thr3ads.net - Secure testing commits - [Secure-testing-commits] r7152

If this information is useful, please help other people find it:
Share via:

white at alioth.debian.org

2007-Oct-31 06:30 UTC

[Secure-testing-commits] r7152 - data/CVE

Author: white
Date: 2007-10-31 06:30:36 +0000 (Wed, 31 Oct 2007)
New Revision: 7152

Modified:
   data/CVE/list
Log:
NFUs; two sitebar issues addressed to the sitebar security bug

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-31 06:01:20 UTC (rev 7151)
+++ data/CVE/list	2007-10-31 06:30:36 UTC (rev 7152)
@@ -17,15 +17,15 @@
 CVE-2007-5698 (Cross-site scripting (XSS) vulnerability in default.asp in
CREApark ...)
 	NOT-FOR-US: CREApark GOLD KOY PORTALI
 CVE-2007-5697 (Multiple PHP remote file inclusion vulnerabilities in PHP Image
1.2 ...)
-	TODO: check
+	NOT-FOR-US: phpImage
 CVE-2007-5696 (PHP remote file inclusion vulnerability in includes.php in
phpBasic ...)
-	TODO: check
+	NOT-FOR-US: phpBasic
 CVE-2007-5695 (command.php in SiteBar 3.3.8 allows remote attackers to redirect
users ...)
 	TODO: check
 CVE-2007-5694 (Absolute path traversal vulnerability in the translation module
...)
-	TODO: check
+	- sitebar <unfixed> (low; bug #447135)
 CVE-2007-5693 (Eval injection vulnerability in the translation module ...)
-	TODO: check
+	- sitebar <unfixed> (low; bug #447135)
 CVE-2007-5692 (Multiple cross-site scripting (XSS) vulnerabilities in SiteBar
3.3.8 ...)
 	TODO: check
 CVE-2007-5691 (ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP
servers ...)
@@ -37,11 +37,11 @@
 CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the
...)
 	TODO: check
 CVE-2007-5687 (Multiple buffer overflows in the rich text processing
functionality in ...)
-	TODO: check
+	NOT-FOR-US: JustSystems Ichitaro
 CVE-2007-5686 (initscripts in rPath Linux 1 sets insecure permissions for the
...)
 	TODO: check
 CVE-2007-5685 (The safe_path function in shttp before 0.0.5 allows remote
attackers ...)
-	TODO: check
+	NOT-FOR-US: shttp
 CVE-2007-5684 (Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1
and ...)
 	TODO: check
 CVE-2007-5683 (Multiple cross-site scripting (XSS) vulnerabilities in TikiWiki
...)

Secure testing commits - Oct 2007 - r7152 - data/CVE

[Secure-testing-commits] r7152 - data/CVE