[Secure-testing-commits] r3863 - data/CVE

Sun, 23 Apr 2006 07:57:47 -0700 

Author: micah
Date: 2006-04-23 14:57:12 +0000 (Sun, 23 Apr 2006)
New Revision: 3863

Modified:
   data/CVE/list
Log:
awstats issue, some NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-23 14:21:01 UTC (rev 3862)
+++ data/CVE/list       2006-04-23 14:57:12 UTC (rev 3863)
@@ -58,25 +58,28 @@
        RESERVED
        NOT-FOR-US: SolarWinds TFTP Server
 CVE-2006-1950 (Multiple cross-site scripting (XSS) vulnerabilities in 
banners.cgi in ...)
-       TODO: check
+       NOT-FOR-US: PerlCoders BannerFarm
 CVE-2006-1949 (SQL injection vulnerability in plexcart.pl in NicPlex PlexCart 
X3 and ...)
-       TODO: check
+       NOT-FOR-US: NicPlex PlexCart
 CVE-2006-1948 (The "Add Sender to Address Book" operation ...)
-       TODO: check
+       NOT-FOR-US: Lotus Notes
 CVE-2006-1947 (Multiple SQL injection vulnerabilities in plexum.php in NicPlex 
Plexum ...)
-       TODO: check
+       NOT-FOR-US: NicPlex PlexCart
 CVE-2006-1946 (Multiple cross-site scripting (XSS) vulnerabilities in Visale 
1.0 and ...)
-       TODO: check
+       NOT-FOR-US: Visale
 CVE-2006-1945 (Cross-site scripting (XSS) vulnerability in awstats.pl in 
AWStats 6.5 ...)
-       TODO: check
+       - awstats <unfixed> (bug #364443; medium)
+       NOTE: this might be the same core issue as CVE-2005-2732
 CVE-2006-1944 (Multiple cross-site scripting (XSS) vulnerabilities in SibSoft 
...)
-       TODO: check
+       NOT-FOR-US: SibSoft CommuniMail
 CVE-2006-1943 (Multiple cross-site scripting (XSS) vulnerabilities in Smarter 
Scripts ...)
-       TODO: check
+       NOT-FOR-US: Smarter Scripts IntelliLink Pro
 CVE-2006-1942 (Mozilla Firefox 1.5.0.2 allows user-complicit remote attackers 
to open ...)
        TODO: check
+       NOTE: pkg-mozilla-maintainers are preparing a big security release, 
I've pinged them
+       NOTE: to ask about this issue
 CVE-2006-1941 (Neon Responder 5.4 for LANsurveyor allows remote attackers to 
cause a ...)
-       TODO: check
+       NOT-FOR-US: Neon Responder
 CVE-2006-1940
        RESERVED
 CVE-2006-1939


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to