move abe47a5a-e23c-11d8-9b0a-000347a4fa7d to vuxml, add mozilla to the list of vulnerable ports

svn path=/head/; revision=115483

ports-mgmt/portaudit-db/database/portaudit.txt

@@ -54,7 +54,6 @@ pavuk<=0.9.28_5|http://www.securityfocus.com/archive/1/370248 http://archives.ne
 lcdproc<0.4.5|http://sourceforge.net/project/shownotes.php?release_id=230910 http://secunia.com/advisories/11333 http://www.securityfocus.com/archive/1/360209 http://www.securityfocus.com/bid/10085 http://www.osvdb.org/5157 http://www.osvdb.org/5158 http://www.osvdb.org/5159 http://www.osvdb.org/5160|LCDProc buffer overflow/format string vulnerabilities|62d23317-e072-11d8-9a79-000347dd607f
 sox>=12.17.1<=12.17.4_1|http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html http://secunia.com/advisories/12175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557|SoX buffer overflows when handling .WAV files|3e4ffe76-e0d4-11d8-9b0a-000347a4fa7d
 dansguardian<2.8.0.1|http://secunia.com/advisories/12191 http://www.securityfocus.com/archive/1/370346 http://www.osvdb.org/8270|DansGuardian banned extension filter bypass vulnerability|f6fd9200-e20e-11d8-9b0a-000347a4fa7d
-firefox>=0.9.1<=0.9.2|http://www.securityfocus.com/archive/1/369953|Mozilla Firefox certificate spoofing|abe47a5a-e23c-11d8-9b0a-000347a4fa7d
 imp<3.2.5|http://www.greymagic.com/security/advisories/gm005-mc/ http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h http://secunia.com/advisories/12202|XSS hole in the HTML viewer - This vulnerability only exists when using the Internet Explorer to access IMP and only when using the inline MIME viewer for HTML messages.|49189b47-e24d-11d8-9f75-000bdb1444a4
 phpMyAdmin<2.5.7.1|http://www.securityfocus.com/archive/1/367486 http://www.securityfocus.com/bid/10629 http://secunia.com/SA11974 http://www.osvdb.org/7314 http://www.osvdb.org/7315|phpMyAdmin configuration manipulation and code injection|56648b44-e301-11d8-9b0a-000347a4fa7d
 gnutls<1.0.17|http://www.hornik.sk/SA/SA-20040802.txt http://secunia.com/advisories/12156|GnuTLS certificate chain verification DoS|84ab58cf-e4ac-11d8-9b0a-000347a4fa7d

security/portaudit-db/database/portaudit.txt

@@ -54,7 +54,6 @@ pavuk<=0.9.28_5|http://www.securityfocus.com/archive/1/370248 http://archives.ne
 lcdproc<0.4.5|http://sourceforge.net/project/shownotes.php?release_id=230910 http://secunia.com/advisories/11333 http://www.securityfocus.com/archive/1/360209 http://www.securityfocus.com/bid/10085 http://www.osvdb.org/5157 http://www.osvdb.org/5158 http://www.osvdb.org/5159 http://www.osvdb.org/5160|LCDProc buffer overflow/format string vulnerabilities|62d23317-e072-11d8-9a79-000347dd607f
 sox>=12.17.1<=12.17.4_1|http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html http://secunia.com/advisories/12175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557|SoX buffer overflows when handling .WAV files|3e4ffe76-e0d4-11d8-9b0a-000347a4fa7d
 dansguardian<2.8.0.1|http://secunia.com/advisories/12191 http://www.securityfocus.com/archive/1/370346 http://www.osvdb.org/8270|DansGuardian banned extension filter bypass vulnerability|f6fd9200-e20e-11d8-9b0a-000347a4fa7d
-firefox>=0.9.1<=0.9.2|http://www.securityfocus.com/archive/1/369953|Mozilla Firefox certificate spoofing|abe47a5a-e23c-11d8-9b0a-000347a4fa7d
 imp<3.2.5|http://www.greymagic.com/security/advisories/gm005-mc/ http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h http://secunia.com/advisories/12202|XSS hole in the HTML viewer - This vulnerability only exists when using the Internet Explorer to access IMP and only when using the inline MIME viewer for HTML messages.|49189b47-e24d-11d8-9f75-000bdb1444a4
 phpMyAdmin<2.5.7.1|http://www.securityfocus.com/archive/1/367486 http://www.securityfocus.com/bid/10629 http://secunia.com/SA11974 http://www.osvdb.org/7314 http://www.osvdb.org/7315|phpMyAdmin configuration manipulation and code injection|56648b44-e301-11d8-9b0a-000347a4fa7d
 gnutls<1.0.17|http://www.hornik.sk/SA/SA-20040802.txt http://secunia.com/advisories/12156|GnuTLS certificate chain verification DoS|84ab58cf-e4ac-11d8-9b0a-000347a4fa7d

security/vuxml/vuln.xml

@@ -4207,4 +4207,51 @@ misc.c:
       <modified>2004-08-05</modified>
     </dates>
   </vuln>
+
+  <vuln vid="abe47a5a-e23c-11d8-9b0a-000347a4fa7d">
+    <topic>Mozilla certificate spoofing</topic>
+    <affects>
+      <package>
+        <name>firefox</name>
+        <range><ge>0.9.1</ge><le>0.9.2</le></range>
+      </package>
+      <package>
+        <name>linux-mozilla</name>
+        <range><lt>1.7.2</lt></range>
+      </package>
+      <package>
+        <name>linux-mozilla-devel</name>
+        <range><lt>1.7.2</lt></range>
+      </package>
+      <package>
+        <name>mozilla</name>
+        <range><lt>1.7.2,2</lt></range>
+        <range><ge>1.8.*,2</ge><le>1.8.a2,2</le></range>
+      </package>
+      <package>
+        <name>mozilla-gtk1</name>
+        <range><lt>1.7.2</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+        <p>Mozilla and Mozilla Firefox contains a flaw that may
+          allow a malicious user to spoof SSL certification.</p>
+      </body>
+    </description>
+    <references>
+      <mlist msgid="003a01c472ba$b2060900$6501a8c0@sec">http://www.securityfocus.com/archive/1/369953</mlist>
+      <url>http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory</url>
+      <url>http://secunia.com/advisories/12160</url>
+      <url>http://bugzilla.mozilla.org/show_bug.cgi?id=253121</url>
+      <url>http://www.osvdb.org/8238</url>
+      <bid>10796</bid>
+      <cvename>CAN-2004-0763</cvename>
+    </references>
+    <dates>
+      <discovery>2004-07-25</discovery>
+      <entry>2004-07-30</entry>
+      <modified>2004-08-05</modified>
+    </dates>
+  </vuln>
 </vuxml>