Author: federico-guest Date: 2011-10-16 19:04:00 +0000 (Sun, 16 Oct 2011) New Revision: 17437 Modified: bin/apt-update-file data/CVE/list Log: NFUs Modified: bin/apt-update-file ==================================================================--- bin/apt-update-file 2011-10-16 17:08:49 UTC (rev 17436) +++ bin/apt-update-file 2011-10-16 19:04:00 UTC (rev 17437) @@ -1,7 +1,6 @@ #!/usr/bin/python # This script is mainly used to demo the updateFile function. - import os import os.path import string Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-16 17:08:49 UTC (rev 17436) +++ data/CVE/list 2011-10-16 19:04:00 UTC (rev 17437) @@ -420,13 +420,13 @@ CVE-2011-3980 (Unspecified vulnerability in the Drag Drop Mass Upload ...) TODO: check CVE-2011-3979 (Cross-site scripting (XSS) vulnerability in ...) - TODO: check + NOT-FOR-US: Zikula Application Framework CVE-2011-3978 (Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php ...) - TODO: check + NOT-FOR-US: LightNEasy CVE-2011-3977 (Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x ...) TODO: check CVE-2011-3976 (Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP ...) - TODO: check + NOT-FOR-US: AmmSoft ScriptFTP CVE-2011-3975 (A certain HTC update for Android 2.3.4 build GRJ22, when the Sense ...) NOT-FOR-US: HTC Android CVE-2011-3974 (Integer signedness error in the decode_residual_inter function in ...) @@ -1034,27 +1034,27 @@ CVE-2011-3695 (111WebCalendar 1.2.3 allows remote attackers to obtain sensitive ...) NOT-FOR-US: Web app path disclosure, not an issue (path is known anyway) CVE-2011-3694 (The Server Administration Console in NetSaro Enterprise Messenger ...) - TODO: check + NOT-FOR-US: NetSaro Enterprise Messenger CVE-2011-3693 (NetSaro Enterprise Messenger Server 2.0 allows local users to discover ...) - TODO: check + NOT-FOR-US: NetSaro Enterprise Messenger CVE-2011-3692 (NetSaro Enterprise Messenger Server 2.0 stores cleartext console ...) - TODO: check + NOT-FOR-US: NetSaro Enterprise Messenger CVE-2011-3691 (Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 ...) - TODO: check + NOT-FOR-US: Foxit Reader CVE-2011-3690 (Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 ...) - TODO: check + NOT-FOR-US: PlotSoft PDFill PDF Editor CVE-2011-3689 (Cross-site scripting (XSS) vulnerability in Licenses.html in ...) - TODO: check + NOT-FOR-US: Wibu-Systems CodeMeter WebAdmin CVE-2011-3688 (Multiple SQL injection vulnerabilities in Sonexis ConferenceManager ...) - TODO: check + NOT-FOR-US: Sonexis ConferenceManager CVE-2011-3687 (Multiple cross-site scripting (XSS) vulnerabilities in Sonexis ...) - TODO: check + NOT-FOR-US: Sonexis ConferenceManager CVE-2011-3686 (Multiple cross-site scripting (XSS) vulnerabilities in ...) - TODO: check + NOT-FOR-US: Sonexis ConferenceManager CVE-2011-3685 (Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution ...) - TODO: check + NOT-FOR-US: Tembria Server Monitor CVE-2011-3684 (Multiple cross-site scripting (XSS) vulnerabilities in Tembria Server ...) - TODO: check + NOT-FOR-US: Tembria Server Monitor CVE-2011-3683 RESERVED CVE-2011-3682 @@ -1132,7 +1132,7 @@ CVE-2011-3646 RESERVED CVE-2011-3645 (Newgen OmniDocs allows remote attackers to bypass intended access ...) - TODO: check + NOT-FOR-US: Newgen OmniDocs CVE-2010-4841 (Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ...) TODO: check CVE-2010-4840 (Multiple buffer overflows in the Syslog server in ManageEngine ...) @@ -1623,29 +1623,29 @@ CVE-2011-3438 RESERVED CVE-2011-3437 (Integer signedness error in Apple Type Services (ATS) in Apple Mac OS ...) - TODO: check + NOT-FOR-US: Apple Type Services (ATS) in Apple Mac OS CVE-2011-3436 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a ...) - TODO: check + NOT-FOR-US: Open Directory in Apple Mac OS CVE-2011-3435 (Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users ...) - TODO: check + NOT-FOR-US: Open Directory in Apple Mac OS CVE-2011-3434 (The WiFi component in Apple iOS before 5 stores WiFi credentials in an ...) - TODO: check + NOT-FOR-US: WiFi component in Apple iOS CVE-2011-3433 RESERVED CVE-2011-3432 (The UIKit Alerts component in Apple iOS before 5 allows remote ...) - TODO: check + NOT-FOR-US: UIKit Alerts component in Apple iOS CVE-2011-3431 (The Home screen component in