[Secure-testing-commits] r8515 - data/CVE

micah at alioth.debian.org micah at alioth.debian.org
Sat Apr 12 13:26:57 UTC 2008 

Author: micah
Date: 2008-04-12 13:26:55 +0000 (Sat, 12 Apr 2008)
New Revision: 8515

Modified:
   data/CVE/list
Log:
a few NFUs before mitre stopped responding, and some old issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-04-12 11:40:28 UTC (rev 8514)
+++ data/CVE/list	2008-04-12 13:26:55 UTC (rev 8515)
@@ -218,9 +218,9 @@
 CVE-2008-1602 (Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows ...)
 	NOT-FOR-US: Orbit downloader
 CVE-2003-1557 (Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, ...)
-	TODO: check
+	- spamassassin 3.1.7-2
 CVE-2003-1556 (Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI ...)
-	TODO: check
+	NOT-FOR-US: CGI City CC Guestbook
 CVE-2008-1601 (Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and ...)
 	NOT-FOR-US: IBM AIX
 CVE-2008-1600 (The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly ...)
@@ -361,11 +361,11 @@
 CVE-2005-4874 (The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE ...)
 	TODO: check
 CVE-2003-1555 (ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: ScozNet ScozBook
 CVE-2003-1554 (Cross-site scripting (XSS) vulnerability in scozbook/add.php in ...)
-	TODO: check
+	NOT-FOR-US: ScozNet ScozBook
 CVE-2003-1553 (Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores ...)
-	TODO: check
+	NOT-FOR-US: Haakon Nilsen Simple Internet Publishing System
 CVE-2008-1570 (Race condition in the create_lockpath function in policyd-weight ...)
 	{DSA-1531-2}
 	- policyd-weight 0.1.14.17-1 (low)
@@ -676,7 +676,7 @@
 CVE-2007-6711 (Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, ...)
 	NOT-FOR-US: FreeWebShop.org
 CVE-2005-4873 (Multiple stack-based buffer overflows in the phpcups PHP module for ...)
-	TODO: check
+	- cupsys 1.1.23-10sarge1
 CVE-2008-1476 (Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before ...)
 	{DSA-1528-1}
 	- serendipity 1.3-1
@@ -1877,6 +1877,7 @@
 	RESERVED
 CVE-2008-0884 (The Replace function in the capp-lspp-config script in the (1) ...)
 	TODO: check
+	NOTE: Seems Redhat specific
 CVE-2008-0882 (Double free vulnerability in the process_browse_data function in CUPS ...)
 	{DSA-1530-1 DTSA-117-1}
 	- cupsys 1.3.6-1 (medium; bug #467653)
@@ -2254,13 +2255,13 @@
 CVE-2008-0712
 	RESERVED
 CVE-2008-0711 (Unspecified vulnerability in the embedded management console in HP ...)
-	TODO: check
+	NOT-FOR-US: HP iLO-2 management processors
 CVE-2008-0710
 	RESERVED
 CVE-2008-0709 (Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, ...)
-	TODO: check
+	NOT-FOR-US: HP Select Identity
 CVE-2008-0708 (HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) ...)
-	TODO: check
+	NOT-FOR-US: HP USB 2.0 Floppy Drive Key
 CVE-2008-0707 (HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX ...)
 	NOT-FOR-US: HP-UX
 CVE-2008-0706 (Unspecified vulnerability in the BIOS F.26 and earlier for the HP ...)

More information about the Secure-testing-commits mailing list