white at alioth.debian.org
2008-Sep-14 09:13 UTC
[Secure-testing-commits] r9809 - data/CVE
Author: white Date: 2008-09-14 09:13:29 +0000 (Sun, 14 Sep 2008) New Revision: 9809 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-09-13 10:01:00 UTC (rev 9808) +++ data/CVE/list 2008-09-14 09:13:29 UTC (rev 9809) @@ -1,5 +1,5 @@ CVE-2008-4018 (swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local ...) - TODO: check + NOT-FOR-US: IBM AIX CVE-2008-4017 RESERVED CVE-2008-4016 @@ -99,69 +99,69 @@ CVE-2008-3969 (Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow ...) TODO: check CVE-2008-3968 (Cross-site scripting (XSS) vulnerability in userlist.php in PunBB ...) - TODO: check + NOT-FOR-US: PunBB CVE-2008-3967 (moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not ...) - TODO: check + NOT-FOR-US: MyBB CVE-2008-3966 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka ...) - TODO: check + NOT-FOR-US: MyBB CVE-2008-3965 (SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) ...) - TODO: check + NOT-FOR-US: MyBB CVE-2008-3961 RESERVED CVE-2008-3960 (Unspecified vulnerability in the JDBC Applet Server Service (aka ...) TODO: check CVE-2008-3959 (IBM DB2 UDB 8.1 before FixPak 16, and 8.2 before FixPak 9, allows ...) - TODO: check + NOT-FOR-US: IBM DB2 UDB CVE-2008-3958 (IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: IBM DB2 UDB CVE-2008-3957 (The Microsoft Windows Image Acquisition Logger ActiveX control allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2008-3956 (orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2008-3955 (SQL injection vulnerability in index.php in Masir Camp E-Shop Module ...) - TODO: check + NOT-FOR-US: Masir Camp E-Shop Module CVE-2008-3954 (SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per ...) - TODO: check + NOT-FOR-US: AlstraSoft Forum Pay Per Post Exchange CVE-2008-3953 (SQL injection vulnerability in keyword_search_action.php in Vastal ...) - TODO: check + NOT-FOR-US: Vastal I-Tech Shaadi Zone CVE-2008-3952 (SQL injection vulnerability in questions.php in EsFaq 2.0 allows ...) - TODO: check + NOT-FOR-US: EsFaq CVE-2008-3951 (SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent ...) - TODO: check + NOT-FOR-US: The Real Estate Script CVE-2008-3950 RESERVED CVE-2008-3949 RESERVED CVE-2008-3948 (SQL injection vulnerability in admin/users/self-2.php in XRMS allows ...) - TODO: check + NOT-FOR-US: XRMS CVE-2008-3947 (DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain ...) TODO: check CVE-2008-3946 (The finger client in HP TCP/IP Services for OpenVMS 5.x allows local ...) TODO: check CVE-2008-3945 (SQL injection vulnerability in index.php in Words tag 1.2 allows ...) - TODO: check + NOT-FOR-US: Words tag CVE-2008-3944 (SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows ...) - TODO: check + NOT-FOR-US: ACG-PTP CVE-2008-3943 (SQL injection vulnerability in listtest.php in eZoneScripts Living ...) - TODO: check + NOT-FOR-US: eZoneScripts Living Local CVE-2008-3942 (SQL injection vulnerability in landsee.php in Full PHP Emlak Script ...) - TODO: check + NOT-FOR-US: Full PHP Emlak Script CVE-2008-3941 (Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and ...) - TODO: check + NOT-FOR-US: BizDirectory CVE-2008-3940 (Format string vulnerability in the finger client in HP TCP/IP Services ...) TODO: check CVE-2008-3939 (Directory traversal vulnerability in the web interface in AVTECH PageR ...) - TODO: check + NOT-FOR-US: AVTECH PageR Enterprise CVE-2008-3938 (Cross-site request forgery (CSRF) vulnerability in user_admin.php in ...) - TODO: check + NOT-FOR-US: Open Media Collectors Database CVE-2008-3937 (Multiple cross-site scripting (XSS) vulnerabilities in Open Media ...) - TODO: check + NOT-FOR-US: Open Media Collectors Database CVE-2008-3936 (The web interface in Dreambox DM500C allows remote attackers to cause ...) - TODO: check + NOT-FOR-US: Dreambox DM500C CVE-2008-3935 (Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and ...) - TODO: check + NOT-FOR-US: DIC shop_v50 CVE-2008-3931 (javareconf in R 2.7.2 allows local users to overwrite arbitrary files ...) - TODO: check + NOT-FOR-US: javareconf CVE-2008-3930 (migrate_aliases.sh in Citadel Server 7.37 allows local users to ...) TODO: check CVE-2008-3929 (gather-messages.sh in Ampache 3.4.1 allows local users to overwrite ...) @@ -171,23 +171,23 @@ CVE-2008-3927 (genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete ...) TODO: check CVE-2008-3926 (Multiple directory traversal vulnerabilities in Content Management ...) - TODO: check + NOT-FOR-US: Content Management Made Easy CVE-2008-3925 (Cross-site request forgery (CSRF) vulnerability in admin.php in ...) - TODO: check + NOT-FOR-US: Content Management Made Easy CVE-2008-3924 (The "Make a backup" functionality in Content Management Made Easy ...) - TODO: check + NOT-FOR-US: Content Management Made Easy CVE-2008-3923 (Multiple cross-site scripting (XSS) vulnerabilities in statistics.php ...) - TODO: check + NOT-FOR-US: Content Management Made Easy CVE-2008-3922 (awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote ...) - TODO: check + NOT-FOR-US: AWStats Totals CVE-2008-3921 (Multiple cross-site scripting (XSS) vulnerabilities in AWStats Totals ...) - TODO: check + NOT-FOR-US: AWStats Totals CVE-2008-3919 (Unspecified vulnerability in multiple JustSystems Ichitaro products ...) - TODO: check + NOT-FOR-US: JustSystems Ichitaro CVE-2008-3918 (SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows ...) - TODO: check + NOT-FOR-US: Ovidentia CVE-2008-3917 (Cross-site scripting (XSS) vulnerability in index.php in Ovidentia ...) - TODO: check + NOT-FOR-US: Ovidentia CVE-2008-3916 (Heap-based buffer overflow in the strip_escapes function in signal.c ...) TODO: check CVE-2008-3915 (Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when ...) @@ -205,9 +205,9 @@ CVE-2008-3903 (Asterisk PBX 1.2 through 1.6 and Trixbox PBX 2.6.1, when running with ...) TODO: check CVE-2008-3902 (HP firmware 68DTT F.0D stores pre-boot authentication passwords in the ...) - TODO: check + NOT-FOR-US: HP firmware 68DTT CVE-2007-6717 (Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and ...) - TODO: check + NOT-FOR-US: IBM AIX CVE-2007-6716 (fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 ...) TODO: check CVE-2008-3962 (The from_format function in ssmtp.c in ssmtp 2.62, in certain ...)