[Secure-testing-commits] r3418 - data/CVE

Micah Anderson Fri, 03 Feb 2006 21:36:19 -0800

Author: micah
Date: 2006-02-04 05:35:17 +0000 (Sat, 04 Feb 2006)
New Revision: 3418


Modified:
   data/CVE/list
Log:
bunch of NFUs and 3 spip issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-02-04 04:44:55 UTC (rev 3417)
+++ data/CVE/list       2006-02-04 05:35:17 UTC (rev 3418)
@@ -1,34 +1,42 @@
 begin claim by micah
 CVE-2006-0530 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 
1.07 ...)
-       TODO: check
+       NOT-FOR-US: CA Message Queuing
+       NOTE: CA Message Queuing is embeded in a lot of products, but they all 
seem
+       NOTE: to be commercial products (see list in referenced URL)
 CVE-2006-0529 (Computer Associates (CA) Message Queuing (CAM / CAFT) before 
1.07 ...)
-       TODO: check
+       NOT-FOR-US: CA Message Queuing
+       NOTE: CA Message Queuing is embeded in a lot of products, but they all 
seem
+       NOTE: to be commercial products (see list in referenced URL)
 CVE-2006-0528 (GNOME Evolution allows remote attackers to cause a denial of 
service ...)
-       TODO: check
+        - evolution 2.2.3-4 (low)
+        [sarge] - evolution <not-affected> (Vulnerability was apparantly 
introduced in 2.3.1)
+        [woody] - evolution <not-affected> (Vulnerability was apparantly 
introduced in 2.3.1)
 CVE-2006-0527 (Unspecified vulnerability in Berkeley Internet Name Domain 
(BIND) on ...)
-       TODO: check
+       NOTE: CVE says, "due to the lack of relevant details from the vendor, 
it is not 
+       NOTE: known whether this is a duplicate of an existing CVE or a 
brand-new issue that 
+       NOTE: applies to BIND on other operating systems."
 CVE-2006-0526 (The default configuration of the America Online (AOL) client 
software ...)
-       TODO: check
+       NOT-FOR-US: AOL
 CVE-2006-0525 (Multiple unspecified Adobe products install a large number of 
.EXE and ...)
-       TODO: check
+       NOT-FOR-US: Windows issue
 CVE-2006-0524 (Cross-site scripting (XSS) vulnerability in ashnews.php in 
Derek ...)
-       TODO: check
+       NOT-FOR-US: Derek Ashauer ashnews
 CVE-2006-0523 (SQL injection vulnerability in global.php in MyBB before 1.03 
allows ...)
-       TODO: check
+       NOT-FOR-US: MyBB
 CVE-2006-0522 (SQL injection vulnerability in the Authentication Servlet in 
Symantec ...)
-       TODO: check
+       NOT-FOR-US: Symantec Sygate Management Server
 CVE-2006-0521 (Cross-site scripting (XSS) vulnerability in results.php in 
BrowserCRM ...)
-       TODO: check
+       NOT-FOR-US: Browser CRM
 CVE-2006-0520 (SQL injection vulnerability index.php in Dragoran Portal module 
1.3 ...)
-       TODO: check
+       NOT-FOR-US: Invision Power Board
 CVE-2006-0519 (SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier 
allows ...)
-       TODO: check
+       - spip <unfixed> (medium; bug #351336)
 CVE-2006-0518 (Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 
1.8.2-e ...)
-       TODO: check
+       - spip <unfixed> (medium; bug #351335)
 CVE-2006-0517 (Multiple SQL injection vulnerabilities in ...)
-       TODO: check
+       - spip <unfixed> (medium; bug #351334)
 CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 
10 64 ...)
-       TODO: check
+       NOT-FOR-US: Solaris
 CVE-2006-0515
        RESERVED
 CVE-2006-0514
@@ -36,23 +44,23 @@
 CVE-2006-0513
        RESERVED
 CVE-2006-0512 (PADL MigrationTools 46 creates temporary files insecurely, 
which ...)
-       TODO: check
+       NOT-FOR-US: PADL MigrationTools
 CVE-2006-0511 (** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does 
not ...)
-       TODO: check
+       NOT-FOR-US: Blackboard Academic Suite
 CVE-2006-0510 (SQL injection vulnerability in userlogin.jsp in Daffodil CRM 
1.5 ...)
-       TODO: check
+       NOT-FOR-US: Daffodil
 CVE-2006-0509 (Multiple cross-site scripting (XSS) vulnerabilities in 
clients.php in ...)
-       TODO: check
+       NOT-FOR-US: Cerberus Helpdesk
 CVE-2006-0508 (Easy CMS stores the images directory under the web document 
root with ...)
-       TODO: check
+        NOT-FOR-US: Easy CMS
 CVE-2006-0507 (Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS 
allow ...)
-       TODO: check
+       NOT-FOR-US: Easy CMS
 CVE-2006-0506 (Cross-site scripting (XSS) vulnerability in index.php in 
Nuked-klaN ...)
-       TODO: check
+       NOT-FOR-US: Nuked-klaN
 CVE-2006-0505 (zbattle.net Zbattle client 1.09 SR-1 beta allows remote 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: Zbattle
 CVE-2006-0504 (Unspecified vulnerability in MailEnable Enterprise Edition 
before 1.2 ...)
-       TODO: check
+       NOT-FOR-US: MailEnable Enterprise Edition
 end claimed by micah
 CVE-2006-0503 (IMAP service in MailEnable Professional Edition before 1.72 
allows ...)
        TODO: check


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3418 - data/CVE

Reply via email to