diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2016-01-08 06:40:14 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2016-01-08 06:40:14 +0000 |
commit | 778b59a921712905e17d27395d06f147901a7b16 (patch) | |
tree | 91d087d1cfa2b019b2826e2ef05b964a336dc906 /data/CVE | |
parent | b01498e9bf7e6c1518785857775a441e2d3f99fa (diff) |
More cleanups for REJECTED entries
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@38767 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2002.list | 8 | ||||
-rw-r--r-- | data/CVE/2004.list | 3 | ||||
-rw-r--r-- | data/CVE/2005.list | 16 | ||||
-rw-r--r-- | data/CVE/2006.list | 6 | ||||
-rw-r--r-- | data/CVE/2007.list | 1 | ||||
-rw-r--r-- | data/CVE/2009.list | 1 | ||||
-rw-r--r-- | data/CVE/2010.list | 3 | ||||
-rw-r--r-- | data/CVE/2012.list | 5 | ||||
-rw-r--r-- | data/CVE/2013.list | 1 |
9 files changed, 1 insertions, 43 deletions
diff --git a/data/CVE/2002.list b/data/CVE/2002.list index 93476e5e18..619521f124 100644 --- a/data/CVE/2002.list +++ b/data/CVE/2002.list @@ -544,7 +544,6 @@ CVE-2002-2195 (Buffer overflow in the version update check for Winamp 2.80 and . NOT-FOR-US: Winamp CVE-2002-2194 REJECTED - NOT-FOR-US: Solaris CVE-2002-2193 (Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 ...) NOT-FOR-US: Mojo Mail CVE-2002-2192 (Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 ...) @@ -613,14 +612,12 @@ CVE-2002-2161 (Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote ... NOT-FOR-US: Kerio Personal Firewall CVE-2002-2160 REJECTED - NOT-FOR-US: MidiCart CVE-2002-2159 (Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the ...) NOT-FOR-US: Linksys hardware CVE-2002-2158 (zenTrack 2.0.3 and earlier allows remote attackers to obtain the full ...) NOT-FOR-US: zenTrack CVE-2002-2157 REJECTED - NOT-FOR-US: vBulletin CVE-2002-2156 (Buffer overflow in Trillian 0.73 allows remote IRC servers to execute ...) NOT-FOR-US: Cerulean Trillian CVE-2002-2155 (Format string vulnerability in the error handling of IRC invite ...) @@ -633,7 +630,6 @@ CVE-2002-2152 (The Czech edition of Software602's Web Server before 2002.0.02.09 NOT-FOR-US: Software602 CVE-2002-2151 REJECTED - NOT-FOR-US: Search97 CVE-2002-2150 (Firewalls from multiple vendors empty state tables more slowly than ...) NOTE: SYN floods etc generally filed as issues in linux specifically NOTE: if it is affected @@ -643,7 +639,6 @@ CVE-2002-2148 (Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline NOT-FOR-US: Lucent MAX Router CVE-2002-2147 REJECTED - NOT-FOR-US: Savant Web Server CVE-2002-2146 (cgitest.exe in Savant Web Server 3.1 and earlier allows remote ...) NOT-FOR-US: Savant Web Server CVE-2002-2145 (Savant Web Server 3.1 and earlier allows remote attackers to bypass ...) @@ -666,10 +661,8 @@ CVE-2002-2137 (GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and NOT-FOR-US: GlobalSunTech Wireless Access Points CVE-2002-2136 REJECTED - NOT-FOR-US: SUNW* CVE-2002-2135 REJECTED - NOT-FOR-US: HP-UX CVE-2002-2134 (haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP ...) NOT-FOR-US: PEEL CVE-2002-2133 (Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption ...) @@ -1696,7 +1689,6 @@ CVE-2002-1639 (Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows r NOT-FOR-US: Oracle CVE-2002-1638 REJECTED - NOT-FOR-US: Oracle CVE-2002-1637 (Multiple components in Oracle 9i Application Server (9iAS) are ...) NOT-FOR-US: Oracle CVE-2002-1636 (Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for ...) diff --git a/data/CVE/2004.list b/data/CVE/2004.list index 6170270ffc..e502b3a2a3 100644 --- a/data/CVE/2004.list +++ b/data/CVE/2004.list @@ -795,7 +795,6 @@ CVE-2004-2405 (Buffer overflow in multiple F-Secure Anti-Virus products, includi NOT-FOR-US: F-Secure Anti-Virus CVE-2004-2404 