thr3ads.net - Secure testing commits - [Secure-testing-commits] r4018

If this information is useful, please help other people find it:
Share via:
Alec Berryman
2006-May-20 23:28 UTC
[Secure-testing-commits] r4018 - data/CVE

Author: alec-guest
Date: 2006-05-20 23:28:08 +0000 (Sat, 20 May 2006)
New Revision: 4018

Modified:
   data/CVE/list
Log:
* pdnsd vulns (high)
* mydns vuln (high)
* quake3 vuln (itp)
* more NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-05-20 22:59:58 UTC (rev 4017)
+++ data/CVE/list	2006-05-20 23:28:08 UTC (rev 4018)
@@ -813,46 +813,46 @@
 	NOTE: #357204: request for removal
 	- jsboard 2.0.10-2
 CVE-2006-2108 (parser.exe in Oc&#233; (OCE) 3121/3122 Printer allows remote
attackers to ...)
-	TODO: check
+	NOT-FOR-US: OCE
 CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows
remote ...)
-	TODO: check
+	NOT-FOR-US: BL4
 CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software
Trac ...)
 	- trac 0.9.5-1 (medium)
 	[sarge] - trac <unfixed> (medium)
 CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS
1.1.4 ...)
-	TODO: check
+	NOT-FOR-US: Jupiter
 CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing
Email ...)
-	TODO: check
+	NOT-FOR-US: Kamgaing 
 CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1
allows ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote
...)
-	TODO: check
+	NOT-FOR-US: PowerISO
 CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote
...)
-	TODO: check
+	NOT-FOR-US: WinISO
 CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166
allows ...)
-	TODO: check
+	NOT-FOR-US: Magic ISO
 CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: UltraISO
 CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex
before ...)
-	TODO: check
+	NOT-FOR-US: Thumbnail AutoIndex
 CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power
Board ...)
-	TODO: check
+	NOT-FOR-US: Invision
 CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote
...)
-	TODO: check
+	NOT-FOR-US: LDU
 CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of
service ...)
-	TODO: check
+	NOT-FOR-US: Phex
 CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and
...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-complicit
...)
 	- libnasl <unfixed> (bug #365898; low)
 CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for
Windows ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2
allows ...)
 	NOT-FOR-US: Virtual War
 CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB
1.1.x ...)
-	TODO: check
+	NOT-FOR-US: MySmartBB
 CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php
in ...)
-	TODO: check
+	NOT-FOR-US: OpenBB
 CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn
Open ...)
 	TODO: check
 CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows
remote ...)
@@ -862,27 +862,27 @@
 CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2)
CxAce60u.dll in ...)
 	NOT-FOR-US: SpeedProject Squeez
 CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews
2.5.3 ...)
-	TODO: check
+	NOT-FOR-US: FarsiNews
 CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended
...)
 	- rsync 2.6.8-1 (bug #365614; high)
 	[sarge] - rsync <not-affected> (xattr patch appeared in 2.6.7)
 	[woody] - rsync <not-affected> (xattr patch appeared in 2.6.7)
 CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in
...)
-	TODO: check
+	- quake3 <itp> (bug #337937)
 CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to
execute ...)
 	NOT-FOR-US: Oracle
 CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in
Verosky ...)
-	TODO: check
+	NOT-FOR-US: Verosky
 CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in
Verosky ...)
-	TODO: check
+	NOT-FOR-US: Verosky
 CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet
products, ...)
-	TODO: check
+	NOT-FOR-US: FITELnet
 CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown
impact ...)
-	TODO: check
+	- pdnsd <unfixed> (high)
 CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote
...)
-	TODO: check
+	- pdnsd <unfixed> (high)
 CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers
to ...)
-	TODO: check
+	- mydns <unfixed> (high)
 CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series
routers ...)
 	NOT-FOR-US: Juniper Networks JUNOSe
 CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to
cause ...)
Secure testing commits - May 2006 - r4018 - data/CVE

[Secure-testing-commits] r4018 - data/CVE
