FOR-US: EDraw Flowchart
 CVE-2007-5825 (Format string vulnerability in the ws_addarg function in webserver.c ...)
-	TODO: check
+	NOT-FOR-US: Firefly Media Server
 CVE-2007-5824 (webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Firefly Media Server
 CVE-2007-5823 (Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 ...)
-	TODO: check
+	NOT-FOR-US: Ben Ng Scribe
 CVE-2007-5822 (Direct static code injection vulnerability in forum.php in Ben Ng ...)
-	TODO: check
+	NOT-FOR-US: Ben Ng Scribe
 CVE-2007-5821 (Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and ...)
-	TODO: check
+	NOT-FOR-US: DM Guestbook
 CVE-2007-5820 (Directory traversal vulnerability in index.php in Ax Developer CMS ...)
-	TODO: check
+	NOT-FOR-US: Ax Developer CMS
 CVE-2007-5819 (IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak ...)
-	TODO: check
+	NOT-FOR-US: IBM Tivoli
 CVE-2007-5818 (Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php ...)
-	TODO: check
+	NOT-FOR-US: sBlog
 CVE-2007-5817 (dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote ...)
-	TODO: check
+	NOT-FOR-US: CONTENTCustomizer
 CVE-2007-5816 (dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote ...)
-	TODO: check
+	NOT-FOR-US: CONTENTCustomizer
 CVE-2007-5815 (Absolute path traversal vulnerability in the WebCacheCleaner ActiveX ...)
-	TODO: check
+	NOT-FOR-US: WebCacheCleaner
 CVE-2007-5814 (Multiple buffer overflows in the SonicWall SSL-VPN NetExtender ...)
-	TODO: check
+	NOT-FOR-US: SonicWall SSL-VPN NetExtender
 CVE-2007-5813 (Multiple directory traversal vulnerabilities in download.php in ...)
-	TODO: check
+	NOT-FOR-US: ISPworker
 CVE-2007-5812 (Directory traversal vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: ModuleBuilder
 CVE-2007-5811 (** DISPUTED ** ...)
-	TODO: check
+	NOT-FOR-US: phpMyConferences
 CVE-2007-5810 (Hitachi Web Server 01-00 through 03-00-01, as used by certain ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Web Server
 CVE-2007-5809 (Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Web Server
 CVE-2007-5808 (Unspecified vulnerability in the Groupmax Collaboration - Schedule ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Groupmax Collaboration Portal
 CVE-2007-5807 (Buffer overflow in the register function in Ultra Star Reader ActiveX ...)
-	TODO: check
+	NOT-FOR-US: SSReader
 CVE-2007-5806 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2007-5805 (cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-5804 (cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-5803
 	RESERVED
 CVE-2007-5802 (Directory traversal vulnerability in index.php in Firewolf ...)
@@ -929,7 +929,7 @@
 CVE-2007-5604
 	RESERVED
 CVE-2007-5603 (Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender ...)
-	TODO: check
+	NOT-FOR-US: SonicWall SSL-VPN NetExtender
 CVE-2007-5602
 	RESERVED
 CVE-2007-5601 (Stack-based buffer overflow in the Database Component in MPAMedia.dll ...)
@@ -3667,11 +3667,11 @@
 CVE-2007-4624 (Cross-site scripting (XSS) vulnerability in pframe.php in AbleDesign ...)
 	NOT-FOR-US: AbleDesign Dynamic Picture Frame
 CVE-2007-4623 (Stack-based buffer overflow in the sendrmt function in bellmail in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-4622 (Integer underflow in the dns_name_fromtext function in (1) ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-4621 (Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-4620
 	RESERVED
 CVE-2007-4619 (Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC ...)
@@ -3915,7 +3915,7 @@
 CVE-2007-4514
 	RESERVED
 CVE-2007-4513 (Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-4512 (Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for ...)
 	NOT-FOR-US: Sophos Anti-Virus for Windows
 CVE-2007-4511 (The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply ...)
@@ -4576,7 +4576,7 @@
 CVE-2007-4218 (Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) ...)
 	NOT-FOR-US: Trend Micro ServerProtect
 CVE-2007-4217 (Stack-based buffer overflow in the domacro function in ftp in IBM AIX ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-4216 (vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before ...)
 	NOT-FOR-US: ZoneAlarm
 CVE-2007-4215
@@ -15262,7 +15262,7 @@
 CVE-2007-0012
 	RESERVED
 CVE-2007-0011 (The web portal interface in Citrix Access Gateway (aka Citrix Advanced ...)
-	TODO: check
+	NOT-FOR-US: Citrix Access Gateway
 CVE-2006-6836 (Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 ...)
 	NOT-FOR-US: IBM
 CVE-2006-6835 (SQL injection vulnerability in Journal.inc.php in Neocrome Land Down ...)

More information about the Secure-testing-commits mailing list