thr3ads.net - Secure testing commits - [Secure-testing-commits] r5042

If this information is useful, please help other people find it:
Share via:
Stefan Fritsch
2006-Dec-01 23:53 UTC
[Secure-testing-commits] r5042 - data/CVE

Author: stef-guest
Date: 2006-12-01 23:53:26 +0100 (Fri, 01 Dec 2006)
New Revision: 5042

Modified:
   data/CVE/list
Log:
remove some more 2002 TODOs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-12-01 22:39:30 UTC (rev 5041)
+++ data/CVE/list	2006-12-01 22:53:26 UTC (rev 5042)
@@ -17368,7 +17368,6 @@
 	NOT-FOR-US: Macromedia JRun
 CVE-2002-2185 (The Internet Group Management Protocol (IGMP) allows local users
to ...)
 	NOTE: fixed in IRIX..
-	TODO: check
 CVE-2002-2184 (Digi-Net Technologies DigiChat 3.5 allows chat users to obtain
the IP ...)
 	NOT-FOR-US: DigiChat
 CVE-2002-2183 (phpShare.php in phpShare before 0.6 beta 3 allows remote
attackers to ...)
@@ -20754,7 +20753,7 @@
 CVE-2002-2088 (The MOSIX Project clump/os 5.4 creates a default VNC account
without a ...)
 	NOT-FOR-US: clump/os
 CVE-2002-2087 (Buffer overflow in Borland InterBase 6.0 allows local users to
execute ...)
-	TODO: check firebird as it''s based on InterBase 6.0
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-1580 (Directory traversal vulnerability in ScriptEase viewcode.jse for
...)
 	NOT-FOR-US: ScriptEase
 CVE-2001-1579 (The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0
does not ...)
@@ -21628,13 +21627,13 @@
 CVE-2002-2014 (Lotus Domino 5.0.8 web server returns different error messages
when a ...)
 	NOT-FOR-US: Lotus Domino
 CVE-2002-2013 (Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows
remote ...)
-	TODO: Check this, Mozilla is in the archive
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2012 (Unknown vulnerability in Apache 1.3.19 running on HP Secure OS
for ...)
 	NOT-FOR-US: Apache
 CVE-2002-2011 (Cross-site scripting (XSS) vulnerability in the fom CGI program
...)
 	NOT-FOR-US: faqomatic
 CVE-2002-2010 (Cross-site scripting (XSS) vulnerability in htsearch.cgi in
htdig ...)
-	TODO: Check this, htdig is in the archive
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2009 (Apache Tomcat 4.0.1 allows remote attackers to obtain the web
root ...)
 	NOT-FOR-US: Tomcat
 CVE-2002-2008 (Apache Tomcat 4.0.3 for Windows allows remote attackers to
obtain the ...)
@@ -35642,9 +35641,6 @@
 	- openssl 0.9.6g-1
 CVE-2002-1567 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1
allows ...)
 	NOTE: tomcat4 cross-site scripting vuln
-	NOTE: not sure if it''s a problem or not
-	NOTE: contacted package maintainers, they think it''s not vulnerable.
-	TODO: waiting for further information.
 CVE-2002-1566 (netris 0.5, and possibly other versions before 0.52, when
running with ...)
 	- netris 0.52-1
 CVE-2002-1565 (Buffer overflow in url_filename function for wget 1.8.1 allows
...)
@@ -35820,7 +35816,6 @@
 	NOT-FOR-US: HP
 CVE-2002-1423 (tmp_view.php in FUDforum before 2.2.0 allows remote attackers to
read ...)
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in
phpgroupware-fudforum is 2.5.x)
-	TODO: Check egroupware for this and CVE-2002-1422 and CVE-2004-1421
 CVE-2002-1422 (admbrowse.php in FUDforum before 2.2.0 allows remote attackers
to ...)
 	- phpgroupware <not-affected> (Issue in fudforum 2.2.0. fudforum in
phpgroupware-fudforum is 2.5.x)
 CVE-2002-1421 (SQL injection vulnerabilities in FUDforum before 2.2.0 allow
remote ...)
@@ -35921,7 +35916,6 @@
 	RESERVED
 CVE-2002-1345 (Directory traversal vulnerabilities in multiple FTP clients on
UNIX ...)
 	NOTE: multiple ftp client issues
-	TODO: check wget, ftp, ncftp, etc.
 CVE-2002-1344 (Directory traversal vulnerability in wget before 1.8.2-4 allows
a ...)
 	{DSA-209}
 	- wget 1.8.2-8
@@ -36203,7 +36197,6 @@
 	- purity 1-16
 CVE-2002-1121 (SMTP content filter engines, including (1) GFI MailSecurity for
...)
 	NOTE: Some SMTP mailscanners can be bypassed by fragmenting messages.
-	TODO: check Debian mailscanners, if any.
 CVE-2002-1120 (Buffer overflow in Savant Web Server 3.1 and earlier allows
remote ...)
 	NOT-FOR-US: Savant Web Server
 CVE-2002-1115 (Mantis 0.17.4a and earlier allows remote attackers to view
private ...)
@@ -37463,7 +37456,6 @@
 CVE-2002-1265 (The Sun RPC functionality in multiple libc implementations does
not ...)
 	NOTE: don''t know which version of glibc fix this
 	NOTE: I''ve mailed maintainers.
-	TODO: check
 CVE-2002-1264 (Buffer overflow in Oracle iSQL*Plus web application of the
Oracle 9 ...)
 	NOT-FOR-US: oracle
 CVE-2002-1260 (The Java Database Connectivity (JDBC) APIs in Microsoft Virtual
...)
Secure testing commits - Dec 2006 - r5042 - data/CVE

[Secure-testing-commits] r5042 - data/CVE
