Author: jmm-guest
Date: 2006-02-13 08:17:38 +0000 (Mon, 13 Feb 2006)
New Revision: 3463
Modified:
data/CVE/list
Log:
two not-affected
removed a non-issue
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-12 23:03:24 UTC (rev 3462)
+++ data/CVE/list 2006-02-13 08:17:38 UTC (rev 3463)
@@ -153,35 +153,25 @@
CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM
privileges by ...)
NOT-FOR-US: Lexmark printer
CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile
0.9.1 and ...)
- NOT-FOR-US:
TODO: check
CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote
attackers to ...)
- NOT-FOR-US:
- TODO: check
+ - fcron <not-affected> (Not included in Debian package)
CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in
cPanel ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10
and ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: cPanel
CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to
...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: phpstatus
CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in
phpstatus 1.0 ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: phpstatus
CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when
...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: phpstatus
CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in
Papoo ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: Papoo
CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in
Outblaze ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: Outblaze
CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before
0.5.1, ...)
- NOT-FOR-US:
- TODO: check
+ NOT-FOR-US: Xaraya
CVE-2006-XXXX [bluez-hcidump DoS]
- bluez-hcidump <unfixed> (bug #351881)
CVE-2006-0566 (The LDAP component in CommuniGate Pro Core Server 5.0.7 allows
remote ...)
@@ -2454,8 +2444,7 @@
CVE-2005-4218 (SQL injection vulnerability in forum.php in PHPWebThings 1.4
allows ...)
NOT-FOR-US: PHPWebThings
CVE-2005-4217 (Perl in Apple Mac OS X Server 10.3.9 does not properly drop
privileges ...)
- TODO: check, whether this affects Debian's perl
- NOTE: no actual data on what the hole is
+ - perl <not-affected> (MacOS specific vulnerability)
CVE-2005-4216 (The Administration Service (FMSAdmin.exe) in Macromedia Flash
Media ...)
NOT-FOR-US: Macromedia Flash Media Server
CVE-2005-4215 (Motorola SB5100E Cable Modem allows remote attackers to cause a
denial ...)
@@ -7927,10 +7916,6 @@
CVE-2005-XXXX [Insecure usage of temporary files in x11perfcomp and other
security issues]
- xfree86 <unfixed> (bug #321447; low)
- xorg-x11 <unfixed> (bug #321447; low)
-CVE-2005-XXXX [kdebase: startkde does not check lnusertemp's result?]
- NOTE: This hardly has security implications, lots of applications do
not cope
- NOTE: with a filled up /tmp dir.
- - kdebase <unfixed> (bug #292078; low)
CVE-2005-XXXX [gs-esp: Insecure usage of /tmp in source code]
- gs-esp <unfixed> (bug #291452; low)
CVE-2005-XXXX [Format string bug in sysklogd's syslog_tst sources]
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
