Secure testing commits - Jan 2006 - r3372 - data/CVE

Author: fw
Date: 2006-01-26 09:27:19 +0000 (Thu, 26 Jan 2006)
New Revision: 3372

Modified:
   data/CVE/list
Log:
some NFUs, two CVEs for elog


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-01-26 09:14:23 UTC (rev 3371)
+++ data/CVE/list	2006-01-26 09:27:19 UTC (rev 3372)
@@ -131,9 +131,9 @@
 CVE-2006-0369 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-0368 (Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0
before ...)
-	TODO: check
+	NOT-FOR-US: Cisco CallManager
 CVE-2006-0367 (Unspecified vulnerability in Cisco CallManager 3.2 and earlier,
3.3 ...)
-	TODO: check
+	NOT-FOR-US: Cisco CallManager
 CVE-2006-0366 (Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka
PCW) ...)
 	TODO: check
 CVE-2006-0365 (Cross-site scripting (XSS) vulnerability in XMB (aka extreme
message ...)
@@ -159,7 +159,7 @@
 CVE-2006-0355 (Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote
attackers ...)
 	TODO: check
 CVE-2006-0354 (Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points
(WAP) ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2006-0352 (The default configuration of Fluffington FLog 1.01 installs ...)
 	TODO: check
 CVE-2006-0351 (Unspecified "critical denial-of-service
vulnerability" in MyDNS before ...)
@@ -169,9 +169,9 @@
 CVE-2006-0349 (SQL injection vulnerability in eggblog 2.0 allows remote
attackers to ...)
 	TODO: check
 CVE-2006-0348 (Format string vulnerability in the write_logfile function in
ELOG ...)
-	TODO: check
+	- elog <unfixed> (bug #349528; medium)
 CVE-2006-0347 (Directory traversal vulnerability in ELOG before 2.6.1 allows
remote ...)
-	TODO: check
+	- elog <unfixed> (bug #349528; medium)
 CVE-2006-0346 (Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows
...)
 	TODO: check
 CVE-2006-0345 (Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow
remote ...)
@@ -185,17 +185,17 @@
 CVE-2006-0341 (Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in
Rockliffe ...)
 	TODO: check
 CVE-2006-0340 (Unspecified vulnerability in Stack Group Bidding Protocol (SGBP)
...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2006-0339 (Buffer overflow in BitComet Client 0.60 allows remote attackers
to ...)
 	TODO: check
 CVE-2006-0338 (Multiple F-Secure Anti-Virus products and versions for Windows
and ...)
-	TODO: check
+	NOT-FOR-US: F-Secure
 CVE-2006-0337 (Buffer overflow in multiple F-Secure Anti-Virus products and
versions ...)
-	TODO: check
+	NOT-FOR-US: F-Secure
 CVE-2006-0336 (Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to
cause ...)
-	TODO: check
+	NOT-FOR-US: Kerio Firewall
 CVE-2006-0335 (Multiple unspecified vulnerabilities in Kerio WinRoute Firewall
before ...)
-	TODO: check
+	NOT-FOR-US: Kerio Firewall
 CVE-2006-0334 (Cross-site scripting (XSS) vulnerability in search.php in My
Amazon ...)
 	TODO: check
 CVE-2006-0333 (Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows
remote ...)