Apple iOS before 5 does not properly ...) - TODO: check + NOT-FOR-US: Home screen component in Apple iOS CVE-2011-3430 (The Settings component in Apple iOS before 5, when a configuration ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3429 (The Settings component in Apple iOS before 5 stores a cleartext ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3428 RESERVED CVE-2011-3427 (The Data Security component in Apple iOS before 5 and Apple TV before ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3426 (Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3425 RESERVED CVE-2011-3424 (Session fixation vulnerability in the Managed File Transfer server in ...) @@ -2030,25 +2030,25 @@ CVE-2011-3306 RESERVED CVE-2011-3305 (Directory traversal vulnerability in Cisco Network Admission Control ...) - TODO: check + NOT-FOR-US: Cisco Network Admission Control CVE-2011-3304 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3303 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3302 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3301 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3300 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3299 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3298 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3297 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3296 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3295 RESERVED CVE-2011-3294 @@ -2060,13 +2060,13 @@ CVE-2011-3291 RESERVED CVE-2011-3290 (Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3289 RESERVED CVE-2011-3288 (Cisco Unified Presence before 8.5(4) does not properly detect ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3287 (Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3286 RESERVED CVE-2011-3285 @@ -2076,31 +2076,31 @@ CVE-2011-3283 RESERVED CVE-2011-3282 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3281 (Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3280 (Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3279 (The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3278 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3277 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3276 (Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3275 (Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3274 (Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3273 (Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3272 (The IP Service Level Agreement (IP SLA) functionality in Cisco IOS ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and ...) - TODO: check + NOT-FOR-US: Cisco CVE-2011-3269 RESERVED CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows ...) @@ -2133,25 +2133,25 @@ - xen 4.1.1-1 - xen-3 <removed> CVE-2011-3261 (Double free vulnerability in OfficeImport in Apple iOS before 5 allows ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3260 (Buffer overflow in OfficeImport in Apple iOS before 5 allows remote ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3259 (The kernel in Apple iOS before 5 and Apple TV before 4.4 does not ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3258 RESERVED CVE-2011-3257 (The Data Access component in Apple iOS before 5 does not properly ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3256 (FreeType in CoreGraphics in Apple iOS before 5 allows remote attackers ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3255 (CFNetwork in Apple iOS before 5 stores AppleID credentials in an ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3254 (Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3253 (CalDAV in Apple iOS before 5 does not validate X.509 certificates for ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3252 (Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, ...) - TODO: check + NOT-FOR-US: Apple iTunes CVE-2011-3251 RESERVED CVE-2011-3250 @@ -2163,9 +2163,9 @@ CVE-2011-3247 RESERVED CVE-2011-3246 (CFNetwork in Apple iOS before 5 and Mac OS X 10.7 before 10.7.2 does ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3245 (The Keyboards component in Apple iOS before 5 displays the final ...) - TODO: check + NOT-FOR-US: Apple iOS CVE-2011-3244 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...) - chromium-browser <undetermined> - webkit <undetermined>