REJECTED - NOT-FOR-US: Leif Wright Web Blog CVE-2004-2403 (Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP ...) NOT-FOR-US: YaBB CVE-2004-2402 (Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP ...) @@ -1043,7 +1042,6 @@ CVE-2004-2286 (Integer overflow in the duplication operator in ActivePerl allows NOT-FOR-US: ActivePerl CVE-2004-2285 REJECTED - NOT-FOR-US: Perl on Windows CVE-2004-2284 (The read_list_from_file function in vacation.pl for OpenWebmail before ...) NOT-FOR-US: OpenWebmail CVE-2004-2283 (Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote ...) @@ -1846,7 +1844,6 @@ CVE-2004-1887 (Ada Image Server (ImgSvr) 0.4 allows remote attackers to view ... NOT-FOR-US: no_package CVE-2004-1886 REJECTED - NOT-FOR-US: no_package CVE-2004-1885 (Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to ...) NOT-FOR-US: no_package CVE-2004-1884 (Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with ...) diff --git a/data/CVE/2005.list b/data/CVE/2005.list index 47dee8be65..6f7c9f9c7e 100644 --- a/data/CVE/2005.list +++ b/data/CVE/2005.list @@ -617,7 +617,6 @@ CVE-2005-4634 (SQL injection vulnerability in index.php in ActiveCampaign Suppor NOT-FOR-US: ActiveCampaign SupportTrio CVE-2005-4633 REJECTED - NOT-FOR-US: phpoutsourcing Zorum Forum CVE-2005-4632 (SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and ...) NOT-FOR-US: Vote!Pro CVE-2005-4631 (SQL injection vulnerability in index.php in Zina 0.12.07 and earlier ...) @@ -1428,7 +1427,6 @@ CVE-2005-4266 (WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a . NOT-FOR-US: Alt-N MDaemon and WorldClient CVE-2005-4265 REJECTED - NOT-FOR-US: Alt-N MDaemon and WorldClient CVE-2005-4264 (Multiple SQL injection vulnerabilities in index.php in PHP Support ...) NOT-FOR-US: PHP Support Tickets CVE-2005-4263 (SQL injection vulnerability in the News module in Envolution allows ...) @@ -1716,10 +1714,8 @@ CVE-2005-4129 REJECTED CVE-2005-4128 REJECTED - NOT-FOR-US: Apple Quicktime CVE-2005-4127 REJECTED - NOT-FOR-US: iTunes CVE-2005-4126 (** UNVERIFIABLE, PRERELEASE ** ...) NOT-FOR-US: Pre-Notification for RealMedia vulnerability, which never appeared CVE-2005-4125 @@ -1999,7 +1995,6 @@ CVE-2005-3995 (Format string vulnerability in the dosyslog function in the OBEX NOTE: Checked obexserver source package, not vulnerable CVE-2005-3994 REJECTED - NOT-FOR-US: Atlassian Confluence CVE-2005-3993 (Multiple unspecified vulnerabilities in MailEnable Professional 1.6 ...) NOT-FOR-US: MailEnable CVE-2005-3992 (Multiple buffer overflows in WinEggDropShell remote access trojan ...) @@ -2008,7 +2003,6 @@ CVE-2005-3991 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat NOT-FOR-US: phpMyChat CVE-2005-3990 REJECTED - NOTE: duplicate of CVE-2006-3619 CVE-2005-3989 (Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack ...) NOT-FOR-US: Avaya hardware CVE-2005-3988 (SQL injection vulnerability in article.php in Pineapple Technologies ...) @@ -2999,7 +2993,6 @@ CVE-2005-3562 REJECTED CVE-2005-3561 REJECTED - NOT-FOR-US: ATutor CVE-2005-3560 (Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite ...) NOT-FOR-US: Zone Labs CVE-2005-3559 (Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 ...) @@ -3039,7 +3032,6 @@ CVE-2005-3543 (SQL injection vulnerability in search.php in Phorum 5.0.0alpha th NOT-FOR-US: Phorum CVE-2005-3542 REJECTED - NOT-FOR-US: Tonio Gallery CVE-2005-3541 RESERVED CVE-2005-3540 (Buffer overflow in petris before 1.0.1 allows remote attackers to ...) @@ -4755,7 +4747,6 @@ CVE-2005-2884 (Cross-site scripting (XSS) vulnerability in events.php in Land Do NOT-FOR-US: Land Down Under CVE-2005-2883 REJECTED - NOT-FOR-US: Unclassified News Board CVE-2005-2882 (Multiple cross-site scripting (XSS) vulnerabilities in ...) NOT-FOR-US: