Author: joeyh
Date: 2006-10-31 09:14:26 +0100 (Tue, 31 Oct 2006)
New Revision: 4901
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-30 20:56:32 UTC (rev 4900)
+++ data/CVE/list 2006-10-31 08:14:26 UTC (rev 4901)
@@ -1,8 +1,204 @@
-CVE-2006-5740 [wireshark LDAP dissector issue]
+CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before
4.20.01 ...)
+ TODO: check
+CVE-2006-5610 (PHP remote file inclusion vulnerability in
player/includes/common.php ...)
+ TODO: check
+CVE-2006-5609 (Directory traversal vulnerability in dir.php in TorrentFlux 2.1
allows ...)
+ TODO: check
+CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7
before ...)
+ TODO: check
+CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA
IM-204 ...)
+ TODO: check
+CVE-2006-5606
+ RESERVED
+CVE-2006-5605 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-5604 (Directory traversal vulnerability in phpcards.header.php in
phpCards ...)
+ TODO: check
+CVE-2006-5603 (SQL injection vulnerability in pop_mail.asp in Snitz Forums
2000 ...)
+ TODO: check
+CVE-2006-5600 (Axalto Protiva 1.1, possibly only non-commercial versions,
stores ...)
+ TODO: check
+CVE-2006-5599 (Cross-site scripting (XSS) vulnerability in Oracle Application
Express ...)
+ TODO: check
+CVE-2006-5598 (Cross-site scripting (XSS) vulnerability in index.php for GOOP
Gallery ...)
+ TODO: check
+CVE-2006-5597 (join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0
allows ...)
+ TODO: check
+CVE-2006-5596 (Directory traversal vulnerability in the SSL server in AEP
Smartgate ...)
+ TODO: check
+CVE-2006-5595 (Unspecified vulnerability in the AirPcap support in Wireshark
...)
+ TODO: check
+CVE-2006-5594 (PHP remote file inclusion vulnerability in University of
British ...)
+ TODO: check
+CVE-2006-5593 (Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might
allow ...)
+ TODO: check
+CVE-2006-5592 (Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote
attackers to ...)
+ TODO: check
+CVE-2006-5591 (Multiple SQL injection vulnerabilities in Admin/check.asp in
PacPoll ...)
+ TODO: check
+CVE-2006-5590 (PHP remote file inclusion vulnerability in index.php in
ArticleBeach ...)
+ TODO: check
+CVE-2006-5589 (Multiple SQL injection vulnerabilities in LedgerSMB (LSMB)
1.1.0 and ...)
+ TODO: check
+CVE-2006-5588 (Multiple PHP remote file inclusion vulnerabilities in CMS
Faethon 2.0 ...)
+ TODO: check
+CVE-2006-5587 (Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3
and ...)
+ TODO: check
+CVE-2006-5586
+ RESERVED
+CVE-2006-5585
+ RESERVED
+CVE-2006-5584
+ RESERVED
+CVE-2006-5583
+ RESERVED
+CVE-2006-5582
+ RESERVED
+CVE-2006-5581
+ RESERVED
+CVE-2006-5580
+ RESERVED
+CVE-2006-5579
+ RESERVED
+CVE-2006-5578
+ RESERVED
+CVE-2006-5577
+ RESERVED
+CVE-2006-5576
+ RESERVED
+CVE-2006-5575
+ RESERVED
+CVE-2006-5574
+ RESERVED
+CVE-2006-5573
+ RESERVED
+CVE-2006-5572
+ RESERVED
+CVE-2006-5571 (Stack-based buffer overflow in /scripts/cruise/cws.exe in
CruiseWorks ...)
+ TODO: check
+CVE-2006-5570 (Directory traversal vulnerability in /scripts/cruise/cws.exe in
...)
+ TODO: check
+CVE-2006-5569 (FtpXQ Server 3.0.1 installs with two default testing accounts,
which ...)
+ TODO: check
+CVE-2006-5568 (FtpXQ Server 3.0.1 allows remote attackers to cause a denial of
...)
+ TODO: check
+CVE-2006-5567 (Multiple heap-based buffer overflows in AOL Nullsoft WinAmp
before ...)
+ TODO: check
+CVE-2006-5566 (CRLF injection vulnerability in premium/index.php in
Shop-Script ...)
+ TODO: check
+CVE-2006-5565 (CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows
remote ...)
+ TODO: check
+CVE-2006-5564 (Cross-site scripting (XSS) vulnerability in user.php in MAXdev
MD-Pro ...)
+ TODO: check
+CVE-2006-5563 (Unspecified vulnerability in Yahoo! Messenger (Service 18)
before ...)
+ TODO: check
+CVE-2006-5562 (PHP remote file inclusion vulnerability in include/database.php
in ...)
+ TODO: check
+CVE-2006-5561 (SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0
allows ...)
+ TODO: check
+CVE-2006-5560 (Cross-site scripting (XSS) vulnerability in heading.php in
Boesch ...)
+ TODO: check
+CVE-2006-5559 (The ADODB.Connection 2.7 ActiveX control object
(ADODB.Connection.2.7) ...)
