[Secure-testing-commits] r7035 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Sat Oct 20 11:18:55 UTC 2007 

Author: nion
Date: 2007-10-20 11:18:54 +0000 (Sat, 20 Oct 2007)
New Revision: 7035

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-20 11:14:25 UTC (rev 7034)
+++ data/CVE/list	2007-10-20 11:18:54 UTC (rev 7035)
@@ -75,33 +75,33 @@
 CVE-2007-5542
 	RESERVED
 CVE-2003-1400 (Cross-site scripting (XSS) vulnerability in the Your_Account module ...)
-	TODO: check
+	NOT-FOR-US: PhpNuke
 CVE-2003-1399 (eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, ...)
-	TODO: check
+	- eject 2.0.13-1
 CVE-2003-1398 (Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2003-1397 (The PluginContext object of Opera 6.05 and 7.0 allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2003-1396 (Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2003-1395 (Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: KaZaA Media Desktop
 CVE-2003-1394 (CoffeeCup Software Password Wizard 4.0 stores sensitive information ...)
-	TODO: check
+	NOT-FOR-US: CoffeeCup Software Password Wizard
 CVE-2003-1393 (Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Gupta SQLBase
 CVE-2003-1392 (CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to ...)
-	TODO: check
+	NOT-FOR-US: CryptoBuddy
 CVE-2003-1391 (RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the ...)
-	TODO: check
+	NOT-FOR-US: CryptoBuddy
 CVE-2003-1390 (RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a ...)
-	TODO: check
+	NOT-FOR-US: CryptoBuddy
 CVE-2003-1389 (RTS CryptoBuddy 1.2 and earlier truncates long passphrases without ...)
-	TODO: check
+	NOT-FOR-US: CryptoBuddy
 CVE-2003-1388 (Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2003-1387 (Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2003-1386 (AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to ...)
 	NOT-FOR-US: AXIS 2400 Video Server
 CVE-2003-1385 (ipchat.php in Invision Power Board 1.1.1 allows remote attackers to ...)
@@ -161,11 +161,11 @@
 CVE-2002-2291 (Calisto Internet Talker 0.04 and earlier allows remote attackers to ...)
 	NOT-FOR-US: Calisto Internet Talker
 CVE-2002-2290 (Mambo Site Server 4.0.11 installs with a default username and password ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2289 (soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows ...)
 	NOT-FOR-US: BadBlue
 CVE-2002-2288 (Mambo Site Server 4.0.11 allows remote attackers to obtain the ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2287 (PHP remote file inclusion vulnerability in quick_reply.php for phpBB ...)
 	NOT-FOR-US: phpBB Advanced Quick Reply Hack
 CVE-2002-2286 (The parse-get function in utils.c for apt-www-proxy 0.1 allows remote ...)
@@ -173,15 +173,15 @@
 CVE-2002-2285 (eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may ...)
 	NOT-FOR-US: eTrust
 CVE-2002-2284 (Netscape Communicator 4.0 through 4.79 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2283 (Microsoft Windows XP with Fast User Switching (FUS) enabled does not ...)
 	NOT-FOR-US: Microsoft Windows XP
 CVE-2002-2282 (McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, ...)
 	NOT-FOR-US: McAfee VirusScan
 CVE-2002-2281 (Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2280 (syslogd on OpenBSD 2.9 through 3.2 does not change the source IP ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2279 (Unspecified vulnerability in the bind function in config.inc of aldap 0.09 ...)
 	NOT-FOR-US: aldap
 CVE-2002-2278 (Cross-site scripting (XSS) vulnerability in mod_search/index.php in ...)
@@ -197,7 +197,7 @@
 CVE-2002-2273 (Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows ...)
 	NOT-FOR-US: Webster HTTP Server
 CVE-2002-2272 (Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2271 (Buffer overflow in BigFun 1.51b IRC client, when the Direct Client ...)
 	NOT-FOR-US: BigFun
 CVE-2002-2270 (Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and ...)
@@ -224,7 +224,7 @@
 	{DSA-218}
 	- bugzilla 2.14.2-1
 CVE-2002-2259 (Buffer overflow in the French documentation patch for Gnuplot 3.7 in ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2000-1244 (Computer Associates InoculateIT Agent for Exchange Server does not ...)
 	NOT-FOR-US: Exchange Server
 CVE-2007-5541 (Unspecified vulnerability in Opera before 9.24, when using an ...)
@@ -388,7 +388,7 @@
 CVE-2003-1363 (The remote web management interface of Aprelium Technologies Abyss Web ...)
 	NOT-FOR-US: Abyss Web Server
 CVE-2003-1362 (Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly ...)
-	TODO: check
+	NOT-FOR-US: HP-UX
 CVE-2003-1361 (Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli ...)
 	NOT-FOR-US: HP-UX
 CVE-2003-1360 (Buffer overflow in the setupterm function of (1) lanadmin and (2) ...)

More information about the Secure-testing-commits mailing list