Author: joeyh
Date: 2006-05-05 21:14:24 +0000 (Fri, 05 May 2006)
New Revision: 3918
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-05 07:34:53 UTC (rev 3917)
+++ data/CVE/list 2006-05-05 21:14:24 UTC (rev 3918)
@@ -1,3 +1,109 @@
+CVE-2006-2214 (Multiple SQL injection vulnerabilities in 4images 1.7.1 and
earlier ...)
+ TODO: check
+CVE-2006-2213 (Hostapd 0.3.7-2 allows remote attackers to cause a denial of
service ...)
+ TODO: check
+CVE-2006-2212 (Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier
allows ...)
+ TODO: check
+CVE-2006-2211 (Absolute path traversal vulnerability in index.php in 321soft
...)
+ TODO: check
+CVE-2006-2210 (Cross-site scripting (XSS) vulnerability in index.php in
321soft ...)
+ TODO: check
+CVE-2006-2209 (Multiple SQL injection vulnerabilities in index.php in PHP
Arena ...)
+ TODO: check
+CVE-2006-2208 (Multiple cross-site scripting (XSS) vulnerabilities in
mynews.inc.php ...)
+ TODO: check
+CVE-2006-2207
+ RESERVED
+CVE-2006-2206 (The MS-Logon authentication scheme in UltraVNC (aka [EMAIL
PROTECTED]) 1.0.1 ...)
+ TODO: check
+CVE-2006-2205 (The audio_write function in NetBSD 3.0 allows local users to
cause a ...)
+ TODO: check
+CVE-2006-2204 (SQL injection vulnerability in the topic deletion functionality
...)
+ TODO: check
+CVE-2006-2203 (Unspecified vulnerability in Kerio MailServer before 6.1.4 has
unknown ...)
+ TODO: check
+CVE-2006-2202 (SQL injection vulnerability in post.php in Invision Gallery
2.0.6 ...)
+ TODO: check
+CVE-2006-2201 (Unspecified vulnerability in CA CAI Resource Initialization
Manager ...)
+ TODO: check
+CVE-2006-2200
+ RESERVED
+CVE-2006-2199
+ RESERVED
+CVE-2006-2198
+ RESERVED
+CVE-2006-2197
+ RESERVED
+CVE-2006-2196
+ RESERVED
+CVE-2006-2195
+ RESERVED
+CVE-2006-2194
+ RESERVED
+CVE-2006-2193
+ RESERVED
+CVE-2006-2192
+ RESERVED
+CVE-2006-2191
+ RESERVED
+CVE-2006-2190 (Cross-site scripting (XSS) vulnerability in ow-shared.pl in ...)
+ TODO: check
+CVE-2006-2189 (SQL injection vulnerability in search.php in Servous sBLOG
0.7.2 ...)
+ TODO: check
+CVE-2006-2188 (Multiple cross-site scripting (XSS) vulnerabilities in CMScout
1.10 ...)
+ TODO: check
+CVE-2006-2187 (Multiple cross-site scripting (XSS) vulnerabilities in zenphoto
1.0.1 ...)
+ TODO: check
+CVE-2006-2186 (zenphoto 1.0.1 beta and earlier allow remote attackers to
obtain ...)
+ TODO: check
+CVE-2006-2185
+ RESERVED
+CVE-2006-2184 (Cross-site scripting (XSS) vulnerability in search.php in PHPKB
...)
+ TODO: check
+CVE-2006-2183 (Untrusted search path vulnerability in Truecrypt 4.1, when
running ...)
+ TODO: check
+CVE-2006-2182 (Multiple PHP remote file inclusion vulnerabilities in (1)
eday.php, ...)
+ TODO: check
+CVE-2006-2181 (Multiple cross-site scripting (XSS) vulnerabilities in
albinator 2.0.8 ...)
+ TODO: check
+CVE-2006-2180 (Buffer overflow in Golden FTP Server Pro 2.70 allows remote
attackers ...)
+ TODO: check
+CVE-2006-2179 (Multiple SQL injection vulnerabilities in CyberBuild allow
remote ...)
+ TODO: check
+CVE-2006-2178 (Mulitiple cross-site scripting (XSS) vulnerabilities in
CyberBuild ...)
+ TODO: check
+CVE-2006-2177 (Cross-site scripting (XSS) vulnerability in viewcat.php in
geoBlog 1.0 ...)
+ TODO: check
+CVE-2006-2176 (Multiple cross-site scripting (XSS) vulnerabilities in
links.php in ...)
