Secure testing commits - Oct 2007 - r7078 - data/CVE

Author: nion
Date: 2007-10-23 15:42:27 +0000 (Tue, 23 Oct 2007)
New Revision: 7078

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-23 15:40:36 UTC (rev 7077)
+++ data/CVE/list	2007-10-23 15:42:27 UTC (rev 7078)
@@ -50,7 +50,6 @@
 CVE-2007-5598 (Cross-site scripting (XSS) vulnerability in Weblinks for Drupal
4.7.x ...)
 	- drupal5 <unfixed> (low; bug #447748)
 	- drupal4.7 <unfixed> (low; bug #447746)
-
 CVE-2007-5597 (The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x
before 5.3 ...)
 	- drupal5 5.3-1
 	- drupal 4.7.8-1
@@ -91,61 +90,61 @@
 CVE-2007-5580
 	RESERVED
 CVE-2003-1428 (Gallery 1.3.3 creates directories with insecure permissions,
which ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1427 (Directory traversal vulnerability in the web configuration
interface ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1426 (Openwebmail in cPanel 5.0, when run using suid Perl, adds the
...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1425 (guestbook.cgi in cPanel 5.0 allows remote attackers to execute
...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1424 (message.php in Petitforum does not properly authenticate users,
which ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1423 (Petitforum stores the liste.txt data file under the web document
root ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1422 (Multiple unspecified vulnerabilities in the installer for
SYSLINUX ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1421 (Unspecified vulnerability in mod_mysql_logger shared object in
SuckBot ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1420 (Cross-site scripting (XSS) vulnerability in Opera 6.0 through
7.0 with ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1419 (Netscape 7.0 allows remote attackers to cause a denial of
service ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1418 (Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1417 (nCipher Support Software 6.00, when using generatekey KeySafe to
...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1416 (BisonFTP Server 4 release 2 allows remote attackers to cause a
denial ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1415 (NetCharts XBRL Server 4.0.0 allows remote attackers to obtain
...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1414 (Directory traversal vulnerability in parse_xml.cg Apple Darwin
...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1413 (parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1412 (PHP remote file inclusion vulnerability in index.php for GONiCUS
...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1411 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1410 (PHP remote file inclusion vulnerability in email.php (aka
email.php3) ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1409 (TOPo 1.43 allows remote attackers to obtain sensitive
information by ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1408 (Lotus Domino Server 5.0 and 6.0 allows remote attackers to read
the ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1407 (Buffer overflow in cmd.exe in Windows NT 4.0 may allow local
users to ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1406 (PHP remote file inclusion vulnerability in D-Forum 1.00 through
1.11 ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1405 (DotBr 0.1 allows remote attackers to execute arbitrary shell
commands ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1404 (DotBr 0.1 stores config.inc with insufficient access control
under the ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1403 (foo.php3 in DotBr 0.1 allows remote attackers to obtain
sensitive ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1402 (PHP remote file inclusion vulnerability in hit.php for Kietu 2.0
and ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2003-1401 (login.php in php-Board 1.0 stores plaintext passwords in
$username.txt ...)
-	TODO: check
+	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2007-5589 (Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin
...)
 	- phpmyadmin 4:2.11.1.2-1
 CVE-2007-5579 (login.php in Pligg CMS 9.5 uses a guessable confirmation code
when ...)