Author: jmm-guest Date: 2005-11-20 21:12:49 +0000 (Sun, 20 Nov 2005) New Revision: 2795 Modified: data/CVE/list Log: two older issues already fixed lots of NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-11-20 18:46:54 UTC (rev 2794) +++ data/CVE/list 2005-11-20 21:12:49 UTC (rev 2795) @@ -415,108 +415,106 @@ NOT-FOR-US: GO-Global CVE-2004-2540 (readObject in (1) Java Runtime Environment (JRE) and (2) Software ...) NOT-FOR-US: Proprietary Java -begin claimed by jmm CVE-2003-1283 (KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet ...) - TODO: check + NOT-FOR-US: Kazaa CVE-2003-1282 (IBM Net.Data allows remote attackers to obtain sensitive information ...) - TODO: check + NOT-FOR-US: IBM Net.Data CVE-2003-1281 (cgihtml 1.69 allows local users to overwrite arbitrary files via a ...) - TODO: check + NOT-FOR-US: cgihtml CVE-2003-1280 (Directory traversal vulnerability in cgihtml 1.69 allows remote ...) - TODO: check + NOT-FOR-US: cgihtml CVE-2003-1279 (S-PLUS 6.0 allows local users to overwrite arbitrary files and ...) - TODO: check + NOT-FOR-US: S-PLUS CVE-2003-1278 (Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows ...) - TODO: check + NOT-FOR-US: OpenTopic CVE-2003-1277 (Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin ...) - TODO: check + NOT-FOR-US: YaBB CVE-2003-1276 (Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN''s ...) - TODO: check + NOT-FOR-US: NetTelephone CVE-2003-1275 (Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a ...) - TODO: check + NOT-FOR-US: Pocket Internet Explorer CVE-2003-1274 (Winamp 3.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Winamp CVE-2003-1273 (Winamp 3.0 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: Winamp CVE-2003-1272 (Multiple buffer overflows in Winamp 3.0 allow remote attackers to ...) - TODO: check + NOT-FOR-US: Winamp CVE-2003-1271 (Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows ...) - TODO: check + NOT-FOR-US: AN HTTP CVE-2003-1270 (AN HTTP 1.41e allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: AN HTTP CVE-2003-1269 (AN HTTP 1.41e allows remote attackers to obtain the root web server ...) - TODO: check + NOT-FOR-US: AN HTTP CVE-2003-1268 (Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) ...) - TODO: check + NOT-FOR-US: a.shopKart CVE-2003-1267 (GuildFTPd 0.999 allows remote attackers to cause a denial of service ...) - TODO: check + NOT-FOR-US: GuildFTPd CVE-2003-1266 (The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 ...) - TODO: check + NOT-FOR-US: EServer CVE-2003-1265 (Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the ...) - TODO: check + TODO: There is no Mozilla 5.0, but it should be tested on a current Mozilla CVE-2003-1264 (TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, ...) - TODO: check + NOT-FOR-US: Longshine hardware CVE-2003-1263 (ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: iCal CVE-2003-1262 (Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and ...) - TODO: check + - libhttpfetcher 1.1.0-1 CVE-2003-1261 (Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a ...) - TODO: check + NOT-FOR-US: CuteFTP CVE-2003-1260 (Buffer overflow in CuteFTP 5.0 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: CuteFTP CVE-2003-1259 (Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to ...) - TODO: check + NOT-FOR-US: CuteFTP CVE-2003-1258 (activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows ...) - TODO: check + NOT-FOR-US: versatileBulletinBoard CVE-2003-1257 (find_theni_home.php in E-theni allows remote attackers to obtain ...) - TODO: check + NOT-FOR-US: E-theni CVE-2003-1256 (aff_liste_langue.php in E-theni allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: E-theni CVE-2003-1255 (add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote ...) - TODO: check + NOT-FOR-US: Active PHP Bookmarks CVE-2003-1254 (Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Active PHP Bookmarks CVE-2003-1253 (Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code ...) - TODO: check + NOT-FOR-US: Bookmark4U CVE-2003-1252 (register.php in S8Forum 3.0 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: S8Forum CVE-2003-1251 (The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php ...) - TODO: check + NOT-FOR-US: N/X 2000 CVE-2003-1250 (Efficient Networks 5861 DSL router, when running firmware 5.3.80 ...) - TODO: check + NOT-FOR-US: Efficient Networks hardware issue CVE-2003-1249 (WebIntelligence 2.7.1 uses guessable user session cookies, which ...) - TODO: check + NOT-FOR-US: WebIntelligence CVE-2003-1248 (H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: WebShell CVE-2003-1247 (Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote ...) - TODO: check + NOT-FOR-US: WebShell CVE-2003-1246 (NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver ...) - TODO: check + NOT-FOR-US: Integrity Protection Driver CVE-2003-1245 (index2.php in Mambo 4.0.12 allows remote attackers to gain ...) - TODO: check + NOT-FOR-US: Mambo CVE-2003-1244 (SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and ...) - TODO: check + - phpbb2 <not-affected> (Fixed before upload into archive; 2.0.3) CVE-2003-1243 (Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote ...) - TODO: check + NOT-FOR-US: Sage CVE-2003-1242 (Sage 1.0 b3 allows remote attackers to obtain the root web server path ...) - TODO: check + NOT-FOR-US: Sage CVE-2003-1241 (Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) ...) - TODO: check + NOT-FOR-US: MyGuestbook CVE-2003-1240 (CuteNews 0.88 allows remote attackers to execute arbitrary PHP code by ...) - TODO: check + NOT-FOR-US: CuteNews CVE-2003-1239 (Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 ...) - TODO: check + NOT-FOR-US: WihPhoto CVE-2003-1238 (Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and ...) - TODO: check + NOT-FOR-US: Nuked-Klan CVE-2003-1237 (Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and ...) - TODO: check -end claimed by jmm + NOT-FOR-US: WWWBoard CVE-2003-1236 (Multiple format string vulnerabilities in the logger function in ...) - TODO: check + NOT-FOR-US: Tanne CVE-2003-1235 (BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server ...) - TODO: check + NOT-FOR-US: BRW WebWeaver CVE-2003-1234 (Integer overflow in the f_count counter in FreeBSD before 4.2 through ...) - TODO: check + NOT-FOR-US: Old FreeBSD bug, should be fixed wrt the KFreeBSD port CVE-2002-2207 (Buffer overflow in ssldump 0.9b2 and earlier, when running in ...) TODO: check CVE-2002-2206 (The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows ...)