thr3ads.net - Secure testing commits - [Secure-testing-commits] r3926

If this information is useful, please help other people find it:
Share via:
Stefan Fritsch
2006-May-09 17:04 UTC
[Secure-testing-commits] r3926 - in data: CVE DSA

Author: stef-guest
Date: 2006-05-09 17:04:03 +0000 (Tue, 09 May 2006)
New Revision: 3926

Modified:
   data/CVE/list
   data/DSA/list
Log:
remove three thunderbird issues not present in 1.0.x
some NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-05-09 16:31:37 UTC (rev 3925)
+++ data/CVE/list	2006-05-09 17:04:03 UTC (rev 3926)
@@ -49,7 +49,7 @@
 CVE-2006-2246 (Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access
Edition ...)
 	TODO: check
 CVE-2006-2245 (PHP remote file inclusion vulnerability in
auction\auction_common.php ...)
-	TODO: check
+	NOT-FOR-US: Auction mod 1.3m for phpBB
 CVE-2006-2244 (Multiple SQL injection vulnerabilities in Web4Future News Portal
allow ...)
 	TODO: check
 CVE-2006-2243 (Multiple cross-site scripting (XSS) vulnerabilities in
Web4Future News ...)
@@ -103,19 +103,20 @@
 CVE-2006-2219
 	RESERVED
 CVE-2006-2218 (Unspecified vulnerability in Internet Explorer 6.0 on Microsoft
...)
-	TODO: check
+	NOT-FOR-US: MS IE
 CVE-2006-2217 (SQL injection vulnerability in index.php in Invision Power Board
...)
 	TODO: check
 CVE-2006-2216 (Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to
obtain ...)
-	TODO: check
+	NOT-FOR-US: OpenBB
 CVE-2006-2215 (Multiple cross-site scripting (XSS) vulnerabilities in Albinator
2.x ...)
-	TODO: check
+	NOT-FOR-US: Albinator
 CVE-2005-4797 (Directory traversal vulnerability in printd line printer daemon
(lpd) ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2005-4796 (Unspecified vulnerability in the XView library (libxview.so) in
...)
 	TODO: check
+	NOTE: says Solaris, but xview is also in Debian. Pinged Maintainer.
 CVE-2005-4795 (Unspecified vulnerability in the multi-language environment
library ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2006-XXXX [pstotext insufficient filename sanitizing]
 	- pstotext 1.9-3 (bug #356988; medium)
 CVE-2006-XXXX [cyrus-imapd allows user probes]
@@ -239,19 +240,19 @@
 CVE-2006-2156 (Directory traversal vulnerability in help/index.php in X7 Chat
2.0 and ...)
 	TODO: check
 CVE-2006-2155 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before
7.0.344, and ...)
-	TODO: check
+	NOT-FOR-US: EMC Retrospect
 CVE-2006-2154 (EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before
7.0.344, and ...)
-	TODO: check
+	NOT-FOR-US: EMC Retrospect
 CVE-2006-2153 (Cross-site scripting (XSS) vulnerability in HTM_PASSWD in
DirectAdmin ...)
 	TODO: check
 CVE-2006-2152 (PHP remote file inclusion vulnerability in admin/addentry.php in
phpBB ...)
-	TODO: check
+	NOT-FOR-US: phpBB Advanced Guestbook
 CVE-2006-2151 (PHP remote file inclusion vulnerability in toplist.php in phpBB
...)
-	TODO: check
+	NOT-FOR-US: phpBB TopList
 CVE-2006-2150 (PHP remote file inclusion vulnerability in top/list.php in phpBB
...)
-	TODO: check
+	NOT-FOR-US: phpBB TopList
 CVE-2006-2149 (PHP remote file inclusion vulnerability in sources/lostpw.php in
...)
-	TODO: check
+	NOT-FOR-US: Aardvark Topsites
 CVE-2006-2147 (resmgrd in resmgr for SUSE Linux and other distributions does
not ...)
 	TODO: check
 CVE-2006-2146 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)

Modified: data/DSA/list
==================================================================---
data/DSA/list	2006-05-09 16:31:37 UTC (rev 3925)
+++ data/DSA/list	2006-05-09 17:04:03 UTC (rev 3926)
@@ -9,7 +9,7 @@
         {CVE-2006-2148}
         [sarge] - cgiirc 0.5.4-6sarge1
 [04 May 2006] DSA-1051-1 mozilla-thunderbird - several vulnerabilities
-        {CVE-2005-2353 CVE-2005-4134 CVE-2006-0292 CVE-2006-0293 CVE-2006-0296
CVE-2006-0748 CVE-2006-0749 CVE-2006-0884 CVE-2006-1045 CVE-2006-1529
CVE-2006-1530 CVE-2006-1531 CVE-2006-1723 CVE-2006-1724 CVE-2006-1727
CVE-2006-1728 CVE-2006-1729 CVE-2006-1730 CVE-2006-1731 CVE-2006-1732
CVE-2006-1733 CVE-2006-1734 CVE-2006-1735 CVE-2006-1736 CVE-2006-1737
CVE-2006-1738 CVE-2006-1739 CVE-2006-1740 CVE-2006-1741 CVE-2006-1742
CVE-2006-1790}
+        {CVE-2005-2353 CVE-2005-4134 CVE-2006-0292 CVE-2006-0293 CVE-2006-0296
CVE-2006-0748 CVE-2006-0749 CVE-2006-0884 CVE-2006-1045 CVE-2006-1723
CVE-2006-1724 CVE-2006-1727 CVE-2006-1728 CVE-2006-1729 CVE-2006-1730
CVE-2006-1731 CVE-2006-1732 CVE-2006-1733 CVE-2006-1734 CVE-2006-1735
CVE-2006-1736 CVE-2006-1737 CVE-2006-1738 CVE-2006-1739 CVE-2006-1740
CVE-2006-1741 CVE-2006-1742 CVE-2006-1790}
         [sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8
 [02 May 2006] DSA-1050-1 clamav - buffer overflow
         {CVE-2006-1989}
Secure testing commits - May 2006 - r3926 - in data: CVE DSA

[Secure-testing-commits] r3926 - in data: CVE DSA
