Secure testing commits - Mar 2008 - r8415 - data/CVE

Author: nion
Date: 2008-03-26 15:26:39 +0000 (Wed, 26 Mar 2008)
New Revision: 8415

Modified:
   data/CVE/list
Log:
NFUs

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-03-26 14:03:32 UTC (rev 8414)
+++ data/CVE/list	2008-03-26 15:26:39 UTC (rev 8415)
@@ -129,9 +129,9 @@
 CVE-2008-1427 (SQL injection vulnerability in the Joobi Acajoom (com_acajoom)
1.1.5 ...)
 	NOT-FOR-US: com_acajoom component for Joomla!
 CVE-2008-1426 (SQL injection vulnerability in album.asp in KAPhotoservice
allows ...)
-	TODO: check
+	NOT-FOR-US: KAPhotoservice
 CVE-2008-1425 (SQL injection vulnerability in index.php in the gallery module
in ...)
-	TODO: check
+	NOT-FOR-US: Easy-Clanpage
 CVE-2008-1424
 	RESERVED
 CVE-2008-1423
@@ -147,45 +147,45 @@
 CVE-2008-1418
 	RESERVED
 CVE-2008-1416 (Multiple PHP remote file inclusion vulnerabilities in PHPauction
GPL ...)
-	TODO: check
+	NOT-FOR-US: PHPauction GPL
 CVE-2008-1415 (Directory traversal vulnerability in index.php in Multiple Time
Sheets ...)
-	TODO: check
+	NOT-FOR-US: Multiple Time Sheets
 CVE-2008-1414 (Cross-site scripting (XSS) vulnerability in Multiple Time Sheets
(MTS) ...)
-	TODO: check
+	NOT-FOR-US: Multiple Time Sheets
 CVE-2008-1413 (Cross-site scripting (XSS) vulnerability in search.php in
SNewsCMS Rus ...)
-	TODO: check
+	NOT-FOR-US: SNewsCMS Rus
 CVE-2008-1412 (Unspecified vulnerability in multiple F-Secure anti-virus
products, ...)
-	TODO: check
+	NOT-FOR-US: F-Secure anti-virus
 CVE-2008-1411 (The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076
and ...)
-	TODO: check
+	NOT-FOR-US: Acronis Snap Deploy
 CVE-2008-1410 (Directory traversal vulnerability in the PXE Server (pxesrv.exe)
in ...)
-	TODO: check
+	NOT-FOR-US: Acronis Snap Deploy
 CVE-2008-1409 (Multiple directory traversal vulnerabilities in the Default
theme in ...)
-	TODO: check
+	NOT-FOR-US: Exero CMS
 CVE-2008-1408 (SQL injection vulnerability in
includes/functions/banners-external.php ...)
-	TODO: check
+	NOT-FOR-US: phpBP
 CVE-2008-1407 (SQL injection vulnerability in index.php in the WebChat 1.60
module ...)
-	TODO: check
+	NOT-FOR-US: WebChat module for eXV2
 CVE-2008-1406 (SQL injection vulnerability in annonces-p-f.php in the
MyAnnonces 1.8 ...)
-	TODO: check
+	NOT-FOR-US: MyAnnonces
 CVE-2008-1405 (PHP remote file inclusion vulnerability in code/display.php in
...)
-	TODO: check
+	NOT-FOR-US: fuzzylime
 CVE-2008-1404 (SQL injection vulnerability in index.php in the Viso (Industry
Book) ...)
-	TODO: check
+	NOT-FOR-US: Viso module for eXV2
 CVE-2008-1403 (Stack-based buffer overflow in the TFTP server in BootManage
TFTPD ...)
-	TODO: check
+	NOT-FOR-US: BootManage TFTPD
 CVE-2008-1402 (MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows
remote ...)
-	TODO: check
+	NOT-FOR-US: MG-SOFT Net Inspector
 CVE-2008-1401 (Format string vulnerability in the Net Inspector HTTP server
(mghttpd) ...)
-	TODO: check
+	NOT-FOR-US: MG-SOFT Net Inspector
 CVE-2008-1400 (Directory traversal vulnerability in the Net Inspector HTTP
Server ...)
-	TODO: check
+	NOT-FOR-US: MG-SOFT Net Inspector
 CVE-2008-1399 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
in ...)
-	TODO: check
+	NOT-FOR-US: Clansphere
 CVE-2008-1398 (SQL injection vulnerability in online.php in AuraCMS 2.0 through
2.2.1 ...)
-	TODO: check
+	NOT-FOR-US: AuraCMS
 CVE-2008-1397 (Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI
R55 ...)
-	TODO: check
+	NOT-FOR-US: Check Point VPN
 CVE-2008-1396 (Plone CMS 3.x uses invariant data (a client username and a
server ...)
 	TODO: check
 CVE-2008-1395 (Plone CMS does not record users'' authentication states,
and implements ...)