[Secure-testing-commits] r14170 - data/CVE

[Michael Gilbert]

Author: gilbert-guest
Date: 2010-03-01 21:56:08 +0000 (Mon, 01 Mar 2010)
New Revision: 14170

Modified:
   data/CVE/list
Log:
there is a zenoss itp

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-03-01 21:14:35 UTC (rev 14169)
+++ data/CVE/list	2010-03-01 21:56:08 UTC (rev 14170)
@@ -99,9 +99,11 @@
 CVE-2010-0714 (Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere ...)
 	NOT-FOR-US: IBM WebSphere Portal
 CVE-2010-0713 (Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss ...)
-	NOT-FOR-US: Zenoss
+	- zenoss <itp> (bug #361253)
+	NOTE: http://seclists.org/fulldisclosure/2010/Jan/296
 CVE-2010-0712 (Multiple SQL injection vulnerabilities in ...)
-	NOT-FOR-US: Zenoss
+	- zenoss <itp> (bug #361253)
+	NOTE: http://seclists.org/fulldisclosure/2010/Jan/241
 CVE-2010-0711 (Cross-site request forgery (CSRF) vulnerability in default.asp in ...)
 	NOT-FOR-US: ASPCode CMS
 CVE-2010-0710 (SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 ...)
@@ -1281,12 +1283,6 @@
 	TODO: check
 CVE-2009-4609 (The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote ...)
 	TODO: check
-CVE-2010-XXXX [zenoss sql injection]
-	- zenoss <itp> (bug #361253)
-	NOTE: http://seclists.org/fulldisclosure/2010/Jan/241
-CVE-2010-XXXX [zenoss csrf]
-	- zenoss <itp> (bug #361253)
-	NOTE: http://seclists.org/fulldisclosure/2010/Jan/296
 CVE-2010-0309 (The pit_ioport_read function in the Programmable Interval Timer (PIT) ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8