[Secure-testing-commits] r9564 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Wed Aug 13 11:46:36 UTC 2008
Author: nion
Date: 2008-08-13 11:46:34 +0000 (Wed, 13 Aug 2008)
New Revision: 9564
Modified:
data/CVE/list
Log:
tikiwiki was removed
NFUs
CVE-2008-3600 gallery unfixed but unimportant (relies on register_globals), gallery2 not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-08-13 10:21:21 UTC (rev 9563)
+++ data/CVE/list 2008-08-13 11:46:34 UTC (rev 9564)
@@ -27,19 +27,20 @@
- ruby1.9 <unfixed> (bug #494402)
NOTE: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
CVE-2008-3654 (Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows ...)
- TODO: check
+ - tikiwiki <removed>
CVE-2008-3653 (Multiple unspecified vulnerabilities in TikiWiki CMS/Groupware before ...)
- TODO: check
+ - tikiwiki <removed>
CVE-2008-3652 (src/racoon/handler.c in racoon in ipsec-tools does not remove an ...)
TODO: check
CVE-2008-3651 (Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools ...)
TODO: check
CVE-2008-3650 (Multiple unspecified vulnerabilities in Horde Groupware Webmail before ...)
TODO: check
+ NOTE: this should be a dup of CVE-2008-3330.
CVE-2008-3649 (SQL injection vulnerability in categorydetail.php in Article Friendly ...)
- TODO: check
+ NOT-FOR-US: Article Friendly Standard
CVE-2008-3648 (nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2008-3647
RESERVED
CVE-2008-3646
@@ -121,35 +122,37 @@
CVE-2008-3608
RESERVED
CVE-2008-3607 (The IMAP server in NoticeWare Email Server NG 4.6.3 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: NoticeWare Email Server NG
CVE-2008-3606 (Heap-based buffer overflow in the IMAP service in Qbik WinGate ...)
- TODO: check
+ NOT-FOR-US: Qbik WinGate
CVE-2008-3605 (Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, ...)
- TODO: check
+ NOT-FOR-US: McAfee Encrypted USB Manager
CVE-2008-3604 (SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows ...)
- TODO: check
+ NOT-FOR-US: ZeeBuddy
CVE-2008-3603 (SQL injection vulnerability in index.php in Vacation Rental Script 3.0 ...)
- TODO: check
+ NOT-FOR-US: Vacation Rental Script
CVE-2008-3602 (admin/wr_admin.php in PHP-Ring Webring System (aka uPHP_ring_website) ...)
- TODO: check
+ NOT-FOR-US: PHP-Ring Webring System
CVE-2008-3601 (SQL injection vulnerability in index.php in Quicksilver Forums 1.4.1 ...)
- TODO: check
+ NOT-FOR-US: Quicksilver Forums
CVE-2008-3600 (Directory traversal vulnerability in contrib/phpBB2/modules.php in ...)
- TODO: check
+ - gallery <unfixed> (unimportant)
+ - gallery2 <not-affected> (Vulnerable code not present)
+ NOTE: We haven't supported installations with register_globals enabled since a long time
CVE-2008-3599 (SQL injection vulnerability in image.php in OpenImpro 1.1 allows ...)
- TODO: check
+ NOT-FOR-US: OpenImpro
CVE-2008-3598 (Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote ...)
- TODO: check
+ NOT-FOR-US: psipuss
CVE-2008-3597 (Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial ...)
- TODO: check
+ NOT-FOR-US: Skulltag
CVE-2008-3596 (Cross-site scripting (XSS) vulnerability in Harmoni before 1.4.7 ...)
- TODO: check
+ NOT-FOR-US: Harmoni
CVE-2008-3595 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: txtSQL
CVE-2008-3594 (SQL injection vulnerability in viewdetails.php in MagicScripts E-Store ...)
- TODO: check
+ NOT-FOR-US: MagicScripts E-Store
CVE-2008-3593 (Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows ...)
- TODO: check
+ NOT-FOR-US: SyzygyCMS
CVE-2008-3592 (Unrestricted file upload vulnerability in the File Manager in the ...)
TODO: check
CVE-2008-3591 (SQL injection vulnerability in lib/class.admin.php in Twentyone ...)
More information about the Secure-testing-commits
mailing list