[Secure-testing-commits] r3315 - data/CVE

Tue, 17 Jan 2006 20:44:25 -0800 

Author: micah
Date: 2006-01-18 04:43:21 +0000 (Wed, 18 Jan 2006)
New Revision: 3315

Modified:
   data/CVE/list
Log:
Some NFUs and false positive checks


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-01-17 23:06:44 UTC (rev 3314)
+++ data/CVE/list       2006-01-18 04:43:21 UTC (rev 3315)
@@ -97,15 +97,15 @@
 CVE-2005-4652 (SQL injection vulnerability in PHlyMail 3.02.01 allows remote 
...)
        TODO: check
 CVE-2005-4651 (SQL injection vulnerability in index.php in AlstraSoft EPay Pro 
2.0 ...)
-       TODO: check
+       NOT-FOR-US: AlstraSoft EPay Pro
 CVE-2005-4650 (Joomla! 1.03 does not restrict the number of "Search" 
Mambots, which ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2005-4649 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced 
...)
-       TODO: check
+       NOT-FOR-US: Advanced Guestbook
 CVE-2005-4648 (Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 
and ...)
-       TODO: check
+       NOT-FOR-US: Illustrate dBpowerAMP Music Converter
 CVE-2003-1290 (BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, 
with RMI ...)
-       TODO: check
+       NOT-FOR-US: BEA WebLogic Server
 CVE-2006-XXXX [knowledgetree information disclosure]
        - knowledgetree <unfixed> (bug #348306; medium)
 CVE-2006-XXXX [php5 response splitting]
@@ -12613,7 +12613,8 @@
        - netapplet <not-affected> (Not vulerable, see bug #310833)
 CVE-2005-1039 (Race condition in Core Utilities (coreutils) 5.2.1, when (1) 
mkdir, ...)
        - coreutils <unfixed> (bug #304556; low)
-       NOTE: Setting up a sarge/oldstable chroot to see if this affects -- 
micah
+       [woody] - fileutils <unfixed> (bug #304556; low)
+       NOTE: Sarge is affected
 CVE-2005-1038 (crontab in Vixie cron 4.1, when running with the -e option, 
allows ...)
        NOTE: long fixed in Debian's cron
 CVE-2005-1037 (Unknown vulnerability in AIX 5.3.0, when configured as an NIS 
client, ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to