Secure testing commits - Jul 2006 - r4380 - data/CVE

Author: alec-guest
Date: 2006-07-12 23:08:44 +0000 (Wed, 12 Jul 2006)
New Revision: 4380

Modified:
   data/CVE/list
Log:
NOT-FOR-US

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-07-12 21:14:21 UTC (rev 4379)
+++ data/CVE/list	2006-07-12 23:08:44 UTC (rev 4380)
@@ -1,5 +1,5 @@
 CVE-2006-3529 (Memory leak in Juniper JUNOS 6.4 through 8.0, built before May
10, ...)
-	TODO: check
+	NOT-FOR-US: Juniper JUNOS
 CVE-2006-3528 (Multiple PHP remote file inclusion vulnerabilities in
Simpleboard ...)
 	TODO: check
 CVE-2006-3527 (Multiple PHP remote file inclusion vulnerabilities in
BosClassifieds ...)
@@ -260,21 +260,21 @@
 CVE-2006-3399 (Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki
...)
 	NOT-FOR-US: MoniWiki
 CVE-2006-3398 (The "change password forms" in Taskjitsu
before 2.0.1 includes ...)
-	TODO: check
+	NOT-FOR-US: Taskjitsu
 CVE-2006-3397 (Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu
...)
-	TODO: check
+	NOT-FOR-US: Taskjitsu
 CVE-2006-3396 (PHP remote file inclusion vulnerability in galleria.html.php in
...)
-	TODO: check
+	NOT-FOR-US: Galleria Mambo Module
 CVE-2006-3395 (PHP remote file inclusion vulnerability in top.php in
SiteBuilder-FX ...)
-	TODO: check
+	NOT-FOR-US: SiteBuilder-FX
 CVE-2006-3394 (SQL injection vulnerability in the files mod in index.php in
BXCP ...)
-	TODO: check
+	NOT-FOR-US: BXCP
 CVE-2006-3393 (Papyrus NASCAR Racing 4 4.1.3.1.6 and earlier, 2002 Season
1.1.0.2 and ...)
-	TODO: check
+	NOT-FOR-US: Papyrus NASCAR Racing
 CVE-2006-3392 (Webmin before 1.290 and Usermin before 1.220 calls the
simplify_path ...)
 	TODO: check
 CVE-2006-3391 (The Execute function in iMBCContents ActiveX Control before
2.0.0.59 ...)
-	TODO: check
+	NOT-FOR-US: iMBCContents
 CVE-2006-3390 (WordPress 2.0.3 allows remote attackers to obtain the
installation ...)
 	- wordpress <unfixed> (unimportant)
 CVE-2006-3389 (index.php in WordPress 2.0.3 allows remote attackers to obtain
...)
@@ -282,45 +282,45 @@
 CVE-2006-3388 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before
2.8.2 ...)
 	- phpmyadmin <unfixed> (bug #377748; low)
 CVE-2006-3387 (Directory traversal vulnerability in sources/post.php in Fusion
News ...)
-	TODO: check
+	NOT-FOR-US: Fusion News
 CVE-2006-3386 (index.php in Vincent Leclercq News 5.2 allows remote attackers
to ...)
-	TODO: check
+	NOT-FOR-US: Vincent Leclercq News
 CVE-2006-3385 (Cross-site scripting (XSS) vulnerability in divers.php in
Vincent ...)
-	TODO: check
+	NOT-FOR-US: Vincent Leclercq News
 CVE-2006-3384 (SQL injection vulnerability in divers.php in Vincent Leclercq
News 5.2 ...)
-	TODO: check
+	NOT-FOR-US: Vincent Leclercq News
 CVE-2006-3383 (Cross-site scripting (XSS) vulnerability in index.php in mAds
1.0 ...)
-	TODO: check
+	NOT-FOR-US: mAds
 CVE-2006-3382 (Cross-site scripting (XSS) vulnerability in search.php in mAds
1.0 ...)
-	TODO: check
+	NOT-FOR-US: mAds
 CVE-2006-3381 (SturGeoN Upload allows remote attackers to execute arbitrary PHP
code ...)
-	TODO: check
+	NOT-FOR-US: SturGeoN
 CVE-2006-3380 (Algorithmic complexity vulnerability in FreeStyle Wiki before
3.6.2 ...)
-	TODO: check
+	NOT-FOR-US: FreeStyle Wiki
 CVE-2006-3379 (Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through
0.6.5 ...)
 	TODO: check
 CVE-2006-3378 (passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when
called ...)
 	TODO: check
 CVE-2006-3377 (Cross-site scripting (XSS) vulnerability in JMB Software
AutoRank PHP ...)
-	TODO: check
+	NOT-FOR-US: JMB Software AutoRank PHP
 CVE-2006-3376 (Integer overflow in player.c in libwmf 0.2.8.4, as used in
multiple ...)
 	TODO: check
 CVE-2006-3375 (PHP remote file inclusion vulnerability in
includes/header.inc.php in ...)
-	TODO: check
+	NOT-FOR-US: Randshop
 CVE-2006-3374 (PHP remote file inclusion vulnerability in index.php in Randshop
1.2 ...)
-	TODO: check
+	NOT-FOR-US: Randshop
 CVE-2006-3373 (Unspecified vulnerability in the client/bin/logfetch script in
Hobbit ...)
-	TODO: check
+	NOT-FOR-US: Hobbit
 CVE-2006-3372 (Apple Safari 2.0.4/419.3 allows remote attackers to cause a
denial of ...)
-	TODO: check
+	NOT-FOR-US: Apple Safari
 CVE-2006-3371 (Eupla Foros 1.0 stores the inc/config.inc file under the web
document ...)
-	TODO: check
+	NOT-FOR-US: Eupla Foros
 CVE-2006-3370 (Blueboy 1.0.3 stores bb_news_config.inc under the web document
root ...)
-	TODO: check
+	NOT-FOR-US: Blueboy
 CVE-2006-3369 (Kamikaze-QSCM 0.1 stores config.inc under the web document root
with ...)
-	TODO: check
+	NOT-FOR-US: Kamikaze-QSCM
 CVE-2006-3368 (Efone 20000723 stores config.inc under the web document root
with ...)
-	TODO: check
+	NOT-FOR-US: Efone
 CVE-2006-3367 (Mp3 JudeBox Server (Mp3NetBox) Beta 1 stores config.inc under
the web ...)
 	TODO: check
 CVE-2006-3366 (Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat
allow ...)