[Secure-testing-commits] r3784 - data/CVE

Joey Hess Tue, 11 Apr 2006 02:15:01 -0700

Author: joeyh
Date: 2006-04-11 09:14:22 +0000 (Tue, 11 Apr 2006)
New Revision: 3784


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-11 08:33:56 UTC (rev 3783)
+++ data/CVE/list       2006-04-11 09:14:22 UTC (rev 3784)
@@ -1,3 +1,54 @@
+CVE-2006-1675 (Multiple cross-site scripting (XSS) vulnerabilities in 
PHPWebGallery ...)
+       TODO: check
+CVE-2006-1674 (Cross-site scripting (XSS) vulnerability in search.php in ...)
+       TODO: check
+CVE-2006-1673 (Cross-site scripting (XSS) vulnerability in vbugs.php in 
Dark_Wizard ...)
+       TODO: check
+CVE-2006-1672 (The installation of Cisco Transport Controller (CTC) for Cisco 
Optical ...)
+       TODO: check
+CVE-2006-1671 (Control cards for Cisco Optical Networking System (ONS) 15000 
series ...)
+       TODO: check
+CVE-2006-1670 (Control cards for Cisco Optical Networking System (ONS) 15000 
series ...)
+       TODO: check
+CVE-2006-1669 (SQL injection vulnerability in chat/messagesL.php3 in phpHeaven 
Team ...)
+       TODO: check
+CVE-2006-1668 (newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) 
(aka ...)
+       TODO: check
+CVE-2006-1667 (SQL injection vulnerability in slides.php in Eric Gerdes Crafty 
Syntax ...)
+       TODO: check
+CVE-2006-1666 (SQL injection vulnerability in forum.php in Arab Portal 2.0.1 
stable ...)
+       TODO: check
+CVE-2006-1665 (Multiple cross-site scripting (XSS) vulnerabilities in Arab 
Portal ...)
+       TODO: check
+CVE-2006-1664 (Buffer overflow in xine_list_delete_current in libxine 1.14 and 
...)
+       TODO: check
+CVE-2006-1663
+       REJECTED
+       TODO: check
+CVE-2006-1662 (The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows 
remote ...)
+       TODO: check
+CVE-2006-1661 (Multiple cross-site scripting (XSS) vulnerabilities in SKForum 
1.5 and ...)
+       TODO: check
+CVE-2006-1660 (Cross-site scripting (XSS) vulnerability in image_desc.php in 
Softbiz ...)
+       TODO: check
+CVE-2006-1659 (Multiple SQL injection vulnerabilities in Softbiz Image Gallery 
allow ...)
+       TODO: check
+CVE-2006-1658 (Direct static code injection vulnerability in ticker.db.php in 
Chucky ...)
+       TODO: check
+CVE-2006-1657 (Cross-site scripting (XSS) vulnerability in index.php in Chucky 
...)
+       TODO: check
+CVE-2005-4772 (Yet another Setup Tool (YaST) in SUSE Linux before 20051007 
preserves ...)
+       TODO: check
+CVE-2005-4771 (Trusted Mobility Agent PC Policy in Trust Digital Trusted 
Mobility ...)
+       TODO: check
+CVE-2005-4770 (SQL injection vulnerability in an unspecified Accelerated 
Enterprise ...)
+       TODO: check
+CVE-2005-4769 (SQL injection vulnerability in addrbook.php in Belchior Foundry 
vCard ...)
+       TODO: check
+CVE-2005-4768 (SQL injection vulnerability in manage_account.php in Tux Racer 
TuxBank ...)
+       TODO: check
+CVE-2004-2655 (rdesktop 1.3.1 with xscreensaver 4.14, and possibly other 
versions, ...)
+       TODO: check
 CVE-2006-XXXX [linphone insecure password leakage]
        - linphone <unfixed> (bug #361913)
 CVE-2006-1656 (vserver in util-vserver 0.30.209 executes a command as root 
when the ...)
@@ -53,8 +104,8 @@
        RESERVED
 CVE-2006-1631 (Unspecified vulnerability in the HTTP compression functionality 
in ...)
        TODO: check
-CVE-2006-1629
-       RESERVED
+CVE-2006-1629 (OpenVPN 2.0 through 2.0.5 allows remote malicious servers to 
execute ...)
+       TODO: check
 CVE-2006-1628
        RESERVED
 CVE-2006-1627
@@ -91,8 +142,8 @@
