Author: frolic-guest Date: 2007-01-22 20:29:20 +0100 (Mon, 22 Jan 2007) New Revision: 5325 Modified: data/CVE/list Log: some NFUs fixed. Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-01-22 19:03:24 UTC (rev 5324) +++ data/CVE/list 2007-01-22 19:29:20 UTC (rev 5325) @@ -115,7 +115,7 @@ CVE-2007-0313 (Unspecified vulnerability in GONICUS System Administration (GOsa) ...) - gosa 2.5.8-1 (medium) CVE-2007-0312 (wcSimple Poll stores sensitive information under the web root with ...) - TODO: check + NOT-FOR-US: wcSimple CVE-2007-0311 (Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier ...) NOT-FOR-US: Texas Imperial Software WFTPD Pro Server CVE-2007-0310 (BMC Remedy Action Request System 5.01.02 Patch 1267 generates ...) @@ -135,7 +135,7 @@ CVE-2007-0303 (Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have ...) NOT-FOR-US: Zina CVE-2007-0302 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP ...) - TODO: check + NOT-FOR-US: InstantASP CVE-2007-0301 (PHP remote file inclusion vulnerability in _admin/admin_menu.php in ...) NOT-FOR-US: FdWeB CVE-2007-0300 (PHP remote file inclusion vulnerability in i-accueil.php in TLM CMS ...) @@ -298,25 +298,25 @@ CVE-2007-0232 (PHP remote file inclusion vulnerability in ...) TODO: check CVE-2007-0231 (Cross-site scripting (XSS) vulnerability in Movable Type (MT) 3.33, ...) - TODO: check + NOT-FOR-US: Movable Type CVE-2007-0230 (** DISPUTED ** PHP remote file inclusion vulnerability in install.php ...) TODO: check CVE-2007-0229 (Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and ...) TODO: check CVE-2007-0228 (The DataCollector service in EIQ Networks Network Security Analyzer ...) - TODO: check + NOT-FOR-US: EIQ Networks Network Security Analyzer CVE-2007-0227 (slocate 3.1 does not properly manage database entries that specify ...) TODO: check CVE-2007-0226 (SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier ...) - TODO: check + NOT-FOR-US: uniForum CVE-2007-0225 (Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in ...) - TODO: check + NOT-FOR-US: Shopping Cart CVE-2007-0224 (SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP ...) - TODO: check + NOT-FOR-US: Shopping Cart CVE-2007-0223 (SQL injection vulnerability in shared/code/cp_functions_downloads.php ...) TODO: check CVE-2007-0222 (Directory traversal vulnerability in the EmChartBean server side ...) - TODO: check + NOT-FOR-US: Oracle Application Server CVE-2007-0221 RESERVED CVE-2007-0220 @@ -348,33 +348,33 @@ CVE-2007-0207 RESERVED CVE-2007-0206 (Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) ...) - TODO: check + NOT-FOR-US: OpenView Network Node Manager CVE-2006-6939 (GNU ed before 0.3 allows local users to overwrite arbitrary files via ...) TODO: check CVE-2006-6938 (Directory traversal vulnerability in includes/common.php in NitroTech ...) TODO: check CVE-2006-6937 (SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo ...) - TODO: check + NOT-FOR-US: ASP Photo Gallery CVE-2006-6936 (Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery ...) - TODO: check + NOT-FOR-US: ASP Photo Gallery CVE-2006-6935 (SQL injection vulnerability in the login component in Portix-PHP 0.4.2 ...) TODO: check CVE-2006-6934 (Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP ...) TODO: check CVE-2006-6933 (Easy Chat Server 2.1 stores sensitive information under the web root ...) - TODO: check + NOT-FOR-US: Easy Chat Server CVE-2006-6932 (Multiple SQL injection vulnerabilities in Image Gallery with Access ...) - TODO: check + NOT-FOR-US: Image Gallery CVE-2006-6931 (Algorithmic complexity vulnerability in Snort before 2.6.1, during ...) TODO: check CVE-2006-6930 (SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 ...) - TODO: check + NOT-FOR-US: Rapid Classified CVE-2006-6929 (Multiple cross-site scripting (XSS) vulnerabilities in Rapid ...) - TODO: check + NOT-FOR-US: Rapid Classified CVE-2006-6928 (Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 ...) - TODO: check + NOT-FOR-US: Rialto CVE-2006-6927 (Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote ...) - TODO: check + NOT-FOR-US: Rialto CVE-2006-6926 (Buffer overflow in eXtremail 2.1 has unknown impact and attack ...) TODO: check CVE-2006-6925 (Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 ...) @@ -388,7 +388,7 @@ CVE-2006-6921 (Unspecified versions of the Linux kernel allows local users to cause a ...) - linux-2.6 <unfixed> (low) CVE-2005-4823 (Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP ...) - TODO: check + NOT-FOR-US: HP CVE-2007-XXXX [udev wrong permissions on raid devices] - linux-2.6 <unfixed> (bug #404927) CVE-2007-XXXX [yacas insecure rpath] @@ -404,7 +404,7 @@ CVE-2007-XXXX [mysql 5.0 several DoS vulns] - mysql-dfsg-5.0 5.0.32-1 CVE-2007-0205 (Multiple directory traversal vulnerabilities in @lex Guestbook 4.0.2 ...) - TODO: @alex + NOT-FOR-US: @alex CVE-2006-6920 (Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows ...) NOT-FOR-US: Nucleus CVE-2006-6919 (Firefox Sage extension 1.3.8 and earlier allows remote attackers to ...)