[Secure-testing-commits] r16191 - data/CVE

Federico Ceratto federico-guest at alioth.debian.org
Thu Feb 17 22:50:37 UTC 2011 

Author: federico-guest
Date: 2011-02-17 22:50:28 +0000 (Thu, 17 Feb 2011)
New Revision: 16191

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-17 22:27:15 UTC (rev 16190)
+++ data/CVE/list	2011-02-17 22:50:28 UTC (rev 16191)
@@ -1,7 +1,7 @@
 CVE-2011-1034 (Cross-site scripting (XSS) vulnerability in the UI in IBM Rational ...)
-	TODO: check
+	NOT-FOR-US: IBM Rational Build Forge
 CVE-2010-4740 (Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC ...)
-	TODO: check
+	NOT-FOR-US: SCADA Engine BACnet
 CVE-2010-4739 (SQL injection vulnerability in the Maian Media Silver (com_maianmedia) ...)
 	TODO: check
 CVE-2010-4738 (Multiple SQL injection vulnerabilities in Rae Media INC Real Estate ...)
@@ -9,15 +9,15 @@
 CVE-2010-4737 (SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb ...)
 	TODO: check
 CVE-2010-4736 (SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and ...)
-	TODO: check
+	NOT-FOR-US: GateSoft DocuSafe
 CVE-2010-4735 (SQL injection vulnerability in shoppingcart.asp in Ecommercemax ...)
 	TODO: check
 CVE-2010-4734 (Multiple cross-site scripting (XSS) vulnerabilities in the comment ...)
-	TODO: check
+	NOT-FOR-US: Skeletonz CMS
 CVE-2011-1033 (Stack-based buffer overflow in oninit in IBM Informix Dynamic Server ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2011-1032 (IBM Lotus Connections 3.0, when IBM WebSphere Application Server ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2011-1031 (The feh_unique_filename function in utils.c in feh 1.11.2 and earlier ...)
 	- feh <unfixed> (low)
 	[lenny] - feh <no-dsa> (Minor issue)
@@ -25,9 +25,9 @@
 	NOTE: in 1.11.2-1 --no-clobber was added to the wget call in order
 	NOTE: to prevent overwriting files. can still be create thoug. questionable fix
 CVE-2011-1030 (Cross-site scripting (XSS) vulnerability in the Wikis component in IBM ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2011-1029 (Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2011-1028
 	RESERVED
 CVE-2011-1027
@@ -113,15 +113,15 @@
 CVE-2011-0988
 	RESERVED
 CVE-2010-4733 (WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway ...)
-	TODO: check
+	NOT-FOR-US: WebSCADA
 CVE-2010-4732 (cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, ...)
-	TODO: check
+	NOT-FOR-US: WebSCADA
 CVE-2010-4731 (Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
-	TODO: check
+	NOT-FOR-US: WebSCADA
 CVE-2010-4730 (Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA ...)
-	TODO: check
+	NOT-FOR-US: WebSCADA
 CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2008-XXXX [path traversal in CGIHTTPServer]
 	- python2.5 <unfixed>
 	- python2.4 <removed>
@@ -1164,7 +1164,7 @@
 CVE-2011-0581 (Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 ...)
 	NOT-FOR-US: Adobe ColdFusion
 CVE-2011-0580 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: Adobe ColdFusion
 CVE-2011-0579
 	RESERVED
 CVE-2011-0578 (Adobe Flash Player before 10.2.152.26 allows attackers to execute ...)
@@ -2924,7 +2924,7 @@
 CVE-2010-4507 (Multiple cross-site request forgery (CSRF) vulnerabilities on the ...)
 	NOT-FOR-US: iSpot/ClearSpot hardware devices
 CVE-2010-4506 (Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A ...)
-	TODO: check
+	NOT-FOR-US: Passlogix
 CVE-2010-4505 (Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, ...)
 	NOT-FOR-US: Injader
 CVE-2010-4504 (Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat ...)
@@ -3498,7 +3498,7 @@
 	RESERVED
 	NOT-FOR-US: Novell iPrint LPD
 CVE-2010-4327 (Unspecified vulnerability in the NCP service in Novell eDirectory ...)
-	TODO: check
+	NOT-FOR-US: Novell eDirectory
 CVE-2010-4326 (Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent ...)
 	NOT-FOR-US: Groupwise
 CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in ...)
@@ -7278,7 +7278,7 @@
 CVE-2010-2929 (Untrusted search path vulnerability in hsolinkcontrol in hsolink ...)
 	- hsolink <removed>
 CVE-2010-2928 (The vCenter Tomcat Management Application in VMware vCenter Server 4.1 ...)
-	TODO: check
+	NOT-FOR-US: VMware vCenter Server
 CVE-2010-2927 (The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) ...)
 	NOT-FOR-US: Tivoli
 CVE-2009-4976 (Cross-site scripting (XSS) vulnerability in webkitpart.cpp in ...)

More information about the Secure-testing-commits mailing list