[Secure-testing-commits] r4500 - data/CVE

Fri, 04 Aug 2006 10:09:56 -0700 

Author: stef-guest
Date: 2006-08-04 17:08:55 +0000 (Fri, 04 Aug 2006)
New Revision: 4500

Modified:
   data/CVE/list
Log:
- new ipcal issue (low)
- some NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-08-04 16:40:22 UTC (rev 4499)
+++ data/CVE/list       2006-08-04 17:08:55 UTC (rev 4500)
@@ -1,35 +1,35 @@
 CVE-2006-3970 (PHP remote file inclusion vulnerability in lmo.php in the LMO 
...)
-       TODO: check
+       NOT-FOR-US: LMO for joomla
 CVE-2006-3969 (PHP remote file inclusion vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Colophon for joomla
 CVE-2006-3968 (The crypto provider in Sun Solaris 10 3/05 HW2 without patch 
...)
        NOT-FOR-US: Solaris
 CVE-2006-3967 (PHP remote file inclusion vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: moskool
 CVE-2006-3966 (PHP remote file inclusion vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: MyNewsGroups
 CVE-2006-3965 (Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the 
web ...)
-       TODO: check
+       NOT-FOR-US: Banex PHP MySQL Banner Exchange
 CVE-2006-3964 (PHP remote file inclusion vulnerability in members.php in Banex 
PHP ...)
-       TODO: check
+       NOT-FOR-US: Banex PHP MySQL Banner Exchange
 CVE-2006-3963 (Multiple SQL injection vulnerabilities in Banex PHP MySQL 
Banner ...)
-       TODO: check
+       NOT-FOR-US: Banex PHP MySQL Banner Exchange
 CVE-2006-3962 (PHP remote file inclusion vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: com_bayesiannaivefilter for mambo
 CVE-2006-3961 (Unspecified vulnerability in McAfee Internet Security Suite 
2006, ...)
        NOT-FOR-US: McAfee
 CVE-2006-3960 (SQL injection vulnerability in top.php in X-Scripts X-Poll 1.10 
allows ...)
-       TODO: check
+       NOT-FOR-US: X-Scripts X-Poll
 CVE-2006-3959 (SQL injection vulnerability in protect.php in X-Scripts 
X-Protection ...)
-       TODO: check
+       NOT-FOR-US: X-Scripts X-Protection
 CVE-2006-3958 (Multiple unspecified cross-site scripting (XSS) vulnerabilities 
in ...)
-       TODO: check
+       NOT-FOR-US: Taskjitsu
 CVE-2006-3957 (PHP remote file inclusion vulnerability in payment.php in 
BosDev ...)
-       TODO: check
+       NOT-FOR-US: BosDates
 CVE-2006-3956 (Multiple cross-site scripting (XSS) vulnerabilities in 
contact.php in ...)
-       TODO: check
+       NOT-FOR-US: Advanced Webhost Billing System
 CVE-2006-3955 (Multiple PHP remote file inclusion vulnerabilities in MiniBB 
Forum ...)
-       TODO: check
+       NOT-FOR-US: MiniBB Forum
 CVE-2006-3954 (Directory traversal vulnerability in usercp.php in MyBB (aka 
...)
        NOT-FOR-US: mybb
 CVE-2006-3953 (Cross-site scripting (XSS) vulnerability in usercp.php in MyBB 
(aka ...)
@@ -39,13 +39,13 @@
 CVE-2006-3951 (PHP remote file inclusion vulnerability in moodle.php in 
Mam-moodle ...)
        TODO: check
 CVE-2006-3950 (SQL injection vulnerability in x-statistics.php in X-Scripts 
...)
-       TODO: check
+       NOT-FOR-US: X-Statistics
 CVE-2006-3949 (PHP remote file inclusion vulnerability in artlinks.dispnew.php 
in the ...)
-       TODO: check
+       NOT-FOR-US: com_artlinks for Mambo
 CVE-2006-3948 (Cross-site scripting (XSS) vulnerability in modules.php in 
PHP-Nuke ...)
        NOT-FOR-US: php-nuke
 CVE-2006-3947 (PHP remote file inclusion vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Mambatstaff
 CVE-2006-3946 (The KHTMLParser::popOneBlock function in Apple Safari 2.0.4 on 
Mac OS ...)
        TODO: check
 CVE-2006-3945 (The CSS functionality in Opera 9 on Windows XP SP2 allows 
remote ...)
@@ -57,9 +57,9 @@
 CVE-2006-3942 (The server driver (srv.sys) in Microsoft Windows 2000 SP4, 
Server 2003 ...)
        NOT-FOR-US: Microsoft
