Secure testing commits - Apr 2008 - r8495 - data/CVE

Author: nion
Date: 2008-04-09 13:34:35 +0000 (Wed, 09 Apr 2008)
New Revision: 8495

Modified:
   data/CVE/list
Log:
NFUs
CVE-2008-1637 fixed in pdns-recursor 3.1.5-1
new issue: sympa (CVE-2008-1648)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-04-09 13:01:20 UTC (rev 8494)
+++ data/CVE/list	2008-04-09 13:34:35 UTC (rev 8495)
@@ -105,45 +105,45 @@
 CVE-2008-1654 (Interaction error between Adobe Flash and multiple Universal
Plug and ...)
 	TODO: check
 CVE-2008-1653 (Directory traversal vulnerability in index.php in
Sava''s Link Manager ...)
-	TODO: check
+	NOT-FOR-US: Sava''s Link Manager
 CVE-2008-1652 (Directory traversal vulnerability in the _serve_request_multiple
...)
-	TODO: check
+	- perlbal <itp> (bug #456534)
 CVE-2008-1651 (Directory traversal vulnerability in admin/login.php in EasyNews
4.0 ...)
-	TODO: check
+	NOT-FOR-US: EasyNews
 CVE-2008-1650 (SQL injection vulnerability in dynamicpages/index.php in
EasyNews 4.0 ...)
-	TODO: check
+	NOT-FOR-US: EasyNews
 CVE-2008-1649 (Cross-site scripting (XSS) vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: EasyNews
 CVE-2008-1648 (Sympa before 5.4 allows remote attackers to cause a denial of
service ...)
-	TODO: check
+	- sympa <unfixed> (medium; bug #475163)
 CVE-2008-1647 (The ChilkatHttp.ChilkatHttp.1 and
ChilkatHttp.ChilkatHttpRequest.1 ...)
-	TODO: check
+	NOT-FOR-US: ChilkatHttp
 CVE-2008-1646 (SQL injection vulnerability in wp-download.php in the
WP-Download 1.2 ...)
-	TODO: check
+	NOT-FOR-US: WP-Download plugin for WordPress
 CVE-2008-1645 (Directory traversal vulnerability in body.php in phpSpamManager
...)
-	TODO: check
+	NOT-FOR-US: phpSpamManager
 CVE-2008-1644 (SQL injection vulnerability in viewlinks.php in Sava''s
Link Manager ...)
-	TODO: check
+	NOT-FOR-US: Sava''s Link Manager
 CVE-2008-1643 (Directory traversal vulnerability in the PXE TFTP Service ...)
-	TODO: check
+	NOT-FOR-US: LANDesk Management Suite
 CVE-2008-1642 (Directory traversal vulnerability in index.php in
Sava''s GuestBook 2.0 ...)
-	TODO: check
+	NOT-FOR-US: Sava''s GuestBook
 CVE-2008-1641 (SQL injection vulnerability in default.asp in EfesTECH Video 5.0
...)
-	TODO: check
+	NOT-FOR-US: EfesTECH Video
 CVE-2008-1640 (SQL injection vulnerability in jgs_treffen.php in the JGS-XA
...)
-	TODO: check
+	NOT-FOR-US: JGS-Treffen
 CVE-2008-1639 (SQL injection vulnerability in index.php in Neat weblog 0.2
allows ...)
-	TODO: check
+	NOT-FOR-US: Neat weblog
 CVE-2008-1638 (Nik Sharpener Pro, possibly 2.0, uses world-writable permissions
for ...)
-	TODO: check
+	NOT-FOR-US: Nik Sharpener Pro
 CVE-2008-1637 (PowerDNS Recursor before 3.1.5 uses insufficient randomness to
...)
-	TODO: check
+	- pdns-recursor 3.1.5-1
 CVE-2008-1636 (Cross-site scripting (XSS) vulnerability in index.php in JV2
Quick ...)
-	TODO: check
+	NOT-FOR-US: JV2 Quick Gallery
 CVE-2008-1635 (Directory traversal vulnerability in view_private.php in Keep It
...)
-	TODO: check
+	NOT-FOR-US: Keep It Simple Guest Book
 CVE-2008-1634 (Cross-site scripting (XSS) vulnerability in index.php in JV2
Folder ...)
-	TODO: check
+	NOT-FOR-US: JV2 Folder Gallery
 CVE-2008-1633 (Unspecified vulnerability in Mondo Rescue before 2.2.5 has
unknown ...)
 	TODO: check
 CVE-2008-1632 (Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow
remote ...)