[Secure-testing-commits] r11700 - data/CVE

Nico Golde nion at alioth.debian.org
Thu Apr 23 19:34:11 UTC 2009 

Author: nion
Date: 2009-04-23 19:34:11 +0000 (Thu, 23 Apr 2009)
New Revision: 11700

Modified:
   data/CVE/list
Log:
NFUs, short note to CVE-2009-1266

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-04-23 19:05:21 UTC (rev 11699)
+++ data/CVE/list	2009-04-23 19:34:11 UTC (rev 11700)
@@ -1,45 +1,45 @@
 CVE-2009-1357
 	RESERVED
 CVE-2009-1356 (Stack-based buffer overflow in Elecard AVC HD Player allows remote ...)
-	TODO: check
+	NOT-FOR-US: Elecard AVC HD Player
 CVE-2009-1355 (Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM AIX
 CVE-2009-1354 (Directory traversal vulnerability in Mongoose 2.4 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Mongoose
 CVE-2009-1353 (Buffer overflow in the http_parse_hex function in libz/misc.c in ...)
-	TODO: check
+	NOT-FOR-US: Zervit Webserver
 CVE-2009-1352 (Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote ...)
-	TODO: check
+	NOT-FOR-US: PowerCHM
 CVE-2009-1351 (Heap-based buffer overflow in Apollo 37zz allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Apollo 37zz
 CVE-2009-1350 (Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client ...)
-	TODO: check
+	NOT-FOR-US: Novell NetIdentity Client
 CVE-2009-1349 (Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 ...)
-	TODO: check
+	NOT-FOR-US: C2Net Stronghold
 CVE-2008-6742 (Foxy P2P software allows remote attackers to cause a denial of service ...)
-	TODO: check
+	NOT-FOR-US: Foxy P2P
 CVE-2008-6741 (SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) ...)
-	TODO: check
+	NOT-FOR-US: Simple Machines Forum
 CVE-2008-6740 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: HoMaP-CMS
 CVE-2008-6739 (Todd Woolums ASP Download management script 1.03 does not require ...)
-	TODO: check
+	NOT-FOR-US: Todd Woolums ASP Download management script
 CVE-2008-6738 (MyShoutPro 1.2 allows remote attackers to bypass authentication and ...)
-	TODO: check
+	NOT-FOR-US: MyShoutPro
 CVE-2008-6737 (Crysis 1.21 and earlier allows remote attackers to obtain sensitive ...)
-	TODO: check
+	NOT-FOR-US: Crysis
 CVE-2008-6736 (Flat Calendar 1.1 does not properly restrict access to administrative ...)
-	TODO: check
+	NOT-FOR-US: Flat Calendar
 CVE-2008-6735 (Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 ...)
-	TODO: check
+	NOT-FOR-US: ThaiQuickCart
 CVE-2008-6734 (Directory traversal vulnerability in Public/index.php in Keller Web ...)
-	TODO: check
+	NOT-FOR-US: Keller Web Admin CMS
 CVE-2008-6733 (Cross-site scripting (XSS) vulnerability in the error handling page in ...)
-	TODO: check
+	NOT-FOR-US: DotNetNuke
 CVE-2008-6732 (Cross-site scripting (XSS) vulnerability in the Language skin object ...)
-	TODO: check
+	NOT-FOR-US: DotNetNuke
 CVE-2006-7238 (Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 ...)
-	TODO: check
+	NOT-FOR-US: MyShoutPro
 CVE-2009-1358 (apt-get in apt before 0.7.21 does not check for the correct error code ...)
 	- apt 0.7.21 (bug #433091)
 CVE-2009-XXXX [amule improper path sanitization]
@@ -373,6 +373,7 @@
 	- wireshark 1.0.7-1
 CVE-2009-1266 (Unspecified vulnerability in Wireshark before 1.0.7-0.1-1 has unknown ...)
 	TODO: check
+	NOTE: is likely getting rejected
 CVE-2009-1265 (Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux ...)
 	- linux-2.6 <unfixed>
 CVE-2009-1264 (Frontend User Registration (sr_feuser_register) extension 2.5.20 and ...)
@@ -2524,13 +2525,13 @@
 CVE-2009-0719
 	RESERVED
 CVE-2009-0718 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
-	TODO: check
+	NOT-FOR-US: HP StorageWorks Storage Mirroring
 CVE-2009-0717 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
-	TODO: check
+	NOT-FOR-US: HP StorageWorks Storage Mirroring
 CVE-2009-0716 (Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 ...)
-	TODO: check
+	NOT-FOR-US: HP StorageWorks Storage Mirroring
 CVE-2009-0715 (Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials ...)
-	TODO: check
+	NOT-FOR-US: HP Storage Essentials
 CVE-2009-0714
 	RESERVED
 CVE-2009-0713 (Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager ...)

More information about the Secure-testing-commits mailing list