Author: stef-guest Date: 2006-04-19 18:43:26 +0000 (Wed, 19 Apr 2006) New Revision: 3832 Modified: data/CVE/list Log: some more NFUs bugnum oooold squid issue claim Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-19 17:57:42 UTC (rev 3831) +++ data/CVE/list 2006-04-19 18:43:26 UTC (rev 3832) @@ -620,7 +620,7 @@ NOT-FOR-US: Microsoft Windows Help CVE-2006-1590 (Cross-site scripting (XSS) vulnerability in the PrintFreshPage ...) - acidbase <unfixed> (bug #363548) - - acidlab <unfixed> (bug filed) + - acidlab <unfixed> (bug #363549) CVE-2006-1589 (The elf_load_file function in NetBSD 2.0 through 3.0 allows local ...) NOT-FOR-US: NetBSD kernel CVE-2006-1588 (The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not ...) @@ -2380,27 +2380,27 @@ CVE-2006-0821 (SQL injection vulnerability in index.php in BXCP 0.299 allows remote ...) NOT-FOR-US: BXCP CVE-2006-0820 (Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 ...) - TODO: check + NOT-FOR-US: Dwarf HTTP Server CVE-2006-0819 (Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source ...) - TODO: check + NOT-FOR-US: Dwarf HTTP Server CVE-2006-0818 RESERVED CVE-2006-0817 RESERVED CVE-2006-0816 (Orion Application Server before 2.0.7, when running on Windows, allows ...) - TODO: check + NOT-FOR-US: Orion Application Server CVE-2006-0815 (NetworkActiv Web Server 3.5.15 allows remote attackers to read script ...) - TODO: check + NOT-FOR-US: NetworkActiv Web Server CVE-2006-0814 (response.c in Lighttpd 1.4.10 and possibly previous versions, when run ...) - TODO: check + NOT-FOR-US: Lighttpd under windows CVE-2006-0813 (Heap-based buffer overflow in WinACE 2.60 allows user-complicit ...) - TODO: check + NOT-FOR-US: WinACE CVE-2006-0812 (The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server ...) - TODO: check + NOT-FOR-US: WinACE VisNetic AntiVirus CVE-2005-4727 (Cross-site scripting (XSS) vulnerability in gbook.cgi in gBook before ...) - TODO: check + NOT-FOR-US: gBook CVE-2004-2654 (The clientAbortBody function in client_side.c in Squid Web Proxy Cache ...) - TODO: check + - squid 2.5.6 CVE-2006-0811 (Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board ...) NOT-FOR-US: Skate Board CVE-2006-0810 (Unspecified vulnerability in config.php in Skate Board 0.9 allows ...) @@ -2466,23 +2466,24 @@ CVE-2006-0781 (Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and ...) NOT-FOR-US: PerlBlog CVE-2006-0780 (Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in ...) - TODO: check + NOT-FOR-US: PerlBlog CVE-2006-0779 (Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums ...) - TODO: check + NOT-FOR-US: XMB Forums CVE-2006-0778 (Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier ...) - TODO: check + NOT-FOR-US: XMB Forums CVE-2006-0777 (Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 ...) - TODO: check + NOT-FOR-US: Teca Scripts Guestex CVE-2006-0776 (Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts ...) - TODO: check + NOT-FOR-US: Teca Scripts Guestex CVE-2006-0775 (Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 ...) - TODO: check + NOT-FOR-US: BirthSys +begin claimed by stef-guest CVE-2006-0774 (SQL injection vulnerability in deleteSession() in DB_eSession library ...) TODO: check CVE-2006-0773 (Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - ...) - TODO: check + NOT-FOR-US: Hitachi Business Logic CVE-2006-0772 (SQL injection vulnerability in Hitachi Business Logic - Container ...) - TODO: check + NOT-FOR-US: Hitachi Business Logic CVE-2006-0771 (Format string vulnerability in PunkBuster 1.180 and earlier, as used ...) TODO: check CVE-2006-0770 (Cross-site scripting (XSS) vulnerability in calendar.php in ...) @@ -2513,6 +2514,7 @@ TODO: check CVE-2006-0757 (Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier ...) TODO: check +end claimed by stef-guest CVE-2006-0756 (** DISPUTED ** ...) NOT-FOR-US: dotProject CVE-2006-0755 (** DISPUTED ** ...)