Secure testing commits - Mar 2006 - r3638 - data/CVE

Author: jmm-guest
Date: 2006-03-17 12:36:19 +0000 (Fri, 17 Mar 2006)
New Revision: 3638

Modified:
   data/CVE/list
Log:
new dokuwiki issue (unfixed)
peercast CVEfied
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-17 11:11:18 UTC (rev 3637)
+++ data/CVE/list	2006-03-17 12:36:19 UTC (rev 3638)
@@ -171,48 +171,46 @@
 	RESERVED
 CVE-2006-1167
 	RESERVED
-begin claimed by jmm
 CVE-2006-1165 (Cross-site scripting (XSS) vulnerability in the mediamanager
module in ...)
-	TODO: check
+	- dokuwiki <unfixed> (bug #357436)
 CVE-2006-1164 (Nodez 4.6.1.1 and earlier stores sensitive data in the
list.gtdat file ...)
-	TODO: check
+	NOT-FOR-US: Nodez
 CVE-2006-1163 (Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows
...)
-	TODO: check
+	NOT-FOR-US: Nodez
 CVE-2006-1162 (Directory traversal vulnerability in Nodez 4.6.1.1 and earlier
allows ...)
-	TODO: check
+	NOT-FOR-US: Nodez
 CVE-2006-1161 (Absolute path traversal vulnerability in Easy File Sharing (EFS)
Web ...)
-	TODO: check
+	NOT-FOR-US: Easy File Sharing (EFS) Web Server
 CVE-2006-1160 (Cross-site scripting (XSS) vulnerability in Easy File Sharing
(EFS) ...)
-	TODO: check
+	NOT-FOR-US: Easy File Sharing (EFS) Web Server
 CVE-2006-1159 (Format string vulnerability in Easy File Sharing (EFS) Web
Server 3.2 ...)
-	TODO: check
+	NOT-FOR-US: Easy File Sharing (EFS) Web Server
 CVE-2006-1158 (Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to
cause ...)
-	TODO: check
+	NOT-FOR-US: Kerio MailServer
 CVE-2006-1157 (Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum
2.0.3 ...)
-	TODO: check
+	NOT-FOR-US: Vz Scripts ADP Forum
 CVE-2006-1156 (SQL injection vulnerability in manas tungare Site Membership
Script ...)
-	TODO: check
+	NOT-FOR-US: manas tungare Site Membership Script 
 CVE-2006-1155 (Cross-site scripting (XSS) vulnerability in manas tungare Site
...)
-	TODO: check
+	NOT-FOR-US: manas tungare Site Membership Script 
 CVE-2006-1154 (PHP remote file inclusion vulnerability in archive.php in
Fantastic ...)
-	TODO: check
+	NOT-FOR-US: Fantastic News
 CVE-2006-1153 (SQL injection vulnerability in D2-Shoutbox 4.2 allows remote
attackers ...)
-	TODO: check
+	NOT-FOR-US: D2-Shoutbox
 CVE-2006-1152 (PHP remote file inclusion vulnerability in index.php in M-Phorum
0.2 ...)
-	TODO: check
+	NOT-FOR-US: M-Phorum
 CVE-2006-1151 (Cross-site scripting vulnerability in index.php in M-Phorum 0.2
allows ...)
-	TODO: check
+	NOT-FOR-US: M-Phorum
 CVE-2006-1150 (Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, ...)
 	TODO: check
 CVE-2006-1149 (PHP remote file inclusion vulnerability in lib/OWL_API.php in
OWL ...)
-	TODO: check
+	NOT-FOR-US: OWL Intranet Engine 
 CVE-2006-1148 (Multiple stack-based buffer overflows in the procConnectArgs
function ...)
-	TODO: check
+	- peercast 0.1217.toots.20060314-1
 CVE-2006-1147 (The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold
...)
-	TODO: check
+	NOT-FOR-US: Alien Arena Gold
 CVE-2006-1146 (Stack-based buffer overflow in the Cmd_Say_f function in
g_cmds.c in ...)
-	TODO: check
-end claimed by jmm
+	NOT-FOR-US: Alien Arena Gold
 CVE-2006-1145 (Format string vulnerability in the safe_cprintf function in ...)
 	TODO: check
 CVE-2006-1144 (Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows
...)
@@ -249,8 +247,6 @@
 	TODO: check
 CVE-2005-4729 (SQL injection vulnerabilitiy in show.php in VBZooM Forum allows
remote ...)
 	TODO: check
-CVE-2006-XXXX [Unspecified security problem in Peercast]
-	- peercast 0.1217.toots.20060314-1
 CVE-2006-XXXX [Directory traversal issue in Namazu2]
 	- namazu2 2.0.16-1
 CVE-2006-1166 (Monotone 0.25 and earlier, when a user creates a file in a
directory ...)