stef-guest at alioth.debian.org
2007-Aug-27 20:41 UTC
[Secure-testing-commits] r6413 - data/CVE
Author: stef-guest Date: 2007-08-27 20:41:52 +0000 (Mon, 27 Aug 2007) New Revision: 6413 Modified: data/CVE/list Log: some minor IRC script issues NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-08-27 11:08:58 UTC (rev 6412) +++ data/CVE/list 2007-08-27 20:41:52 UTC (rev 6413) @@ -133,19 +133,25 @@ CVE-2007-4401 (Multiple CRLF injection vulnerabilities in the Advanced mIRC ...) NOT-FOR-US: mirc CVE-2007-4400 (CRLF injection vulnerability in the included media script in ...) - TODO: check + - konversation <unfixed> (low; bug #439837) + [etch] - konversation <no-dsa> (minor issue) + [sarge] - konversation <no-dsa> (minor issue) CVE-2007-4399 (CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX ...) - TODO: check + NOT-FOR-US: xmms.bx 1.0 script for BitchX (not included in Debian package) CVE-2007-4398 (Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and ...) - TODO: check + - irssi-scripts <unfixed> (low; bug #439840) + - weechat-scripts <unfixed> (low; bug #439839) + [etch] - irssi-scripts <no-dsa> (minor issue) + [etch] - weechat-scripts <no-dsa> (minor issue) + [sarge] - irssi-scripts <no-dsa> (minor issue) CVE-2007-4397 (Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) ...) - TODO: check + NOT-FOR-US: various IRC now_playing scripts CVE-2007-4396 (Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) ...) TODO: check CVE-2007-4395 (Multiple unspecified vulnerabilities in the Role Based Access Control ...) - TODO: check + NOT-FOR-US: Sun Solaris 8 CVE-2007-4394 (Unspecified vulnerability in a "core clean" cron job created by the ...) - TODO: check + NOT-FOR-US: findutils-locate on SUSE Linux CVE-2007-4393 (The installation script for orarun on SUSE Linux before 20070810 ...) NOT-FOR-US: oracle CVE-2007-4392 (Winamp 5.35 allows remote attackers to cause a denial of service ...) @@ -155,15 +161,15 @@ CVE-2007-4390 (The Command Line Interface (CLI) on the BlueCat Networks Adonis ...) NOT-FOR-US: BlueCat CVE-2007-4389 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire ...) - TODO: check + NOT-FOR-US: 2wire CVE-2007-4388 (2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly ...) - TODO: check + NOT-FOR-US: 2wire CVE-2007-4387 (Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire ...) - TODO: check + NOT-FOR-US: 2wire CVE-2007-4386 (SQL injection vulnerability in search.php in GetMyOwnArcade allows ...) - TODO: check + NOT-FOR-US: GetMyOwnArcade CVE-2007-4385 (OWASP Stinger before 2.5 allows remote attackers to bypass input ...) - TODO: check + NOT-FOR-US: Stinger CVE-2007-4384 (Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in ...) NOT-FOR-US: Stephane Pineau VOTE CVE-2007-4383 (** DISPUTED ** ...)