Author: fw
Date: 2006-04-15 09:09:55 +0000 (Sat, 15 Apr 2006)
New Revision: 3812
Modified:
data/CVE/list
Log:
several NFUs
powersave issue (pinged maintainer)
slash issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-04-15 07:52:06 UTC (rev 3811)
+++ data/CVE/list 2006-04-15 09:09:55 UTC (rev 3812)
@@ -218,7 +218,7 @@
- mozilla-thunderbird <unfixed> (low)
NOTE: This is probably: https://bugzilla.mozilla.org/show_bug.cgi?id=320459
CVE-2006-1722 (Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS
4.0 ...)
- TODO: check
+ NOT-FOR-US: ShopXS
CVE-2006-1721 (Unspecified vulnerability in the CMU Cyrus Simple Authentication
and ...)
TODO: check
CVE-2006-1720 (Cross-site scripting (XSS) vulnerability in search.php in
SaphpLesson ...)
@@ -226,45 +226,47 @@
CVE-2006-1719 (Internet Explorer 6 allows remote attackers to cause a denial of
...)
TODO: check
CVE-2006-1718 (Magus Perde Clever Copy 3.0 and earlier stores sensitive
information ...)
- TODO: check
+ NOT-FOR-US: Clever Copy
CVE-2006-1717 (Cross-site scripting (XSS) vulnerability in newthread.php in
MyBB (aka ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-1716 (Cross-site scripting (XSS) vulnerability in
inc/functions_post.php in ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-1715 (Multiple directory traversal vulnerabilities in Christian
Kindahl ...)
- TODO: check
+ NOT-FOR-US: TUGZip
CVE-2006-1714 (CRLF injection vulnerability in index.php in Christoph Roeder
...)
- TODO: check
+ NOT-FOR-US: phpMyForum
CVE-2006-1713 (Cross-site scripting (XSS) vulnerability in index.php in
Christoph ...)
- TODO: check
+ NOT-FOR-US: phpMyForum
CVE-2006-1710 (SQL injection vulnerability in admin.php in Design Nation
DNGuestbook ...)
- TODO: check
+ NOT-FOR-US: DNGuestbook
CVE-2005-4784 (Multiple buffer overflows in the POSIX readdir_r function, as
used in ...)
TODO: check
CVE-2005-4783 (kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does
not ...)
- TODO: check
+ NOT-FOR-US: NetBSD
CVE-2005-4782 (NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the
kernel is ...)
- TODO: check
+ NOT-FOR-US: NetBSD
CVE-2005-4781 (Multiple SQL injection vulnerabilities in SergiDs Top Music
module 3.0 ...)
- TODO: check
+ NOT-FOR-US: SergiD Top Music module
CVE-2005-4780 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: LightHouse CMS
CVE-2005-4779 (verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls
NDINIT with ...)
- TODO: check
+ NOT-FOR-US: NetBSD
CVE-2005-4778 (The powersave daemon in SUSE Linux 10.0 before 20051007 has an
...)
- TODO: check
+ - powersave 0.12.7-1
+ NOTE:
https://bugzilla.novell.com/show_bug.cgi?id=119628&x=18&y=11&=Find
+ TODO: Pinged maintainer. Not clear if this bug has indeed been fixed.
CVE-2005-4777 (Tashcom ASPEdit 2.9 stores the administration password (aka the
FTP ...)
- TODO: check
+ NOT-FOR-US: Tashcom ASPEdit
CVE-2005-4776 (Integer overflow in the FreeBSD compatibility code
(freebsd_misc.c) in ...)
- TODO: check
+ NOT-FOR-US: NetBSD
CVE-2005-4775 (Michael Scholz and Sebastian Stein Contineo 2.0, when the admin
...)
- TODO: check
+ NOT-FOR-US: Contineo
CVE-2005-4774 (Cross-site scripting (XSS) vulnerability in Xerver 4.17 allows
remote ...)
- TODO: check
+ NOT-FOR-US: Xerver
CVE-2005-4773 (The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and
2.5.x ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2004-2656 (Multiple cross-site scripting (XSS) vulnerabilities in Slashdot
Like ...)
- TODO: check
+ - slash <unfixed> (medium)
CVE-2006-XXXX [firebird local DoS]
- firebird2 1.5.3.4870-4 (bug #362001)
CVE-2006-1744 (Buffer overflow in pl_main.c in sail in BSDgames 2.17-7 allows
local ...)
@@ -3181,7 +3183,7 @@
CVE-2005-4676 (Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null
...)
TODO: check
CVE-2003-1291 (VMware ESX Server 1.5.2 before Patch 4 allows local users to
execute ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2006-0467 (Unspecified vulnerability in Pioneers (formerly gnocatan) before
...)
{DSA-964-1}
[woody] - gnocatan 0.6.1-5woody3