phpCommunityCalendar CVE-2005-2881 (phpCommunityCalendar 4.0.3 allows remote attackers to bypass ...) @@ -5934,7 +5925,6 @@ CVE-2005-2419 (B-FOCuS Router 312+ allows remote attackers to bypass authenticat NOT-FOR-US: hardware issue CVE-2005-2418 REJECTED - NOT-FOR-US: Realchat CVE-2005-2417 (Contrexx before 1.0.5 allows remote attackers to obtain sensitive ...) NOT-FOR-US: Contrexx CVE-2005-2416 (Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before ...) @@ -6093,7 +6083,6 @@ CVE-2005-2357 (Directory traversal vulnerability in EMC Navisphere Manager 6.4.1 NOT-FOR-US: EMC Navisphere Manager CVE-2005-2355 REJECTED - NOTE: see CVE-2005-2356 CVE-2005-2347 RESERVED CVE-2005-2346 (Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers ...) @@ -6187,7 +6176,6 @@ CVE-2005-2304 (Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remo NOT-FOR-US: Microsoft CVE-2005-2303 REJECTED - NOT-FOR-US: Microsoft CVE-2005-2302 (PowerDNS before 2.9.18, when allowing recursion to a restricted range ...) {DSA-771-1} - pdns 2.9.18-1 (medium; bug #318798) @@ -6607,7 +6595,6 @@ CVE-2005-2134 (The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 a NOT-FOR-US: NetBSD CVE-2005-2133 REJECTED - NOT-FOR-US: log4sh CVE-2005-2132 (RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and ...) NOT-FOR-US: SCO UnixWare CVE-2005-2131 @@ -7054,7 +7041,6 @@ CVE-2005-1959 (jammail.pl in jamchen JamMail 1.8 allows remote attackers to exec NOT-FOR-US: JamMail CVE-2005-1958 REJECTED - NOTE: see CVE-2005-1855 CVE-2005-1957 (mtnpeak.net File Upload Manager does not properly check user ...) NOT-FOR-US: File Upload Manager CVE-2005-1956 (File Upload Manager allows remote attackers to upload arbitrary files ...) @@ -9159,7 +9145,6 @@ CVE-2005-1033 (CubeCart 2.0.6 allows remote attackers to obtain sensitive inform NOT-FOR-US: CubeCart CVE-2005-1032 REJECTED - NOT-FOR-US: LiteCommerce CVE-2005-1031 (RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), ...) NOT-FOR-US: exoops CVE-2005-1030 (Multiple cross-site scripting (XSS) vulnerabilities in Active Auction ...) @@ -10286,7 +10271,6 @@ CVE-2005-0529 (Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types f [sarge] - kernel-source-2.6.8 2.6.8-14 CVE-2005-0528 REJECTED - NOTE: This was a dupe of the mremap kernel issue CVE-2003-0985 CVE-2005-0527 (Firefox 1.0 allows remote attackers to execute arbitrary code via ...) - mozilla-firefox 1.0.1 NOTE: didn't other with YA mozilla-browser bug, it has enough for 1.7.6 already.. diff --git a/data/CVE/2006.list b/data/CVE/2006.list index d99d276b39..9093f58f97 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -653,7 +653,6 @@ CVE-2006-6968 (Cross-site scripting (XSS) vulnerability in the group moderation NOT-FOR-US: Phorum CVE-2006-6967 REJECTED - NOT-FOR-US: Check Point Firewall-1 CVE-2006-6966 (phpGraphy before 0.9.13a does not properly unset variables when the ...) NOT-FOR-US: phpGraphy CVE-2006-6965 (CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki ...) @@ -8566,7 +8565,6 @@ CVE-2006-3433 RESERVED CVE-2006-3432 REJECTED - NOTE: duplicate of CVE-2007-0028 CVE-2006-3431 (Buffer overflow in certain Asian language versions of Microsoft Excel ...) NOT-FOR-US: Microsoft Excel CVE-2006-3430 (SQL injection vulnerability in checkprofile.asp in (1) PatchLink ...) @@ -12149,8 +12147,6 @@ CVE-2006-1846 (Cross-site scripting (XSS) vulnerability in the Your_Account modu NOT-FOR-US: PHP-Nuke CVE-2006-1845 REJECTED - NOT-FOR-US: Microsoft Exchange - NOTE: Duplicate of CVE-2006-0537 CVE-2006-1844 (The Debian installer for the (1) shadow 4.0.14 and (2) base-config ...) [sarge] - shadow 1:4.0.3-31sarge8 [sarge] - base-config <not-affected> @@ -15850,7 +15846,6 @@ CVE-2006-0265 (Multiple unspecified vulnerabilities in Oracle Database server .. NOT-FOR-US: