Secure testing commits - Dec 2006 - r5077 - data/CVE

Author: micah
Date: 2006-12-06 03:12:46 +0100 (Wed, 06 Dec 2006)
New Revision: 5077

Modified:
   data/CVE/list
Log:
more NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-12-06 01:59:32 UTC (rev 5076)
+++ data/CVE/list	2006-12-06 02:12:46 UTC (rev 5077)
@@ -66,38 +66,38 @@
 CVE-2006-6248 (index.php in GPhotos 1.5 allows remote attackers to obtain
sensitive ...)
 	TODO: check
 CVE-2006-6247 (Multiple SQL injection vulnerabilities in Uapplication
UPhotoGallery ...)
-	TODO: check
+	NOT-FOR-US: UPhotoGallery
 CVE-2006-6246 (Photo Organizer 2.32b and earlier does not properly check the
...)
-	TODO: check
+	NOT-FOR-US: Photo Organizer
 CVE-2006-6245 (Multiple SQL injection vulnerabilities in Photo Organizer (PO)
2.32b ...)
-	TODO: check
+	NOT-FOR-US: Photo Organizer
 CVE-2006-6244 (Coalescent Systems freePBX (formerly Asterisk Management Portal)
...)
-	TODO: check
+	NOT-FOR-US: Coalescent Systems freePBX
 CVE-2006-6243 (Multiple SQL injection vulnerabilities in index.asp in FipsSHOP
allow ...)
-	TODO: check
+	NOT-FOR-US: FipsSHOP
 CVE-2006-6242 (Multiple directory traversal vulnerabilities in Serendipity
1.0.3 and ...)
 	- serendipity 1.0.4-1 (unimportant; bug #401614)
 	NOTE: Only exploitable with register_globals
 CVE-2006-6241 (Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated
users to ...)
-	TODO: check
+	NOT-FOR-US: Sorin Chitu Telnet-FTP Server
 CVE-2006-6240 (Directory traversal vulnerability in Sorin Chitu Telnet-FTP
Server 1.0 ...)
-	TODO: check
+	NOT-FOR-US: Sorin Chitu Telnet-FTP Server
 CVE-2006-6239 (webadmin in MailEnable NetWebAdmin Profession 2.32 and
Enterprise 2.32 ...)
 	TODO: MailEnable NetWebAdmin
 CVE-2006-6238 (The AutoFill feature in Apple Safari 2.0.4 does not properly
verify ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2006-6237 (SQL injection vulnerability in the decode_cookie function in
...)
-	TODO: check
+	NOT-FOR-US: Woltlab Burning Board Lite
 CVE-2006-6236 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows
remote ...)
 	TODO: check
 CVE-2006-6235
 	RESERVED
 CVE-2006-6234 (Multiple SQL injection vulnerabilities in the Content module in
...)
-	TODO: check
+	NOT-FOR-US: PHP-Nuke
 CVE-2006-6233 (SQL injection vulnerability in the Downloads module for unknown
...)
-	TODO: check
+	NOT-FOR-US: PostNuke
 CVE-2006-6232 (PHP remote file inclusion vulnerability in admin/index.php in
...)
-	TODO: check
+	NOT-FOR-US: DreamAccount
 CVE-2006-6231 (vuBB 0.2.1 and earlier allows remote attackers to obtain
sensitive ...)
 	NOT-FOR-US: VuBB
 CVE-2006-6230 (SQL injection vulnerability in vuBB 0.2.1 and earlier allows
remote ...)
@@ -111,9 +111,9 @@
 CVE-2006-6226 (Multiple format string vulnerabilities in NeoEngine 0.8.2 and
earlier, ...)
 	NOT-FOR-US: NeoEngine
 CVE-2006-6225 (Multiple PHP remote file inclusion vulnerabilities in GeekLog
1.4 ...)
-	TODO: check
+	NOT-FOR-US: GeekLog
 CVE-2006-6224 (PHP remote file inclusion vulnerability in the installation
scripts in ...)
-	TODO: check
+	NOT-FOR-US: Puntal
 CVE-2006-6223 (Cross-site scripting (XSS) vulnerability in Google Search
Appliance ...)
 	NOT-FOR-US: Google Search Appliance
 CVE-2006-6222
@@ -121,39 +121,39 @@
 CVE-2006-6221
 	RESERVED
 CVE-2006-6220 (Multiple SQL injection vulnerabilities in Recipes Website
(Recipes ...)
-	TODO: check
+	NOT-FOR-US: Recipes Complete Website
 CVE-2006-6219 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
-	TODO: check
+	NOT-FOR-US: dev4u CMS
 CVE-2006-6218 (Multiple SQL injection vulnerabilities in index.php in dev4u CMS
allow ...)
-	TODO: check
+	NOT-FOR-US: dev4u CMS
 CVE-2006-6217 (PHP remote file inclusion vulnerability in formdisp.php in the
Mermaid ...)
-	TODO: check
+	NOT-FOR-US: Mermaid module for PHP-NUKE
 CVE-2006-6216 (SQL injection vulnerability in admin_hacks_list.php in the
Nivisec ...)
-	TODO: check
+	NOT-FOR-US: Nivisec Hacks List
 CVE-2006-6215 (Multiple SQL injection vulnerabilities in Wallpaper Website
(Wallpaper ...)
-	TODO: check
+	NOT-FOR-US: Wallpaper Complete Website
 CVE-2006-6214 (SQL injection vulnerability in wallpaper.php in Wallpaper
Website ...)
-	TODO: check
+	NOT-FOR-US: Wallpaper Complete Website
 CVE-2006-6213 (index.php in PEGames uses the extract function to overwrite
critical ...)
-	TODO: check
+	NOT-FOR-US: PEGames
 CVE-2006-6212 (PHP remote file inclusion vulnerability in centre.php in Site
News ...)
 	TODO: check
 CVE-2006-6211 (Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog
1.4.0 ...)
-	TODO: check
+	NOT-FOR-US: BirdBlog
 CVE-2006-6210 (SQL injection vulnerability in listpics.asp in ASP ListPics 5.0
allows ...)
-	TODO: check
+	NOT-FOR-US: ASP ListPics
 CVE-2006-6209 (Multiple SQL injection vulnerabilities in MidiCart ASP Shopping
Cart ...)
-	TODO: check
+	NOT-FOR-US: MidiCart ASP Shopping Cart
 CVE-2006-6208 (Multiple SQL injection vulnerabilities in Enthrallweb
eClassifieds ...)
-	TODO: check
+	NOT-FOR-US: Enthreallweb eClassifieds
 CVE-2006-6207 (SQL injection vulnerability in products.asp in Evolve shopping
cart ...)
-	TODO: check
+	NOT-FOR-US: Evolve Merchant
 CVE-2006-6206 (SQL injection vulnerability in item.asp in WarHound General
Shopping ...)
-	TODO: check
+	NOT-FOR-US: WarHound General Shopping Cart
 CVE-2006-6205 (Multiple cross-site scripting (XSS) vulnerabilities in
result.asp in ...)
-	TODO: check
+	NOT-FOR-US: Enthrallweb eHomes
 CVE-2006-6204 (Multiple SQL injection vulnerabilities in Enthrallweb eHomes
allow ...)
-	TODO: check
+	NOT-FOR-US: Enthrallweb eHomes
 CVE-2006-6203 (Directory traversal vulnerability in startdown.php in the
Flyspray ME ...)
 	TODO: check
 CVE-2006-6202 (PHP remote file inclusion vulnerability in
modules/NukeAI/util.php in ...)