Secure testing commits - Mar 2006 - r3686 - data/CVE

Author: jmm-guest
Date: 2006-03-24 14:26:21 +0000 (Fri, 24 Mar 2006)
New Revision: 3686

Modified:
   data/CVE/list
Log:
new horde3 issue (unfixed)
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-24 14:08:20 UTC (rev 3685)
+++ data/CVE/list	2006-03-24 14:26:21 UTC (rev 3686)
@@ -231,30 +231,29 @@
 	- wordpress 2.0.2-1
 CVE-2006-1262 (Multiple SQL injection vulnerabilities in ASPPortal 3.00 have
unknown ...)
 	NOT-FOR-US: ASPPortal
-begin claimed by jmm
 CVE-2006-1261 (Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal
3.00 ...)
-	TODO: check
+	NOT-FOR-US: ASPPortal
 CVE-2006-1260 (Horde Application Framework 3.0.9 allows remote attackers to
read ...)
-	TODO: check
+	- horde3 <unfixed> (bug filed)
 CVE-2006-1259 (Multiple SQL injection vulnerabilities in Maian Support 1.0
allow ...)
-	TODO: check
+	NOT-FOR-US: Maian Support
 CVE-2006-1258 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1
allows ...)
 	- phpmyadmin 4:2.8.0.2-2	
 CVE-2006-1257 (The sample files in the authfiles directory in Microsoft
Commerce ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2006-1256 (Cross-site scripting (XSS) vulnerability in guestbook.php in
Soren ...)
-	TODO: check
+	NOT-FOR-US: Soren Boysen (SkullSplitter) PHP Guestbook
 CVE-2006-1255 (Stack-based buffer overflow in the IMAP service in Mercur
Messaging ...)
-	TODO: check
+	NOT-FOR-US: Mercur Messaging
 CVE-2006-1254 (Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0
allows ...)
-	TODO: check
+	NOT-FOR-US: BorderWare MXtreme
 CVE-2006-1253 (Unspecified vulnerability in glFTPd before 2.01 RC5 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: glFTPd
 CVE-2006-1252 (Eval injection vulnerability in cal.php in Light Weight Calendar
(LWC) ...)
-	TODO: check
-end claimed by jmm
+	NOT-FOR-US: Light Weight Calendar
 CVE-2006-1251 (greylistclean.cron in sa-exim 4.2 allows remote attackers to
delete ...)
 	- sa-exim 4.2.1-1 (bug #345071; bug #356301)
+begin claimed by jmm
 CVE-2006-1250 (Unspecified vulnerability in the Webmail module in Winmail
before 4.3 ...)
 	TODO: check
 CVE-2006-1249 (** UNVERIFIABLE, PRERELEASE ** ...)
@@ -273,6 +272,7 @@
 	TODO: check
 CVE-2005-4741 (NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before
20051031 ...)
 	TODO: check
+end claimed by jmm
 CVE-2005-4740 (IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10
allows ...)
 	NOT-FOR-US: IBM DB2
 CVE-2005-4739 (IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10
...)