Author: jmm-guest Date: 2006-02-13 08:17:38 +0000 (Mon, 13 Feb 2006) New Revision: 3463 Modified: data/CVE/list Log: two not-affected removed a non-issue NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-02-12 23:03:24 UTC (rev 3462) +++ data/CVE/list 2006-02-13 08:17:38 UTC (rev 3463) @@ -153,35 +153,25 @@ CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...) NOT-FOR-US: Lexmark printer CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and ...) - NOT-FOR-US: TODO: check CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...) - NOT-FOR-US: - TODO: check + - fcron <not-affected> (Not included in Debian package) CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: cPanel CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: cPanel CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: phpstatus CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: phpstatus CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: phpstatus CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in Papoo ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: Papoo CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in Outblaze ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: Outblaze CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before 0.5.1, ...) - NOT-FOR-US: - TODO: check + NOT-FOR-US: Xaraya CVE-2006-XXXX [bluez-hcidump DoS] - bluez-hcidump <unfixed> (bug #351881) CVE-2006-0566 (The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote ...) @@ -2454,8 +2444,7 @@ CVE-2005-4218 (SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows ...) NOT-FOR-US: PHPWebThings CVE-2005-4217 (Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges ...) - TODO: check, whether this affects Debian''s perl - NOTE: no actual data on what the hole is + - perl <not-affected> (MacOS specific vulnerability) CVE-2005-4216 (The Administration Service (FMSAdmin.exe) in Macromedia Flash Media ...) NOT-FOR-US: Macromedia Flash Media Server CVE-2005-4215 (Motorola SB5100E Cable Modem allows remote attackers to cause a denial ...) @@ -7927,10 +7916,6 @@ CVE-2005-XXXX [Insecure usage of temporary files in x11perfcomp and other security issues] - xfree86 <unfixed> (bug #321447; low) - xorg-x11 <unfixed> (bug #321447; low) -CVE-2005-XXXX [kdebase: startkde does not check lnusertemp''s result?] - NOTE: This hardly has security implications, lots of applications do not cope - NOTE: with a filled up /tmp dir. - - kdebase <unfixed> (bug #292078; low) CVE-2005-XXXX [gs-esp: Insecure usage of /tmp in source code] - gs-esp <unfixed> (bug #291452; low) CVE-2005-XXXX [Format string bug in sysklogd''s syslog_tst sources]