adeiacovo-guest at alioth.debian.org
2008-Nov-18 08:54 UTC
[Secure-testing-commits] r10410 - data/CVE
Author: adeiacovo-guest Date: 2008-11-18 08:54:36 +0000 (Tue, 18 Nov 2008) New Revision: 10410 Modified: data/CVE/list Log: checked a bunch of NFUs and a typo3 CVE Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-11-18 07:50:23 UTC (rev 10409) +++ data/CVE/list 2008-11-18 08:54:36 UTC (rev 10410) @@ -5,13 +5,16 @@ - dovecot <unfixed> (bug #506031) TODO: request CVE id CVE-2008-5097 (SQL injection vulnerability in index.php in MyFWB 1.0 allows remote ...) - TODO: check + NOT-FOR-US: MyFWB CVE-2008-5096 (Unspecified vulnerability in the TYPO3 File List (file_list) extension ...) - TODO: check + - typo3-src-4.2 <unfixed> (bug filed; medium) + - typo3-src-4.0 <unfixed> (bug filed; medium) + NOTE: upstream is not going to fix the bug, + NOTE: they recommend to remove the extension until it is not fixed. CVE-2008-5095 (Cross-site scripting (XSS) vulnerability in the Novell User ...) - TODO: check + NOT-FOR-US: Novell User Application CVE-2008-5094 (Heap-based buffer overflow in the NDS Service in Novell eDirectory ...) - TODO: check + NOT-FOR-US: eDirectory CVE-2008-5093 (Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack ...) TODO: check CVE-2008-5092 (Heap-based buffer overflows in Novell eDirectory HTTP protocol stack ...) @@ -19,11 +22,11 @@ CVE-2008-5091 (Buffer overflow in the LDAP Service in Novell eDirectory before 8.8 ...) TODO: check CVE-2008-5090 (Electron Inc. Advanced Electron Forum before 1.0.7 allows remote ...) - TODO: check + NOT-FOR-US: Advanced Electron Forum CVE-2008-5089 (Multiple insecure method vulnerabilities in the ...) TODO: check CVE-2008-5088 (Multiple SQL injection vulnerabilities in PHPKB Knowledge Base ...) - TODO: check + NOT-FOR-US: PHPKB CVE-2008-5087 (SQL injection vulnerability in TYPO3 Another Backend Login ...) TODO: check CVE-2008-5086