thr3ads.net - Secure testing commits - [Secure-testing-commits] r4034

If this information is useful, please help other people find it:
Share via:

Alec Berryman

2006-May-21 15:01 UTC

[Secure-testing-commits] r4034 - data/CVE

Author: alec-guest
Date: 2006-05-21 15:01:11 +0000 (Sun, 21 May 2006)
New Revision: 4034

Modified:
   data/CVE/list
Log:
* two unfixed linux-2.6 vulns
* one long fixed linux-2.6 vuln
* NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-05-21 14:28:40 UTC (rev 4033)
+++ data/CVE/list	2006-05-21 15:01:11 UTC (rev 4034)
@@ -1177,7 +1177,7 @@
 CVE-2006-1954 (SQL injection vulnerability in authent.php4 in Nicolas Fischer
(aka ...)
 	NOT-FOR-US: RechnungsZentrale
 CVE-2006-1953 (Directory traversal vulnerability in Caucho Resin 3.0.17 and
3.0.18 ...)
-	TODO: check
+	NOT-FOR-US: Caucho
 CVE-2006-1952 (Directory traversal vulnerability in WinAgents TFTP Server for
Windows ...)
 	NOT-FOR-US: WinAgents TFTP Server for Windows
 CVE-2006-1951 (Directory traversal vulnerability in SolarWinds TFTP Server 8.1
and ...)
@@ -1407,9 +1407,9 @@
 CVE-2006-1861
 	RESERVED
 CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows
...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2006-1859 (Memory leak in __setlease in fs/locks.c in Linux kernel before
...)
-	TODO: check
+	- linux-2.6 <unfixed>
 CVE-2006-1858
 	RESERVED
 CVE-2006-1857
@@ -1417,7 +1417,8 @@
 CVE-2006-1856 (Certain modifications to the Linux kernel 2.6.16 and earlier do
not ...)
 	TODO: check
 CVE-2006-1855 (choose_new_parent in Linux kernel before 2.6.11.12 includes
certain ...)
-	TODO: check
+	NOTE: probably fixed before, but this is the oldest linux-2.6 in the changelog
+	- linux-2.6 2.6.12-1
 CVE-2006-1854 (** DISPUTED ** ...)
 	NOT-FOR-US: BluePay Manager
 CVE-2006-1853 (Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and
earlier ...)
@@ -2532,7 +2533,7 @@
 CVE-2006-1452 (Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up
to ...)
 	NOT-FOR-US: Apple
 CVE-2006-1451 (MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting
up a ...)
-	TODO: check
+	NOT-FOR-US: MySQL Manager
 CVE-2006-1450 (Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers
to ...)
 	NOT-FOR-US: Apple
 CVE-2006-1449 (Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6
allows ...)
@@ -3162,7 +3163,7 @@
 CVE-2006-1173
 	RESERVED
 CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in ...)
-	TODO: check
+	NOT-FOR-US: ActiveX control
 CVE-2006-1171
 	RESERVED
 CVE-2006-1170

Secure testing commits - May 2006 - r4034 - data/CVE

[Secure-testing-commits] r4034 - data/CVE