Secure testing commits - Oct 2006 - r4844 - data/CVE

Author: stef-guest
Date: 2006-10-13 23:03:39 +0000 (Fri, 13 Oct 2006)
New Revision: 4844

Modified:
   data/CVE/list
Log:
- new torrentflux issue (low)
- readd lost moodle issue (now called CVE-2006-5219)
- a few NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-10-12 17:26:08 UTC (rev 4843)
+++ data/CVE/list	2006-10-13 23:03:39 UTC (rev 4844)
@@ -1,25 +1,25 @@
 CVE-2006-5229 (OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms
and ...)
 	TODO: check
 CVE-2006-5228 (Multiple SQL injection vulnerabilities in the Google Gadget
login.php ...)
-	TODO: check
+	NOT-FOR-US: ackerTodo
 CVE-2006-5227 (Cross-site scripting (XSS) vulnerability in admin.php in
TorrentFlux ...)
-	TODO: check
+	- torrentflux <unfixed> (bug #392501; low)
 CVE-2006-5226 (PHP remote file inclusion vulnerability in moteur/moteur.php in
...)
-	TODO: check
+	NOT-FOR-US: Freenews
 CVE-2006-5225 (Multiple SQL injection vulnerabilities in AAIportal before 1.4.0
allow ...)
-	TODO: check
+	NOT-FOR-US: AAIportal
 CVE-2006-5224 (PHP remote file inclusion vulnerability in
includes/logger_engine.php ...)
-	TODO: check
+	NOT-FOR-US: Security Suite IP Logger in dwingmods for phpBB
 CVE-2006-5223 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: User Viewed Posts Tracker module for phpBB
 CVE-2006-5222 (Multiple PHP remote file inclusion vulnerabilities in Dimension
of ...)
-	TODO: check
+	NOT-FOR-US: Dimension of phpBB
 CVE-2006-5221 (Multiple SQL injection vulnerabilities in Cahier de textes 2.0
allow ...)
-	TODO: check
+	NOT-FOR-US: Cahier de textes
 CVE-2006-5220 (Multiple PHP remote file inclusion vulnerabilities in WebYep
1.1.9, ...)
-	TODO: check
+	NOT-FOR-US: WebYep
 CVE-2006-5219 (SQL injection vulnerability in blog/index.php in the blog module
in ...)
-	TODO: check
+	- moodle 1.6.2+20060930-1 (medium; bug #390294)
 CVE-2006-5218 (Integer overflow in the systrace_preprepl function
(STRIOCREPLACE) in ...)
 	TODO: check
 CVE-2006-5217 (SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1
allows ...)