thr3ads.net - Secure testing commits - [Secure-testing-commits] r4602

If this information is useful, please help other people find it:
Share via:
Stefan Fritsch
2006-Aug-19 11:15 UTC
[Secure-testing-commits] r4602 - data/CVE

Author: stef-guest
Date: 2006-08-19 11:14:40 +0000 (Sat, 19 Aug 2006)
New Revision: 4602

Modified:
   data/CVE/list
Log:
alsaplayer CVEified; some NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-08-19 11:05:15 UTC (rev 4601)
+++ data/CVE/list	2006-08-19 11:14:40 UTC (rev 4602)
@@ -101,19 +101,19 @@
 CVE-2006-4143 (Netgear FVG318 running firmware 1.0.40 allows remote attackers
to ...)
 	NOT-FOR-US: Netgear
 CVE-2006-4142 (SQL injection vulnerability in extra/online.php in Virtual War
(VWar) ...)
-	TODO: check
+	NOT-FOR-US: Virtual War (VWar)
 CVE-2006-4141 (SQL injection vulnerability in news.php in Virtual War (VWar)
1.5.0 ...)
-	TODO: check
+	NOT-FOR-US: Virtual War (VWar)
 CVE-2006-4140 (Directory traversal vulnerability in IPCheck Server Monitor
5.3.2.609 ...)
 	TODO: check
 CVE-2006-4139 (Race condition in Sun Solaris 10 allows attackers to cause a
denial of ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2006-4138 (Multiple unspecified vulnerabilities in Microsoft Windows Help
File ...)
 	TODO: check
 CVE-2006-4137 (IBM WebSphere Application Server before 6.1.0.1 allows attackers
to ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2006-4136 (Multiple unspecified vulnerabilities in IBM WebSphere
Application ...)
-	TODO: check
+	NOT-FOR-US: IBM WebSphere
 CVE-2006-4135 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-4134 (Unspecified vulnerability related to a &quot;design
flaw&quot; in SAP Internet ...)
@@ -129,7 +129,7 @@
 CVE-2006-4129 (PHP remote file inclusion vulnerability in
admin.webring.docs.php in ...)
 	TODO: check
 CVE-2006-4128 (Multiple heap-based buffer overflows in Symantec VERITAS Backup
Exec ...)
-	TODO: check
+	NOT-FOR-US: Symantec VERITAS
 CVE-2006-4127 (Multiple format string vulnerabilities in DConnect Daemon 0.7.0
and ...)
 	TODO: check
 CVE-2006-4126 (The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and
earlier ...)
@@ -151,7 +151,7 @@
 CVE-2006-4118 (Multiple SQL injection vulnerabilities in GeheimChaos 0.5 and
earlier ...)
 	TODO: check
 CVE-2006-4117 (The squeue_drain function in Sun Solaris 10, possibly only when
run on ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2006-4116 (Multiple stack-based buffer overflows in Lhaz before 1.32 allow
...)
 	TODO: check
 CVE-2006-4115 (PHP remote file inclusion vulnerability in common.inc.php in
PgMarket ...)
@@ -165,7 +165,7 @@
 CVE-2006-4111 (Ruby on Rails before 1.1.5 allows remote attackers to execute
Ruby ...)
 	TODO: check
 CVE-2006-4110 (Apache 2.2.2, when running on Windows, allows remote attackers
to read ...)
-	TODO: check
+	NOT-FOR-US: Apache on Windows only
 CVE-2006-4109 (Cross-site scripting (XSS) vulnerability in Bibliography ...)
 	TODO: check
 CVE-2006-4108 (SQL injection vulnerability in Bibliography (biblio.module) 4.6
before ...)
@@ -207,7 +207,7 @@
 CVE-2006-4090 (Cross-site scripting (XSS) vulnerability in Webligo BlogHoster
2.2 ...)
 	TODO: check
 CVE-2006-4089 (Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76
and ...)
-	TODO: check
+	- alsaplayer <unfixed> (medium; bug #382842)
 CVE-2006-4088 (Multiple cross-site scripting (XSS) vulnerabilities in
CivicSpace ...)
 	TODO: check
 CVE-2006-4087 (Cross-site scripting (XSS) vulnerability in admin.cgi in ...)
@@ -256,8 +256,6 @@
 	- gnutls11 <unfixed> (medium)
 	- gnutls12 1.2.11-3 (medium)
 	- gnutls13 1.4.2-1 (medium)
-CVE-2006-XXXX [AlsaPlayer Multiple Buffer Overflow Vulnerabilities]
-	- alsaplayer <unfixed> (medium; bug #382842)
 CVE-2006-XXXX [unspecified vulnerability in ruby on rails]
 	- rails 1.1.6-1 (bug #382255; medium)
 CVE-2006-4071 (Sign extension vulnerability in the createBrushIndirect function
in ...)
@@ -702,9 +700,9 @@
 CVE-2006-3861 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00
before ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2006-3860 (IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00
before ...)
-	TODO: check
+	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2006-3859 (IBM Informix Dynamic Server (IDS) allows remote authenticated
users to ...)
-	TODO: check
+	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2006-3858 (IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00
before ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2006-3857 (Multiple buffer overflows in IBM Informix Dynamic Server (IDS)
before ...)
@@ -714,7 +712,7 @@
 CVE-2006-3855 (The ifx_load_internal function in IBM Informix Dynamic Server
(IDS) ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2006-3854 (Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7,
...)
-	TODO: check
+	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2006-3853 (Buffer overflow in IBM Informix Dynamic Server (IDS) before
9.40.TC7 ...)
 	NOT-FOR-US: IBM Informix Dynamic Server
 CVE-2006-3852 (Cross-site scripting (XSS) vulnerability in index.php in Micro
...)
Secure testing commits - Aug 2006 - r4602 - data/CVE

[Secure-testing-commits] r4602 - data/CVE