 CVE-2006-3941 (Unspecified vulnerability in the daemons for Sun N1 Grid Engine 
5.3 ...)
-       TODO: check
+       NOT-FOR-US: N1 Grid Engine 
 CVE-2006-3940 (Multiple SQL injection vulnerabilities in phpbb-Auction allow 
remote ...)
-       TODO: check
+       NOT-FOR-US: phpbb-Auction
 CVE-2006-3939 (ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to 
perform ...)
        TODO: check
 CVE-2006-3938 (DotClear allows remote attackers to obtain sensitive 
information via a ...)
@@ -73,7 +73,7 @@
 CVE-2006-3934 (Absolute path traversal vulnerability in downloadTrigger.jsp in 
...)
        TODO: check
 CVE-2006-3933 (Cross-site scripting (XSS) vulnerability in Alkacon OpenCms 
before ...)
-       TODO: check
+       NOT-FOR-US: OpenCms
 CVE-2006-3932 (SQL injection vulnerability in links.php in Gonafish LinksCaffe 
3.0 ...)
        TODO: check
 CVE-2006-3931 (Buffer overflow in the daemon function in midirecord.cc in 
Tuomas ...)
@@ -89,7 +89,7 @@
 CVE-2006-3926 (Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow 
remote ...)
        TODO: check
 CVE-2006-3925 (Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX 
control ...)
-       TODO: check
+       NOT-FOR-US: ITIRecorder.MicRecorder ActiveX control
 CVE-2006-3924 (Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 
before ...)
        TODO: check
 CVE-2006-3923 (Cross-site scripting (XSS) vulnerability in add.php in 
Fire-Mouse ...)
@@ -134,7 +134,7 @@
 CVE-2006-3904 (SQL injection vulnerability in manager/index.php in Etomite CMS 
0.6.1 ...)
        TODO: check
 CVE-2006-3903 (CRLF injection vulnerability in (1) index.php and (2) admin.php 
in ...)
-       TODO: check
+       NOT-FOR-US: myWebland MyBloggie
 CVE-2006-3902 (Cross-site scripting (XSS) vulnerability in index.php in 
phpFaber ...)
        TODO: check
 CVE-2006-3901 (Multiple stack-based buffer overflows in Tumbleweed Email 
Firewall ...)
@@ -242,29 +242,29 @@
 CVE-2006-3850 (** DISPUTED ** ...)
        TODO: check
 CVE-2006-3849 (Stack-based buffer overflow in Warzone 2100 and Warzone 
Resurrection ...)
-       TODO: check
+       NOT-FOR-US: Warzone
 CVE-2006-3848 (Cross-site scripting (XSS) vulnerability in CGI wrapper for IP 
...)
-       TODO: check
+       NOT-FOR-US: ipcalc <unfixed> (bug #381469; low)
 CVE-2006-3847 (PHP remote file inclusion vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: MoSpray
 CVE-2006-3846 (PHP remote file inclusion vulnerability in 
extadminmenus.class.php in ...)
-       TODO: check
+       NOT-FOR-US: MultiBanners
 CVE-2006-3845 (Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 
3.60 ...)
-       TODO: check
+       NOT-FOR-US: WinRAR
 CVE-2006-3844 (Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote 
...)
-       TODO: check
+       NOT-FOR-US: Quick 'n Easy FTP Server
 CVE-2006-3843 (PHP remote file inclusion vulnerability in com_calendar.php in 
...)
-       TODO: check
+       NOT-FOR-US: Calendar Mambo Module
 CVE-2006-3842 (Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 
3.2 ...)
-       TODO: check
+       NOT-FOR-US: Zoho Virtual Office
 CVE-2006-3841 (Cross-site scripting (XSS) vulnerability in WebScarab before 
...)
-       TODO: check
+       NOT-FOR-US: WebScarab
 CVE-2006-3840 (The SMB Mailslot parsing functionality in PAM in multiple ISS 
products ...)
-       TODO: check
+       NOT-FOR-US: various ISS products
 CVE-2006-3839
        RESERVED
 CVE-2006-3838 (Multiple stack-based buffer overflows in eIQnetworks Enterprise 
...)
-       TODO: check
+       NOT-FOR-US: eIQnetworks Enterprise
 CVE-2006-XXXX [syslog-ng dos]
        - syslog-ng 2.0rc1-2
 CVE-2006-XXXX [courier-authdaemon: wrong socket permissions may lead to 
password disclosure]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

Reply via email to