thr3ads.net - Secure testing commits - [Secure-testing-commits] r3826

If this information is useful, please help other people find it:
Share via:

Stefan Fritsch

2006-Apr-18 19:44 UTC

[Secure-testing-commits] r3826 - data/CVE

Author: stef-guest
Date: 2006-04-18 19:43:06 +0000 (Tue, 18 Apr 2006)
New Revision: 3826

Modified:
   data/CVE/list
Log:
doomsday itp
sysklogd issue unimportant

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-04-18 18:47:10 UTC (rev 3825)
+++ data/CVE/list	2006-04-18 19:43:06 UTC (rev 3826)
@@ -543,29 +543,31 @@
 CVE-2006-1625 (Cross-site scripting (XSS) vulnerability in
inc/functions_post.php in ...)
 	NOT-FOR-US: MyBB
 CVE-2006-1624 (The default configuration of syslogd in the Linux sysklogd
package ...)
-	TODO: check
+	- sysklogd <unimportant>
+	NOTE: No sane person will open a network socket for syslog without apropriate
+	NOTE: firewall rules. The default is not to listen to the network.
 CVE-2006-1623 (Unspecified vulnerability in main.php in an unspecified
&quot;file created ...)
-	TODO: check
+	NOT-FOR-US: FleXiBle Development
 CVE-2006-1622 (Cross-site scripting (XSS) vulnerability in PHPSelect linksubmit
...)
-	TODO: check
+	NOT-FOR-US: PHPSelect
 CVE-2006-1621 (Directory traversal vulnerability in
admin/folders/saveuploadfiles.asp ...)
-	TODO: check
+	NOT-FOR-US: Hosting Controller
 CVE-2006-1620 (admin/accounts/AccountActions.asp in Hosting Controller 2002 RC
1 ...)
-	TODO: check
+	NOT-FOR-US: Hosting Controller
 CVE-2006-1619 (IBM WebSphere Application Server 4.0.1 through 4.0.3 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: WebSphere
 CVE-2006-1618 (Format string vulnerability in the (1) Con_message and (2)
conPrintf ...)
-	TODO: check
+	- doomsday <itp> (bug #319419)
 CVE-2006-1617 (Multiple cross-site scripting (XSS) vulnerabilities in Advanced
Poll ...)
-	TODO: check
+	NOT-FOR-US: Advanced Poll
 CVE-2006-1616 (Multiple SQL injection vulnerabilities in Advanced Poll 2.02
allow ...)
-	TODO: check
+	NOT-FOR-US: Advanced Poll
 CVE-2006-1613 (Multiple SQL injection vulnerabilities in aWebNews 1.0 allow
remote ...)
-	TODO: check
+	NOT-FOR-US: aWebNews
 CVE-2006-1612 (Multiple cross-site scripting (XSS) vulnerabilities in
visview.php in ...)
-	TODO: check
+	NOT-FOR-US: aWebNews
 CVE-2006-1611 (Directory traversal vulnerability in KGB Archiver before
1.1.5.22 ...)
-	TODO: check
+	NOT-FOR-US: KGB Archiver
 CVE-2006-1610 (PHP remote file inclusion vulnerability in lib/armygame.php in
SQuery ...)
 	TODO: check
 CVE-2006-1609 (Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA,
XFIT/S/ZGN, ...)

Secure testing commits - Apr 2006 - r3826 - data/CVE

[Secure-testing-commits] r3826 - data/CVE