Secure testing commits - Jan 2007 - r5284 - data/CVE

Author: enerv-guest
Date: 2007-01-17 13:42:31 +0100 (Wed, 17 Jan 2007)
New Revision: 5284

Modified:
   data/CVE/list
Log:
updated NFSs.
includes new issues for vlc, xine-ui, wordpress
squid fixed.



Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-01-17 09:04:20 UTC (rev 5283)
+++ data/CVE/list	2007-01-17 12:42:31 UTC (rev 5284)
@@ -61,29 +61,29 @@
 CVE-2007-0267 (The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1
kernels ...)
 	TODO: check
 CVE-2007-0266 (SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx
Portal ...)
-	TODO: check
+	NOT-FOR-US: Ezboxx Portal
 CVE-2007-0265 (Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx
Portal ...)
 	TODO: check
 CVE-2007-0264 (Buffer overflow in Winzip32.exe in WinZip 9.0 SR-1 allows local
users ...)
-	TODO: check
+	NOT-FOR-US: Winzip
 CVE-2007-0263 (Unspecified vulnerability in Total Commander before 6.5.6 allows
...)
 	TODO: check
 CVE-2007-0262 (WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly
verify ...)
-	TODO: check
+	- wordpress <unfixed> (low; bug #407289)
 CVE-2007-0261 (snews.php in sNews 1.5.30 and earlier does not properly exit
when ...)
 	TODO: check
 CVE-2007-0260 (** DISPUTED ** ...)
 	TODO: check
 CVE-2007-0259 (Ezboxx Portal System Beta 0.7.6 and earlier allows remote
attackers to ...)
-	TODO: check
+	NOT-FOR-US: Ezboxx Portal
 CVE-2007-0258 (Cross-site scripting (XSS) vulnerability in index.php in (1)
Fastilo ...)
 	TODO: check
 CVE-2007-0257 (Unspecified vulnerability in the expand_stack function in
grsecurity ...)
 	TODO: check
 CVE-2007-0256 (VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of
...)
-	TODO: check
+	- vlc <unfixed> 0.8.6.a.debian-1 (low; bug #407290)
 CVE-2007-0255 (XINE 0.99.4 allows user-assisted remote attackers to cause a
denial of ...)
-	TODO: check
+	- xine-ui <unfixed> 0.99.4+dfsg+cvs20061111-1 (low)
 CVE-2007-0254 (Format string vulnerability in the errors_create_window function
in ...)
 	TODO: check
 CVE-2007-0253 (Unspecified vulnerability in the grsecurity patch has
unspecified ...)
@@ -93,11 +93,11 @@
 CVE-2007-0251 (Integer underflow in the DecodeGRE function in src/decode.c in
Snort ...)
 	TODO: check
 CVE-2007-0250 (index.php in Nwom topsites 3.0 allows remote attackers to obtain
...)
-	TODO: check
+	NOT-FOR-US: NWOM Topsites 3.0
 CVE-2007-0249 (Cross-site scripting (XSS) vulnerability in index.php in Nwom
topsites ...)
-	TODO: check
+	NOT-FOR-US: NWOM Topsites 3.0
 CVE-2007-0247 (squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP
servers ...)
-	TODO: check
+	- squid 2.6.5-4 (low)
 CVE-2007-0246
 	RESERVED
 CVE-2007-0245