+ TODO: check
+CVE-2006-2175 (PHP remote file inclusion vulnerability in FtrainSoft Fast
Click 2.3.8 ...)
+ TODO: check
+CVE-2006-2174 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-2173 (Buffer overflow in FileZilla FTP Server allows remote
authenticated ...)
+ TODO: check
+CVE-2006-2172 (Buffer overflow in Gene6 FTP Server 3.1.0 allows remote
authenticated ...)
+ TODO: check
+CVE-2006-2171 (Buffer overflow in WDM.exe in WarFTPD allows remote attackers
to ...)
+ TODO: check
+CVE-2006-2170 (Buffer overflow in ArgoSoft FTP Server allows remote attackers
to ...)
+ TODO: check
+CVE-2006-2169 (RT: Request Tracker 3.5.HEAD allows remote attackers to obtain
...)
+ TODO: check
+CVE-2006-2168 (FileProtection Express 1.0.1 and earlier allows remote
attackers to ...)
+ TODO: check
+CVE-2006-2167 (Cross-site scripting (XSS) vulnerability in SloughFlash
SF-Users 1.0, ...)
+ TODO: check
+CVE-2006-2166 (Unspecified vulnerability in the HTTP management interface in
Cisco ...)
+ TODO: check
+CVE-2006-2165 (Multiple cross-site scripting (XSS) vulnerabilities in Avactis
...)
+ TODO: check
+CVE-2006-2164 (Multiple SQL injection vulnerabilities in Avactis Shopping Cart
0.1.2 ...)
+ TODO: check
+CVE-2006-2163 (Cross-site scripting (XSS) vulnerability in index.php in
Pinnacle Cart ...)
+ TODO: check
+CVE-2006-2162 (Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x
before ...)
+ TODO: check
CVE-2006-2161
RESERVED
CVE-2006-XXXX [MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command
execution]
@@ -1569,10 +1675,9 @@
NOTE: default configuration.
CVE-2006-1528
RESERVED
-CVE-2006-1527 [SCTP conntrack: fix infinite loop]
- RESERVED
+CVE-2006-1527 (The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows
remote ...)
- linux-2.6 2.6.16-12 (low)
-CVE-2006-1526 (Buffer overflow in the Xrender extension in X.org X server
6.8.0 up to ...)
+CVE-2006-1526 (Buffer overflow in the X render (Xrender) extension in X.org X
server ...)
- xorg-server 1:1.0.2-8
CVE-2006-1525 (ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local
users ...)
- linux-2.6 2.6.16-9
@@ -1589,12 +1694,12 @@
CVE-2006-1519 [quagga RIPD unauthenticated route injection]
RESERVED
- quagga 0.99.3-2 (bug #365940)
-CVE-2006-1518
- RESERVED
-CVE-2006-1517
- RESERVED
-CVE-2006-1516
- RESERVED
+CVE-2006-1518 (Buffer overflow in the open_table function in sql_base.cc in
MySQL ...)
+ TODO: check
+CVE-2006-1517 (sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18,
and ...)
+ TODO: check
+CVE-2006-1516 (The check_connection function in sql_parse.cc in MySQL 4.0.x up
to ...)
+ TODO: check
CVE-2006-1515
RESERVED
CVE-2006-1514 (Multiple buffer overflows in the abcmidi-yaps translator in
abcmidi ...)
@@ -2643,8 +2748,8 @@
RESERVED
CVE-2006-1053
RESERVED
-CVE-2006-1052
- RESERVED
+CVE-2006-1052 (The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6
allows ...)
+ TODO: check
CVE-2006-1051 (SQL injection vulnerability in Akarru Social BookMarking Engine
before ...)
NOT-FOR-US: Akurru Social BookMarking Engine
CVE-2006-1050 (Kwik-Pay Payroll 4.2.20, and possibly other versions, stores
the ...)
@@ -10065,7 +10170,7 @@
NOT-FOR-US: Rediff BOL)
CVE-2005-2857 (Free SMTP Server 2.2 allows remote attackers to use the server
as an ...)
NOT-FOR-US: Free SMTP Server
-CVE-2005-2856 (Stack-based buffer overflow in UNACEV2.DLL for ALZip 5.51
through 6.11 ...)
+CVE-2005-2856 (Stack-based buffer overflow in WinACE UNACEV2.DLL third-party
...)
NOT-FOR-US: ALZip
CVE-2005-2855 (Cross-site scripting (XSS) vulnerability in Unclassified
NewsBoard ...)
NOT-FOR-US: Unclassified Newsboard
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
