[Secure-testing-commits] r9263 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Tue Jul 8 22:36:49 UTC 2008 

Author: nion
Date: 2008-07-08 22:36:48 +0000 (Tue, 08 Jul 2008)
New Revision: 9263

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-3067 fixed in sudo 1.6.8p12-2


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-07-08 22:06:57 UTC (rev 9262)
+++ data/CVE/list	2008-07-08 22:36:48 UTC (rev 9263)
@@ -1,7 +1,7 @@
 CVE-2008-3068 (Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Crypto API
 CVE-2008-3067 (sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when ...)
-	TODO: check
+	- sudo 1.6.8p12-2 (low)
 CVE-2008-3066
 	RESERVED
 CVE-2008-3065
@@ -23,67 +23,67 @@
 CVE-2008-3057
 	RESERVED
 CVE-2008-3056 (SQL injection vulnerability in the Codeon Petition (cd_petition) ...)
-	TODO: check
+	NOT-FOR-US: cd_petition extension for TYPO3
 CVE-2008-3055 (SQL injection vulnerability in the Support view (ext_tbl) extension ...)
-	TODO: check
+	NOT-FOR-US: ext_tbl extension for TYPO3
 CVE-2008-3054 (SQL injection vulnerability in the Branchenbuch (aka Yellow Pages ...)
-	TODO: check
+	NOT-FOR-US: mh_branchenbuch extension for TYPO3
 CVE-2008-3053 (SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension ...)
-	TODO: check
+	NOT-FOR-US: mh_omsqlio extension for TYPO3
 CVE-2008-3052 (Unspecified vulnerability in the SQL Frontend (mh_omsqlio) extension ...)
-	TODO: check
+	NOT-FOR-US: mh_omsqlio extension for TYPO3
 CVE-2008-3051 (SQL injection vulnerability in the Pinboard extension 0.0.6 and ...)
-	TODO: check
+	NOT-FOR-US: Pinboard extension for TYPO3
 CVE-2008-3050 (Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) ...)
-	TODO: check
+	NOT-FOR-US: pdfcreator extension for TYPO3
 CVE-2008-3049 (The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for ...)
-	TODO: check
+	NOT-FOR-US: pdfcreator extension for TYPO3
 CVE-2008-3048 (Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) ...)
-	TODO: check
+	NOT-FOR-US: pdfcreator extension for TYPO3
 CVE-2008-3047 (Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) ...)
-	TODO: check
+	NOT-FOR-US: kb_unpack extension for TYPO3
 CVE-2008-3046 (Incomplete blacklist vulnerability in the Packman (kb_packman) ...)
-	TODO: check
+	NOT-FOR-US: kb_packman extension for TYPO3
 CVE-2008-3045 (Unspecified vulnerability in the Industry Database (aka ...)
-	TODO: check
+	NOT-FOR-US: pro_industrydb extension for TYPO3
 CVE-2008-3044 (SQL injection vulnerability in the News Calendar (newscalendar) ...)
-	TODO: check
+	NOT-FOR-US: newscalendar extension for TYPO3
 CVE-2008-3043 (Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) ...)
-	TODO: check
+	NOT-FOR-US: wec_discussion extension for TYPO3
 CVE-2008-3042 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
-	TODO: check
+	NOT-FOR-US: dam_frontend extension for TYPO3
 CVE-2008-3041 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
-	TODO: check
+	NOT-FOR-US: dam_frontend extension for TYPO3
 CVE-2008-3040 (Unspecified vulnerability in the DAM Frontend (dam_frontend) extension ...)
-	TODO: check
+	NOT-FOR-US: dam_frontend extension for TYPO3
 CVE-2008-3039 (SQL injection vulnerability in the DAM Frontend (dam_frontend) ...)
-	TODO: check
+	NOT-FOR-US: dam_frontend extension for TYPO3
 CVE-2008-3038 (SQL injection vulnerability in the Address Directory (sp_directory) ...)
-	TODO: check
+	NOT-FOR-US: sp_directory extension for TYPO3
 CVE-2008-3037 (Cross-site scripting (XSS) vulnerability in the Address Directory ...)
-	TODO: check
+	NOT-FOR-US: sp_directory extension for TYPO3
 CVE-2008-3036 (Directory traversal vulnerability in index.php in CMS little 0.0.1 ...)
-	TODO: check
+	NOT-FOR-US: CMS little
 CVE-2008-3035 (SQL injection vulnerability in newThread.php in XchangeBoard 1.70 ...)
-	TODO: check
+	NOT-FOR-US: XchangeBoard
 CVE-2008-3034 (Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow ...)
-	TODO: check
+	NOT-FOR-US: RSS-aggregator
 CVE-2008-3033 (RSS-aggregator 1.0 does not require administrative authentication for ...)
-	TODO: check
+	NOT-FOR-US: RSS-aggregator
 CVE-2008-3032 (Cross-site scripting (XSS) vulnerability in the phpMyAdmin ...)
-	TODO: check
+	NOT-FOR-US: phpmyadmin extension for TYPO3
 CVE-2008-3031 (Directory traversal vulnerability in index.php in Simple PHP Agenda ...)
-	TODO: check
+	NOT-FOR-US: Simple PHP Agenda
 CVE-2008-3030 (SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows ...)
-	TODO: check
+	NOT-FOR-US: EfesTECH Shop
 CVE-2008-3029 (Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum ...)
-	TODO: check
+	NOT-FOR-US: WEC Discussion Forum
 CVE-2008-3028 (Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card ...)
-	TODO: check
+	NOT-FOR-US: sr_sendcard extension for TYPO3
 CVE-2008-3027 (SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 ...)
-	TODO: check
+	NOT-FOR-US: VanGogh Web CMS
 CVE-2008-3026 (SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet ...)
-	TODO: check
+	NOT-FOR-US: OneClick CMS
 CVE-2008-3025 (SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows ...)
 	TODO: check
 CVE-2008-3024 (Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) ...)

More information about the Secure-testing-commits mailing list