        TODO: check
 CVE-2006-1609 (Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, 
XFIT/S/ZGN, ...)
        TODO: check
-CVE-2006-1608
-       RESERVED
+CVE-2006-1608 (The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local 
users ...)
+       TODO: check
 CVE-2006-1607 (Unspecified vulnerability in the banner module in Exponent CMS 
before ...)
        TODO: check
 CVE-2006-1606 (Unspecified vulnerability in the image module in Exponent CMS 
before ...)
@@ -144,16 +195,13 @@
        TODO: check
 CVE-2006-XXXX [openvpn missing setenv sanitising]
        - openvpn 2.0.6-1 (bug #360559; medium)
-CVE-2006-1614 [clamav 0.88.1 integer overflow]
-       RESERVED
+CVE-2006-1614 (Integer overflow in the cli_scanpe function in the PE header 
parser ...)
        {DSA-1024-1}
        - clamav 0.88.1-1
-CVE-2006-1630 [clamav 0.88.1 fix possible crash in cli_bitset_test()]
-       RESERVED
+CVE-2006-1630 (The cli_bitset_set function in libclamav/others.c in Clam 
AntiVirus ...)
        {DSA-1024-1}
        - clamav 0.88.1-1
-CVE-2006-1615 [clamav 0.88.1 format string flaws]
-       RESERVED
+CVE-2006-1615 (Multiple format string vulnerabilities in the logging code in 
Clam ...)
        {DSA-1024-1}
        - clamav 0.88.1-1
 CVE-2006-1586 (SQL injection vulnerability in admin_login.asp in ISP of Egypt 
SiteMan ...)
@@ -323,8 +371,8 @@
        RESERVED
 CVE-2006-1523
        RESERVED
-CVE-2006-1522
-       RESERVED
+CVE-2006-1522 (The sys_add_key function in the keyring code in Linux kernel 
2.6.16.1 ...)
+       TODO: check
 CVE-2006-1521
        RESERVED
 CVE-2006-1520
@@ -378,8 +426,8 @@
        NOT-FOR-US: ViHor Design
 CVE-2006-1495 (SQL injection vulnerability in general/sendpassword.php in (1) 
...)
        NOT-FOR-US: PHPCollab / NetOffice
-CVE-2006-1494
-       RESERVED
+CVE-2006-1494 (Directory traversal vulnerability in file.c in PHP 4.4.2 and 
5.1.2 ...)
+       TODO: check
 CVE-2006-1493 (Cross-site scripting (XSS) vulnerability in dir.php in Explorer 
XP ...)
        NOT-FOR-US: Explorer XP
 CVE-2006-1492 (Directory traversal vulnerability in dir.php in Explorer XP 
allows ...)
@@ -1492,8 +1540,8 @@
        NOT-FOR-US: Novell
 CVE-2006-0997 (The SSL server implementation in NILE.NLM in Novell NetWare 6.5 
and ...)
        NOT-FOR-US: Novell
-CVE-2006-0996
-       RESERVED
+CVE-2006-0996 (Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in 
PHP ...)
+       TODO: check
 CVE-2006-0995 (EMC Dantz Retrospect 7 backup client 7.0.107, and other 
versions ...)
        NOT-FOR-US: EMC Dantz Retrospect
 CVE-2006-0994
@@ -1583,8 +1631,8 @@
        RESERVED
 CVE-2006-0952
        RESERVED
-CVE-2006-0951
-       RESERVED
+CVE-2006-0951 (The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges 
when the ...)
+       TODO: check
 CVE-2006-0950 (unalz 0.53 allows user-complicit attackers to overwrite 
arbitrary ...)
        - unalz <unfixed> (bug #356832; medium)
 CVE-2006-0949 (RaidenHTTPD 1.1.47 allows remote attackers to obtain source 
code of ...)
@@ -3904,8 +3952,7 @@
        - imagemagick 6:6.2.4.5-0.6 (bug #345238; medium)
        NOTE: Exploitable through Gnus and Thunderbird.
        - graphicsmagick 1.1.7-1
-CVE-2006-0053 [libimager-perl DoS]
-       RESERVED
+CVE-2006-0053 (Unspecified vulnerability in Imager (libimager-perl) before 
5.0-1 ...)
        {DSA-1028-1}
        - libimager-perl 5.0-1 (bug #359661)
 CVE-2006-0052 (The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and 
earlier, ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3784 - data/CVE

Reply via email to