Author: stef-guest Date: 2006-02-26 17:54:30 +0000 (Sun, 26 Feb 2006) New Revision: 3541 Modified: data/CVE/list Log: zoo, cherrypy issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-26 16:16:25 UTC (rev 3540) +++ data/CVE/list 2006-02-26 17:54:30 UTC (rev 3541) @@ -51,42 +51,41 @@ NOT-FOR-US: Michael Salzer Guestbox CVE-2006-0858 (Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the ...) NOT-FOR-US: StarForce Safe''n''Sec Personal - -begin claimed by stef-guest - CVE-2006-0857 (Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 ...) - TODO: check + NOT-FOR-US: e107 CMS Chatbox plugin CVE-2006-0856 (SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21 ...) - TODO: check + NOT-FOR-US: SmE GB Host CVE-2006-0855 (Stack-based buffer overflow in the fullpath function in misc.c for zoo ...) - TODO: check + - zoo <unfixed> (bug #354461) CVE-2006-0854 (PHP remote file inclusion vulnerability in common.php in Intensive ...) - TODO: check + NOT-FOR-US: Intensive Point iUser Ecommerce CVE-2006-0853 (Buffer overflow in the IMAP service of TrueNorth Internet Anywhere ...) - TODO: check + NOT-FOR-US: TrueNorth Internet Anywhere CVE-2006-0852 (Direct static code injection vulnerability in write.php in Admbook ...) - TODO: check + NOT-FOR-US: Admbook CVE-2006-0851 (SQL injection vulnerability in the forum module of ilchClan 1.05g and ...) - TODO: check + NOT-FOR-US: ilchClan CVE-2006-0850 (SQL injection vulnerability in include/includes/user/login.php in ...) - TODO: check + NOT-FOR-US: ilchClan CVE-2006-0849 RESERVED CVE-2006-0848 (The "Open ''safe'' files after downloading" option in Safari on Apple ...) - TODO: check + NOT-FOR-US: Apple Safari CVE-2006-0847 (Directory traversal vulnerability in the staticfilter component in ...) - TODO: check + - python2.3-cherrypy2.1 2.1.1-1 (bug #353542) + - python-cherrypy2.1 2.1.1-1 (bug #353542) + - python2.4-cherrypy2.1 2.1.1-1 (bug #353542) + - python-cherrypy <unfixed> (bug #354479) + - python2.3-cherrypy <unfixed> (bug #354479) + - python2.4-cherrypy <unfixed> (bug #354479) CVE-2006-0846 (Multiple cross-site scripting (XSS) vulnerabilities in Leif M. ...) - TODO: check + NOT-FOR-US: Leif M. Wright''s Blog CVE-2006-0845 (Leif M. Wright''s Blog 3.5 allows remote authenticated users with ...) - TODO: check + NOT-FOR-US: Leif M. Wright''s Blog CVE-2006-0844 (Leif M. Wright''s Blog 3.5 does not make a password comparison when ...) - TODO: check + NOT-FOR-US: Leif M. Wright''s Blog CVE-2006-0843 (Leif M. Wright''s Blog 3.5 stores the config file and other txt files ...) - TODO: check - -end claimed by stef-guest - + NOT-FOR-US: Leif M. Wright''s Blog CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows ...) TODO: check CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 ...)