[Secure-testing-commits] r9809 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Sun Sep 14 09:13:30 UTC 2008 

Author: white
Date: 2008-09-14 09:13:29 +0000 (Sun, 14 Sep 2008)
New Revision: 9809

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-09-13 10:01:00 UTC (rev 9808)
+++ data/CVE/list	2008-09-14 09:13:29 UTC (rev 9809)
@@ -1,5 +1,5 @@
 CVE-2008-4018 (swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2008-4017
 	RESERVED
 CVE-2008-4016
@@ -99,69 +99,69 @@
 CVE-2008-3969 (Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow ...)
 	TODO: check
 CVE-2008-3968 (Cross-site scripting (XSS) vulnerability in userlist.php in PunBB ...)
-	TODO: check
+	NOT-FOR-US: PunBB
 CVE-2008-3967 (moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2008-3966 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2008-3965 (SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2008-3961
 	RESERVED
 CVE-2008-3960 (Unspecified vulnerability in the JDBC Applet Server Service (aka ...)
 	TODO: check
 CVE-2008-3959 (IBM DB2 UDB 8.1 before FixPak 16, and 8.2 before FixPak 9, allows ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2 UDB
 CVE-2008-3958 (IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2 UDB
 CVE-2008-3957 (The Microsoft Windows Image Acquisition Logger ActiveX control allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2008-3956 (orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2008-3955 (SQL injection vulnerability in index.php in Masir Camp E-Shop Module ...)
-	TODO: check
+	NOT-FOR-US: Masir Camp E-Shop Module
 CVE-2008-3954 (SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per ...)
-	TODO: check
+	NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange
 CVE-2008-3953 (SQL injection vulnerability in keyword_search_action.php in Vastal ...)
-	TODO: check
+	NOT-FOR-US: Vastal I-Tech Shaadi Zone
 CVE-2008-3952 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows ...)
-	TODO: check
+	NOT-FOR-US: EsFaq
 CVE-2008-3951 (SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent ...)
-	TODO: check
+	NOT-FOR-US: The Real Estate Script
 CVE-2008-3950
 	RESERVED
 CVE-2008-3949
 	RESERVED
 CVE-2008-3948 (SQL injection vulnerability in admin/users/self-2.php in XRMS allows ...)
-	TODO: check
+	NOT-FOR-US: XRMS
 CVE-2008-3947 (DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain ...)
 	TODO: check
 CVE-2008-3946 (The finger client in HP TCP/IP Services for OpenVMS 5.x allows local ...)
 	TODO: check
 CVE-2008-3945 (SQL injection vulnerability in index.php in Words tag 1.2 allows ...)
-	TODO: check
+	NOT-FOR-US: Words tag
 CVE-2008-3944 (SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows ...)
-	TODO: check
+	NOT-FOR-US: ACG-PTP
 CVE-2008-3943 (SQL injection vulnerability in listtest.php in eZoneScripts Living ...)
-	TODO: check
+	NOT-FOR-US: eZoneScripts Living Local
 CVE-2008-3942 (SQL injection vulnerability in landsee.php in Full PHP Emlak Script ...)
-	TODO: check
+	NOT-FOR-US: Full PHP Emlak Script
 CVE-2008-3941 (Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and ...)
-	TODO: check
+	NOT-FOR-US: BizDirectory
 CVE-2008-3940 (Format string vulnerability in the finger client in HP TCP/IP Services ...)
 	TODO: check
 CVE-2008-3939 (Directory traversal vulnerability in the web interface in AVTECH PageR ...)
-	TODO: check
+	NOT-FOR-US: AVTECH PageR Enterprise
 CVE-2008-3938 (Cross-site request forgery (CSRF) vulnerability in user_admin.php in ...)
-	TODO: check
+	NOT-FOR-US: Open Media Collectors Database
 CVE-2008-3937 (Multiple cross-site scripting (XSS) vulnerabilities in Open Media ...)
-	TODO: check
+	NOT-FOR-US: Open Media Collectors Database
 CVE-2008-3936 (The web interface in Dreambox DM500C allows remote attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: Dreambox DM500C
 CVE-2008-3935 (Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and ...)
-	TODO: check
+	NOT-FOR-US: DIC shop_v50
 CVE-2008-3931 (javareconf in R 2.7.2 allows local users to overwrite arbitrary files ...)
-	TODO: check
+	NOT-FOR-US: javareconf
 CVE-2008-3930 (migrate_aliases.sh in Citadel Server 7.37 allows local users to ...)
 	TODO: check
 CVE-2008-3929 (gather-messages.sh in Ampache 3.4.1 allows local users to overwrite ...)
@@ -171,23 +171,23 @@
 CVE-2008-3927 (genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete ...)
 	TODO: check
 CVE-2008-3926 (Multiple directory traversal vulnerabilities in Content Management ...)
-	TODO: check
+	NOT-FOR-US: Content Management Made Easy
 CVE-2008-3925 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...)
-	TODO: check
+	NOT-FOR-US: Content Management Made Easy
 CVE-2008-3924 (The "Make a backup" functionality in Content Management Made Easy ...)
-	TODO: check
+	NOT-FOR-US: Content Management Made Easy
 CVE-2008-3923 (Multiple cross-site scripting (XSS) vulnerabilities in statistics.php ...)
-	TODO: check
+	NOT-FOR-US: Content Management Made Easy
 CVE-2008-3922 (awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote ...)
-	TODO: check
+	NOT-FOR-US: AWStats Totals
 CVE-2008-3921 (Multiple cross-site scripting (XSS) vulnerabilities in AWStats Totals ...)
-	TODO: check
+	NOT-FOR-US: AWStats Totals
 CVE-2008-3919 (Unspecified vulnerability in multiple JustSystems Ichitaro products ...)
-	TODO: check
+	NOT-FOR-US: JustSystems Ichitaro
 CVE-2008-3918 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows ...)
-	TODO: check
+	NOT-FOR-US: Ovidentia
 CVE-2008-3917 (Cross-site scripting (XSS) vulnerability in index.php in Ovidentia ...)
-	TODO: check
+	NOT-FOR-US: Ovidentia
 CVE-2008-3916 (Heap-based buffer overflow in the strip_escapes function in signal.c ...)
 	TODO: check
 CVE-2008-3915 (Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when ...)
@@ -205,9 +205,9 @@
 CVE-2008-3903 (Asterisk PBX 1.2 through 1.6 and Trixbox PBX 2.6.1, when running with ...)
 	TODO: check
 CVE-2008-3902 (HP firmware 68DTT F.0D stores pre-boot authentication passwords in the ...)
-	TODO: check
+	NOT-FOR-US: HP firmware 68DTT
 CVE-2007-6717 (Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2007-6716 (fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 ...)
 	TODO: check
 CVE-2008-3962 (The from_format function in ssmtp.c in ssmtp 2.62, in certain ...)

More information about the Secure-testing-commits mailing list