Author: stef-guest
Date: 2006-02-26 17:54:30 +0000 (Sun, 26 Feb 2006)
New Revision: 3541
Modified:
data/CVE/list
Log:
zoo, cherrypy issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-26 16:16:25 UTC (rev 3540)
+++ data/CVE/list 2006-02-26 17:54:30 UTC (rev 3541)
@@ -51,42 +51,41 @@
NOT-FOR-US: Michael Salzer Guestbox
CVE-2006-0858 (Unquoted Windows search path vulnerability in (1) snsmcon.exe,
(2) the ...)
NOT-FOR-US: StarForce Safe'n'Sec Personal
-
-begin claimed by stef-guest
-
CVE-2006-0857 (Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0
in e107 ...)
- TODO: check
+ NOT-FOR-US: e107 CMS Chatbox plugin
CVE-2006-0856 (SQL injection vulnerability in login.php in Scriptme SmE GB
Host 1.21 ...)
- TODO: check
+ NOT-FOR-US: SmE GB Host
CVE-2006-0855 (Stack-based buffer overflow in the fullpath function in misc.c
for zoo ...)
- TODO: check
+ - zoo <unfixed> (bug #354461)
CVE-2006-0854 (PHP remote file inclusion vulnerability in common.php in
Intensive ...)
- TODO: check
+ NOT-FOR-US: Intensive Point iUser Ecommerce
CVE-2006-0853 (Buffer overflow in the IMAP service of TrueNorth Internet
Anywhere ...)
- TODO: check
+ NOT-FOR-US: TrueNorth Internet Anywhere
CVE-2006-0852 (Direct static code injection vulnerability in write.php in
Admbook ...)
- TODO: check
+ NOT-FOR-US: Admbook
CVE-2006-0851 (SQL injection vulnerability in the forum module of ilchClan
1.05g and ...)
- TODO: check
+ NOT-FOR-US: ilchClan
CVE-2006-0850 (SQL injection vulnerability in include/includes/user/login.php
in ...)
- TODO: check
+ NOT-FOR-US: ilchClan
CVE-2006-0849
RESERVED
CVE-2006-0848 (The "Open 'safe' files after downloading" option in
Safari on Apple ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2006-0847 (Directory traversal vulnerability in the staticfilter component
in ...)
- TODO: check
+ - python2.3-cherrypy2.1 2.1.1-1 (bug #353542)
+ - python-cherrypy2.1 2.1.1-1 (bug #353542)
+ - python2.4-cherrypy2.1 2.1.1-1 (bug #353542)
+ - python-cherrypy <unfixed> (bug #354479)
+ - python2.3-cherrypy <unfixed> (bug #354479)
+ - python2.4-cherrypy <unfixed> (bug #354479)
CVE-2006-0846 (Multiple cross-site scripting (XSS) vulnerabilities in Leif M.
...)
- TODO: check
+ NOT-FOR-US: Leif M. Wright's Blog
CVE-2006-0845 (Leif M. Wright's Blog 3.5 allows remote authenticated users
with ...)
- TODO: check
+ NOT-FOR-US: Leif M. Wright's Blog
CVE-2006-0844 (Leif M. Wright's Blog 3.5 does not make a password comparison
when ...)
- TODO: check
+ NOT-FOR-US: Leif M. Wright's Blog
CVE-2006-0843 (Leif M. Wright's Blog 3.5 stores the config file and other txt
files ...)
- TODO: check
-
-end claimed by stef-guest
-
+ NOT-FOR-US: Leif M. Wright's Blog
CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3
allows ...)
TODO: check
CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis
1.00rc4 ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
