Secure testing commits - Nov 2006 - r5032 - data/CVE

Author: stef-guest
Date: 2006-11-30 22:39:11 +0100 (Thu, 30 Nov 2006)
New Revision: 5032

Modified:
   data/CVE/list
Log:
some NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-11-30 21:33:52 UTC (rev 5031)
+++ data/CVE/list	2006-11-30 21:39:11 UTC (rev 5032)
@@ -18,7 +18,7 @@
 CVE-2003-1310 (The DeviceIoControl function in the Norton Device Driver
(NAVAP.sys) ...)
 	NOT-FOR-US: Norton
 CVE-2003-1309 (The DeviceIoControl function in the TrueVector Device Driver
...)
-	TODO: check
+	NOT-FOR-US: ZoneAlarm
 CVE-2006-6168 (tiki-register.php in TikiWiki before 1.9.7 allows remote
attackers to ...)
 	- tikiwiki 1.9.7+dfsg-1 (low)
 CVE-2006-6167 (** DISPUTED ** ...)
@@ -34,9 +34,9 @@
 CVE-2006-6162 (Cross-site scripting (XSS) vulnerability in
tiki-edit_structures.php ...)
 	TODO: check
 CVE-2006-6161 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum
Help Desk ...)
-	TODO: check
+	NOT-FOR-US: Doug Luxem Liberum Help Desk
 CVE-2006-6160 (SQL injection vulnerability in details.asp in Doug Luxem Liberum
Help ...)
-	TODO: check
+	NOT-FOR-US: Doug Luxem Liberum Help Desk
 CVE-2006-6159 (Multiple cross-site scripting (XSS) vulnerabilities in
newticket.php ...)
 	TODO: check
 CVE-2006-6158 (Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS
Help ...)
@@ -44,11 +44,11 @@
 CVE-2006-6157 (SQL injection vulnerability in index.php in ContentNow 1.39 and
...)
 	TODO: check
 CVE-2006-6156 (Cross-site scripting (XSS) vulnerability in auth/message.php in
HIOX ...)
-	TODO: check
+	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
 CVE-2006-6155 (Multiple SQL injection vulnerabilities in addrating.php in HIOX
Star ...)
-	TODO: check
+	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
 CVE-2006-6154 (PHP remote file inclusion vulnerability in addcode.php in HIOX
Star ...)
-	TODO: check
+	NOT-FOR-US: HIOX Star Rating System Script (HSRS)
 CVE-2006-6153 (Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net
...)
 	NOTE: NOT-FOR-US (vSpin.net)
 CVE-2006-6152 (Multiple SQL injection vulnerabilities in vSpin.net Classified
System ...)
@@ -66,7 +66,7 @@
 CVE-2006-6146 (Buffer overflow in the HPDF_Page_Circle function in ...)
 	TODO: check
 CVE-2006-6145 (CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials
in ...)
-	TODO: check
+	NOT-FOR-US: CRYPTOCard
 CVE-2006-6144
 	RESERVED
 CVE-2006-6143
@@ -94,7 +94,7 @@
 CVE-2006-6132 (Multiple SQL injection vulnerabilities in Link Exchange Lite
allow ...)
 	TODO: check
 CVE-2006-6131 (Untrusted search path vulnerability in (1) WSAdminServer and (2)
...)
-	TODO: check
+	NOT-FOR-US: Kerio WebSTAR
 CVE-2006-6130 (Apple Mac OS X AppleTalk allows local users to cause a denial of
...)
 	NOTE: NOT-FOR-US (Apple Mac OS X)
 CVE-2006-6169 (Buffer overflow in the ask_outfile_name function in openfile.c
for ...)
@@ -174,15 +174,15 @@
 CVE-2006-6097 (GNU tar 1.16 and 1.15.1, and possibly other versions, allows
...)
 	- tar <unfixed> (high; bug #399845)
 CVE-2006-6096 (Cross-site scripting (XSS) vulnerability in
activenews_search.asp in ...)
-	TODO: check
+	NOT-FOR-US: ActiveNews Manage
 CVE-2006-6095 (Multiple SQL injection vulnerabilities in ActiveNews Manager
allow ...)
-	TODO: check
+	NOT-FOR-US: ActiveNews Manage
 CVE-2006-6094 (Multiple SQL injection vulnerabilities in ActiveNews Manager
allow ...)
-	TODO: check
+	NOT-FOR-US: ActiveNews Manage
 CVE-2006-6093 (Multiple PHP remote file inclusion vulnerabilities in
adminprint.php ...)
 	TODO: check
 CVE-2006-6092 (Multiple SQL injection vulnerabilities in vehiclelistings.asp in
20/20 ...)
-	TODO: check
+	NOT-FOR-US: Auto Gallery
 CVE-2006-6091 (Cross-site scripting (XSS) vulnerability in Grim Pirate GrimBB
before ...)
 	TODO: check
 CVE-2006-6090 (Multiple SQL injection vulnerabilities in BaalAsp forum allow
remote ...)