Secure testing commits - Jan 2006 - r3210 - data/CVE

Author: micah
Date: 2006-01-02 21:41:20 +0000 (Mon, 02 Jan 2006)
New Revision: 3210

Modified:
   data/CVE/list
Log:
Added some notes and fixed typos


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-01-02 15:08:21 UTC (rev 3209)
+++ data/CVE/list	2006-01-02 21:41:20 UTC (rev 3210)
@@ -2553,6 +2553,7 @@
 	NOT-FOR-US: Zone Labs
 CVE-2005-3559 (Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9
...)
 	- asterisk <unfixed> (bug #338116; medium)
+	NOTE: Sarge and Woody are affected by this
 CVE-2005-3558 (PHP file inclusion vulnerability in index.php in OSTE 1.0 allows
...)
 	NOT-FOR-US: OSTE 
 CVE-2005-3557 (Directory traversal vulnerability in admin/defaults.php in
PHPlist ...)
@@ -7433,7 +7434,7 @@
 CVE-2005-2211 (Backup Manager 0.5.8a creates temporary files insecurely, which
allows ...)
 	- backup-manager 0.5.8-2 (low)
 CVE-2005-2210 (Stack-based buffer overflow in Internet Download Manager 4.05
allows ...)
-	NOT-FOR-US: Internet Down
+	NOT-FOR-US: Internet Download Manager
 CVE-2005-2209 (Capturix ScanShare 1.06 build 50 stores sensitive information
such as ...)
 	NOT-FOR-US: ScanShare
 CVE-2005-2208 (PrivaShare 1.1b allows remote attackers to cause a denial of
service ...)
@@ -7878,6 +7879,7 @@
 	NOT-FOR-US: imTRSET
 CVE-2005-2081 (Stack-based buffer overflow in the function that parses commands
in ...)
 	- asterisk 1:1.0.9.dfsg-1 (bug #315532; medium)
+	NOTE: Sarge and Woody are affected
 CVE-2005-2080 (Unknown vulnerability in Remote Agent for Windows Servers (RAWS)
in ...)
 	NOT-FOR-US: Veritas Backup
 CVE-2005-2079 (Heap-based buffer overflow in the Admin Plus Pack Option for
VERITAS ...)
@@ -14410,10 +14412,13 @@
 	NOTE: CVE entry claims that 2.0.18 is vulnerable, but this is wrong.
 CVE-2005-0371 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0
and ...)
 	- armagetron <unfixed> (bug #296840; low)
+	NOTE: Sarge and Woody affected
 CVE-2005-0370 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0
and ...)
 	- armagetron 0.2.7.0-1
+	NOTE: Sarge has this version number, but oldstable is affected
 CVE-2005-0369 (Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0
earlier ...)
 	- armagetron 0.2.7.0-1
+	NOTE: Sarge has this version number, but olstable is affected
 CVE-2005-0368 (Multiple SQL injection vulnerabilities in CMScore allow remote
...)
 	NOT-FOR-US: CMScore
 CVE-2005-0367 (Multiple directory traversal vulnerabilities in ArGoSoft Mail
Server ...)