Secure testing commits - Mar 2006 - r3664 - data/CVE

Author: djoume-guest
Date: 2006-03-22 21:46:19 +0000 (Wed, 22 Mar 2006)
New Revision: 3664

Modified:
   data/CVE/list
Log:
stlport5
nufw
unalz
NFUs
new block


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-03-22 17:42:49 UTC (rev 3663)
+++ data/CVE/list	2006-03-22 21:46:19 UTC (rev 3664)
@@ -818,33 +818,32 @@
 	NOT-FOR-US: ActiveCampaign products
 CVE-2006-0969 (PHP remote file inclusion vulnerability in index.php in Top
sites de ...)
 	NOT-FOR-US: PixelArtKingdom TopSites
-begin claimed by djoume
 CVE-2006-0968 (The ncprwsnt service in NCP Network Communication Secure Client
8.11 ...)
-	TODO: check
+	NOT-FOR-US: NCP Network Communication Secure Client
 CVE-2006-0967 (NCP Network Communication Secure Client 8.11 Build 146, and
possibly ...)
-	TODO: check
+	NOT-FOR-US: NCP Network Communication Secure Client
 CVE-2006-0966 (NCP Network Communication Secure Client 8.11 Build 146, and
possibly ...)
-	TODO: check
+	NOT-FOR-US: NCP Network Communication Secure Client
 CVE-2006-0965 (NCP Network Communication Secure Client 8.11 Build 146, and
possibly ...)
-	TODO: check
+	NOT-FOR-US: NCP Network Communication Secure Client
 CVE-2006-0964 (Client Firewall in NCP Network Communication Secure Client 8.11
Build ...)
-	TODO: check
+	NOT-FOR-US: NCP Network Communication Secure Client
 CVE-2006-0963 (Multiple buffer overflows in STLport 5.0.2 might allow local
users to ...)
-	TODO: check
+	- stlport5 <unfixed> (bug #358471, medium)
 CVE-2006-0962 (SQL injection vulnerability in vuBB 0.2 allows remote attackers
to ...)
-	TODO: check
+	NOT-FOR-US: VuBB
 CVE-2006-0961 (SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1
allows ...)
-	TODO: check
+	NOT-FOR-US: Cilem Hiber
 CVE-2006-0960 (uConfig agent in Compex NetPassage WPE54G router allows remote
...)
-	TODO: check
+	NOT-FOR-US: Compex NetPassage WPE54G router
 CVE-2006-0959 (SQL injection vulnerability in misc.php in MyBulletinBoard
(MyBB) ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2006-0958 (Cross-site scripting (XSS) vulnerability in func.inc.php in
ZoneO-Soft ...)
-	TODO: check
+	NOT-FOR-US: ZoneO-Soft freeForum
 CVE-2006-0957 (Direct static code injection vulnerability in func.inc.php in
...)
-	TODO: check
+	NOT-FOR-US: ZoneO-Soft freeForum
 CVE-2006-0956 (nuauth in NuFW before 1.0.21 does not properly handle blocking
TLS ...)
-	TODO: check
+	- nufw <unfixed> (bug filed, low)
 CVE-2006-0955
 	RESERVED
 CVE-2006-0954
@@ -856,12 +855,12 @@
 CVE-2006-0951
 	RESERVED
 CVE-2006-0950 (unalz 0.53 allows user-complicit attackers to overwrite
arbitrary ...)
-	TODO: check
+	- unalz <unfixed> (bug #356832, medium)
 CVE-2006-0949 (RaidenHTTPD 1.1.47 allows remote attackers to obtain source code
of ...)
-	TODO: check
+	NOT-FOR-US: RaidenHTTPD
 CVE-2006-0948
 	RESERVED
-end claimed by djoume
+begin claimed by djoume
 CVE-2006-0947 (Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows
remote ...)
 	TODO: check
 CVE-2006-0946 (Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch
modems ...)
@@ -882,6 +881,7 @@
 	TODO: check
 CVE-2006-0938 (Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and
...)
 	TODO: check
+end claimed by djoume
 CVE-2006-1320 (util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to
make a ...)
 	- rssh 2.3.0-1.1 (bug #346322; low)
 	[sarge] - rssh <not-affected> (Problem has been introduced in 2.3.0)