Author: jmm-guest Date: 2006-08-08 20:18:03 +0000 (Tue, 08 Aug 2006) New Revision: 4530 Modified: data/CVE/list Log: nikto fix not a proper fix, reopened snarf issue a bug not a security problem, removed entirely Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-08-08 20:16:03 UTC (rev 4529) +++ data/CVE/list 2006-08-08 20:18:03 UTC (rev 4530) @@ -2227,8 +2227,6 @@ - php4 4:4.3.2+rc3-1 CVE-1999-1589 (Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users ...) NOT-FOR-US: IBM AIX -CVE-2006-XXXX [snarf: crash on invalid response to the PASV command] - - snarf 7.0-5 CVE-2006-3010 (Multiple SQL injection vulnerabilities in Open Business Management ...) NOT-FOR-US: not packaged for Debian CVE-2006-3009 (Multiple cross-site scripting (XSS) vulnerabilities in Open Business ...) @@ -14440,7 +14438,7 @@ CVE-2005-2861 (Cross-site scripting (XSS) vulnerability in N-Stealth Commercial ...) NOT-FOR-US: N-Stealth CVE-2005-2860 (Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier ...) - - nikto 1.35-1 (bug #327339; medium) + - nikto <unfixed> (bug #327339; medium) CVE-2005-2859 (Savant Web Server stores user credentials in plaintext in the ...) NOT-FOR-US: Savant Web Server CVE-2005-2858 (The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol ...)