Oracle CVE-2006-0264 REJECTED - NOT-FOR-US: Oracle CVE-2006-0263 (Multiple unspecified vulnerabilities in Oracle Database server ...) NOT-FOR-US: Oracle CVE-2006-0262 (Unspecified vulnerability in the Net Foundation Layer component of ...) @@ -16239,7 +16234,6 @@ CVE-2006-0093 (Cross-site scripting (XSS) vulnerability in index.php in @Card ME NOT-FOR-US: @Card ME PHP CVE-2006-0092 REJECTED - NOT-FOR-US: SiteSuite CMS CVE-2006-0091 (Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange ...) - open-xchange <itp> (bug #269329) CVE-2006-0090 (Directory traversal vulnerability in index.php in IDV Directory Viewer ...) diff --git a/data/CVE/2007.list b/data/CVE/2007.list index f2b5691015..b4e43d82b6 100644 --- a/data/CVE/2007.list +++ b/data/CVE/2007.list @@ -12925,7 +12925,6 @@ CVE-2007-1324 (SnapGear 560, 585, 580, 640, 710, and 720 appliances before the . NOT-FOR-US: SnapGear CVE-2007-1323 REJECTED - NOTE: replaced by both CVE-2007-5729 and CVE-2007-5730 CVE-2007-1322 (QEMU 0.8.2 allows local users to halt a virtual machine by executing ...) {DSA-1284-1 DTSA-38-1 DTSA-133-1} - qemu 0.9.0-2 (bug #424070) diff --git a/data/CVE/2009.list b/data/CVE/2009.list index f65e5a70ec..9b49ef1ae1 100644 --- a/data/CVE/2009.list +++ b/data/CVE/2009.list @@ -7658,7 +7658,6 @@ CVE-2009-2260 (stardict 3.0.1, when Enable Net Dict is configured, sends the con [lenny] - stardict 3.0.1-4+lenny1 CVE-2009-2259 REJECTED - NOT-FOR-US: PHP Address Book CVE-2009-2258 (Directory traversal vulnerability in cgi-bin/webcm in the ...) NOT-FOR-US: Netgear DG632 CVE-2009-2257 (The administrative web interface on the Netgear DG632 with firmware ...) diff --git a/data/CVE/2010.list b/data/CVE/2010.list index 0167ad7c74..fe8aedb945 100644 --- a/data/CVE/2010.list +++ b/data/CVE/2010.list @@ -5737,9 +5737,8 @@ CVE-2010-3092 (The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 d CVE-2010-3091 (The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...) {DSA-2113-1} - drupal6 6.18-1 (low; bug #592716) -CVE-2010-3090 [mailman, will be rejected] +CVE-2010-3090 REJECTED - NOT-FOR-US: ** REJECT ** mailman CVE-2010-3089 (Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman ...) {DSA-2170-1} - mailman 1:2.1.13-4.1 (bug #599833) diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 6850c09ce9..fb6770cb44 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -4785,8 +4785,6 @@ CVE-2012-4736 (The Device Encryption Client component in Sophos SafeGuard Enterp NOT-FOR-US: Sophos SafeGuard Enterprise CVE-2012-4735 REJECTED - NOTE: CVE-2012-4735 rejected in favour of CVE-2012-6578, CVE-2012-6579, CVE-2012-6580, CVE-2012-6581. - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=870406#c3 CVE-2012-4734 (Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows ...) {DSA-2567-1} - request-tracker3.8 <removed> @@ -7789,7 +7787,6 @@ CVE-2012-3542 (OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 - keystone 2012.1.1-5 CVE-2012-3541 REJECTED - {DLA-108-1} CVE-2012-3540 (Open redirect vulnerability in views/auth_forms.py in OpenStack ...) - horizon 2012.1.1-4 (bug #686050) CVE-2012-3539 @@ -8174,8 +8171,6 @@ CVE-2012-3416 (Condor before 7.8.2 allows remote attackers to bypass host-based - condor 7.8.2~dfsg.1-1 (bug #685366) CVE-2012-3415 REJECTED - - plpupload <itp> (bug #668396) - - wordpress 3.3.2 CVE-2012-3414 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload ...) - libjs-swfupload 2.2.0.1+ds1-2 (low; bug #681323) - wordpress 3.5.1+dfsg-1 (bug #698934) diff --git a/data/CVE/2013.list b/data/CVE/2013.list index c4882af52e..dc57e65f85 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -8241,7 +8241,6 @@ CVE-2013-4337 REJECTED CVE-2013-4336 REJECTED - NOT-FOR-US: Drupal module CVE-2013-4335 RESERVED NOT-FOR-US: opOpenSocialPlugin |