Secure testing commits - Oct 2007 - r7104 - data/CVE

Author: nion
Date: 2007-10-25 21:30:03 +0000 (Thu, 25 Oct 2007)
New Revision: 7104

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-25 21:14:08 UTC (rev 7103)
+++ data/CVE/list	2007-10-25 21:30:03 UTC (rev 7104)
@@ -1,17 +1,17 @@
 CVE-2007-5679 (SQL injection vulnerability in index.php in DeeEmm.com DM CMS
...)
-	TODO: check
+	NOT-FOR-US: DM CMS
 CVE-2007-5678 (SQL injection vulnerability in the Music module in phpBasic
allows ...)
-	TODO: check
+	NOT-FOR-US: phpBasic
 CVE-2007-5677 (Cross-site scripting (XSS) vulnerability in shoutbox/blocco.php
in ...)
-	TODO: check
+	NOT-FOR-US: Hackish
 CVE-2007-5676 (PHP remote file inclusion vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: PHP-Nuke
 CVE-2007-5675 (Stack-based buffer overflow in the DebugPrint function in
MultiXTpm ...)
-	TODO: check
+	NOT-FOR-US: MultiXTpm Application Server
 CVE-2007-5674 (Directory traversal vulnerability in index.php in InstaGuide
Weather ...)
-	TODO: check
+	NOT-FOR-US: InstaGuide Weather
 CVE-2007-5673 (Cross-site scripting (XSS) vulnerability in cgi-bin/webif.exe in
ifnet ...)
-	TODO: check
+	NOT-FOR-US: ifnet WebIf
 CVE-2007-5672
 	RESERVED
 CVE-2007-5671
@@ -49,57 +49,57 @@
 CVE-2007-5655
 	RESERVED
 CVE-2007-5654 (LiteSpeed Web Server before 3.2.4 allows remote attackers to
trigger ...)
-	TODO: check
+	NOT-FOR-US: LiteSpeed
 CVE-2007-5653 (The Component Object Model (COM) functions in PHP 5.x on Windows
do ...)
-	TODO: check
+	- php5 <not-affected> (windows only)
 CVE-2007-5652 (Unspecified vulnerability in IBM DB2 9.1 before Fix Pack 4 might
allow ...)
-	TODO: check
+	NOT-FOR-US: IBM DB2
 CVE-2007-5651 (Unspecified vulnerability in the Extensible Authentication
Protocol ...)
-	TODO: check
+	NOT-FOR-US: Cisco IOS
 CVE-2007-5650 (Directory traversal vulnerability in system.php in ReloadCMS
1.2.7 ...)
-	TODO: check
+	NOT-FOR-US: ReloadCMS
 CVE-2007-5649 (Cross-site scripting (XSS) vulnerability in lostpwd.php in
Creative ...)
-	TODO: check
+	NOT-FOR-US: Creative Digital Resources SocketMail
 CVE-2007-5648 (Multiple cross-site scripting (XSS) vulnerabilities in rnote.php
in ...)
-	TODO: check
+	NOT-FOR-US: rnote
 CVE-2007-5647 (Multiple cross-site scripting (XSS) vulnerabilities in SocketKB
1.1.5 ...)
-	TODO: check
+	NOT-FOR-US: SocketKB
 CVE-2007-5646 (SQL injection vulnerability in Sources/Search.php in Simple
Machines ...)
-	TODO: check
+	NOT-FOR-US: Simple Machines Forum
 CVE-2007-5644 (Lussumo Vanilla 1.1.3 and earlier does not require admin
privileges ...)
-	TODO: check
+	NOT-FOR-US: Lussumo Vanilla
 CVE-2007-5643 (Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3
and ...)
-	TODO: check
+	NOT-FOR-US: Lussumo Vanilla
 CVE-2007-5642 (Multiple directory traversal vulnerabilities in PHP Project
Management ...)
-	TODO: check
+	NOT-FOR-US: PHP Project Management
 CVE-2007-5641 (Multiple PHP remote file inclusion vulnerabilities in PHP
Project ...)
-	TODO: check
+	NOT-FOR-US: PHP Project Management
 CVE-2007-5640 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and
additional ...)
-	TODO: check
+	NOT-FOR-US: Nortel VOIP products
 CVE-2007-5639 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other
Nortel ...)
-	TODO: check
+	NOT-FOR-US: Nortel VOIP products
 CVE-2007-5638 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and
additional ...)
-	TODO: check
+	NOT-FOR-US: Nortel VOIP products
 CVE-2007-5637 (The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and
additional ...)
-	TODO: check
+	NOT-FOR-US: Nortel VOIP products
 CVE-2007-5636 (Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows
remote ...)
-	TODO: check
+	NOT-FOR-US: Nortel VOIP products
 CVE-2007-5635 (Multiple unspecified vulnerabilities in Salford Software Support
...)
-	TODO: check
+	NOT-FOR-US: Salford Software Support Incident Tracke
 CVE-2007-5634 (Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when
used on ...)
-	TODO: check
+	NOT-FOR-US: SpeedFan
 CVE-2007-5633 (Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when
used on ...)
-	TODO: check
+	NOT-FOR-US: SpeedFan
 CVE-2007-5632 (Multiple unspecified vulnerabilities in the kernel in Sun
Solaris 8 ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2007-5631 (Multiple PHP remote file inclusion vulnerabilities in
PeopleAggregator ...)
-	TODO: check
+	NOT-FOR-US: PeopleAggregator
 CVE-2007-5630 (SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS
...)
-	TODO: check
+	NOT-FOR-US: BBsProcesS BBPortalS
 CVE-2007-5629 (Cross-site scripting (XSS) vulnerability in admin/logon.asp in
...)
-	TODO: check
+	NOT-FOR-US: ShoppingTree CandyPress Store #
 CVE-2007-5628 (PHP remote file inclusion vulnerability in src/scripture.php in
TOWeLS ...)
-	TODO: check
+	NOT-FOR-US: TOWeLS
 CVE-2007-5627 (PHP remote file inclusion vulnerability in
content/fnc-readmail3.php ...)
 	TODO: check
 CVE-2007-5626 (make_catalog_backup in Bacula 2.2.5, and probably earlier, sends
a ...)