Moritz Muehlenhoff
2006-Aug-06 12:18 UTC
[Secure-testing-commits] r4509 - in data: CVE DSA
Author: jmm-guest
Date: 2006-08-06 12:17:37 +0000 (Sun, 06 Aug 2006)
New Revision: 4509
Modified:
data/CVE/list
data/DSA/list
Log:
not-affected entries
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-08-05 20:03:10 UTC (rev 4508)
+++ data/CVE/list 2006-08-06 12:17:37 UTC (rev 4509)
@@ -1319,6 +1319,7 @@
- wordpress <unfixed> (unimportant)
CVE-2006-3388 (Cross-site scripting (XSS) vulnerability in phpMyAdmin before
2.8.2 ...)
- phpmyadmin 4:2.8.2-0.1 (bug #377748; low)
+ [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2006-3387 (Directory traversal vulnerability in sources/post.php in Fusion
News ...)
NOT-FOR-US: Fusion News
CVE-2006-3386 (index.php in Vincent Leclercq News 5.2 allows remote attackers
to ...)
@@ -2367,6 +2368,7 @@
{DSA-1126}
- asterisk 1:1.2.10.dfsg-2 (bug #380054)
- iax 0.2.2-5
+ [sarge] - iax <not-affected> (Vulnerable code not present)
- iaxmodem 0.1.8.dfsg-2
CVE-2006-2897 (Cross-site scripting (XSS) vulnerability in FunkBoard 0.71
allows ...)
NOT-FOR-US: Funkboard
@@ -3501,6 +3503,7 @@
- phpmyadmin 4:2.8.1-1 (bug #368082; medium)
CVE-2006-2417 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x
before ...)
- phpmyadmin 4:2.8.1-1 (bug #368082; medium)
+ [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2006-2416 (SQL injection vulnerability in class2.php in e107 0.7.2 and
earlier ...)
NOT-FOR-US: e107
CVE-2006-2415 (Multiple cross-site scripting (XSS) vulnerabilities in FlexChat
2.0 ...)
@@ -4368,6 +4371,7 @@
NOT-FOR-US: Core
CVE-2006-2031 (Cross-site scripting (XSS) vulnerability in index.php in
phpMyAdmin ...)
- phpmyadmin 4:2.8.1-1 (bug #363519; low)
+ [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2006-2030 (The Allied Telesyn AT-9724TS switch allows remote attackers to
cause a ...)
NOT-FOR-US: Allied Telesyn
CVE-2006-2029 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft
Simplog ...)
@@ -6355,6 +6359,7 @@
NOT-FOR-US: Maian Support
CVE-2006-1258 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1
allows ...)
- phpmyadmin 4:2.8.0.2-2
+ [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
CVE-2006-1257 (The sample files in the authfiles directory in Microsoft
Commerce ...)
NOT-FOR-US: Microsoft
CVE-2006-1256 (Cross-site scripting (XSS) vulnerability in guestbook.php in
Soren ...)
@@ -14751,7 +14756,8 @@
CVE-2005-2685 (SaveWebPortal 3.4 allows remote attackers to execute arbitrary
PHP ...)
NOT-FOR-US: SaveWebPortal
CVE-2005-XXXX [Insecure temp files in firehol]
- - firehol 1.231-4 (low)
+ - firehol 1.231-4 (unimportant)
+ NOTE: Only exploitable inside modified binary installation
CVE-2005-2684 (nquser.php in Virtual Edge Netquery 3.11 allows remote attackers
to ...)
NOT-FOR-US: Virtual Edge Netquery
CVE-2005-2683 (Multiple SQL injection vulnerabilities in PHPKit 1.6.1 allow
remote ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2006-08-05 20:03:10 UTC (rev 4508)
+++ data/DSA/list 2006-08-06 12:17:37 UTC (rev 4509)
@@ -1047,7 +1047,7 @@
[sarge] - openssl096 0.9.6m-1sarge1
NOTE: fixed in testing at time of DSA (not present in testing/sid anymore)
[02 Nov 2005] DSA-880-1 phpmyadmin - several
- {CVE-2005-2869 CVE-2005-3300 CVE-2005-3301}
+ {CVE-2005-2869 CVE-2005-3300 CVE-2005-3301 CVE-2005-3787}
[woody] - phpmyadmin <unfixed>
[sarge] - phpmyadmin 4:2.6.2-3sarge1
NOTE: fixed in testing at time of DSA