+ TODO: check
+CVE-2006-5558 (Format string vulnerability in the swask command in HP-UX
B.11.11 and ...)
+ TODO: check
+CVE-2006-5557 (Stack-based buffer overflow in the (1) swpackage and (2)
swmodify ...)
+ TODO: check
+CVE-2006-5556 (Buffer overflow in the localtime_r function, and certain other
...)
+ TODO: check
+CVE-2006-5555 (PHP remote file inclusion vulnerability in constantes.inc.php
in ...)
+ TODO: check
+CVE-2006-5554 (Directory traversal vulnerability in index.php in Imageview 5
allows ...)
+ TODO: check
+CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and
5.0 ...)
+ TODO: check
+CVE-2006-5552 (Heap-based buffer overflow in RevilloC MailServer 1.21 and
earlier ...)
+ TODO: check
+CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might
allow ...)
+ TODO: check
+CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to
cause ...)
+ TODO: check
+CVE-2006-5549 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-5548 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in
Open ...)
+ TODO: check
+CVE-2006-5547 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in
Open ...)
+ TODO: check
+CVE-2006-5546 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in
Open ...)
+ TODO: check
+CVE-2006-5545 (Premium Antispam in Symantec Mail Security for Domino Server
5.1.x ...)
+ TODO: check
+CVE-2006-5544 (Visual truncation vulnerability in Microsoft Internet Explorer
7 ...)
+ TODO: check
+CVE-2006-5543 (PHP remote file inclusion vulnerability in misc/function.php3
in PHP ...)
+ TODO: check
+CVE-2006-5542 (backend/tcop/postgres.c in PostgreSQL 8.1.x before 8.1.5 allows
remote ...)
+ TODO: check
+CVE-2006-5541 (backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through
7.4.14, ...)
+ TODO: check
+CVE-2006-5540 (backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5
allows ...)
+ TODO: check
+CVE-2006-5539 (PHP remote file inclusion vulnerability in login/secure.php in
...)
+ TODO: check
+CVE-2006-5538 (D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows
remote ...)
+ TODO: check
+CVE-2006-5537 (Multiple cross-site scripting (XSS) vulnerabilities in
cgi-bin/webcm ...)
+ TODO: check
+CVE-2006-5536 (Directory traversal vulnerability in cgi-bin/webcm in D-Link
DSL-G624T ...)
+ TODO: check
+CVE-2006-5535 (Multiple cross-site scripting (XSS) vulnerabilities in
WebHostManager ...)
+ TODO: check
+CVE-2006-5534 (Multiple cross-site scripting (XSS) vulnerabilities in
index.htm in ...)
+ TODO: check
+CVE-2006-5533 (Multiple PHP remote file inclusion vulnerabilities in AROUNDMe
0.6.9, ...)
+ TODO: check
+CVE-2006-5532 (Cross-site scripting (XSS) vulnerability in rmgs/images.php in
RMSOFT ...)
+ TODO: check
+CVE-2006-5531 (PHP remote file inclusion vulnerability in embedded.php in
Ascended ...)
+ TODO: check
+CVE-2006-5530 (Multiple cross-site scripting (XSS) vulnerabilities in Boesch
SimpNews ...)
+ TODO: check
+CVE-2006-5529 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2006-5528 (Directory traversal vulnerability in mod.php in SchoolAlumni
Portal ...)
+ TODO: check
+CVE-2006-5527 (PHP remote file inclusion vulnerability in lib.editor.inc.php
in ...)
+ TODO: check
+CVE-2006-5526 (Multiple PHP remote file inclusion vulnerabilities in Teake
Nutma ...)
+ TODO: check
+CVE-2006-5525 (Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke
7.9 and ...)
+ TODO: check
+CVE-2006-5524 (Cross-site scripting (XSS) vulnerability in index.php in
phplist ...)
+ TODO: check
+CVE-2006-5523 (PHP remote file inclusion vulnerability in common.php in
EZ-Ticket ...)
+ TODO: check
+CVE-2006-5522 (Multiple PHP remote file inclusion vulnerabilities in Johannes
Erdfelt ...)
+ TODO: check
+CVE-2006-5521 (PHP remote file inclusion vulnerability in DNS/RR.php in
Net_DNS 0.03 ...)
+ TODO: check
+CVE-2006-5520 (PHP remote file inclusion vulnerability in functions.php in ...)
+ TODO: check
+CVE-2006-5519 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2006-5518 (Multiple PHP remote file inclusion vulnerabilities in
Christopher ...)
+ TODO: check
+CVE-2006-5517 (Multiple PHP remote file inclusion vulnerabilities in Rhode
Island ...)
+ TODO: check
+CVE-2006-5516 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-5515 (Cross-site scripting (XSS) vulnerability in lib-history.inc.php
in ...)
+ TODO: check
+CVE-2006-5514 (SQL injection vulnerability in quiz.php in Web Group
Communication ...)
+ TODO: check
+CVE-2006-5513 (SQL injection vulnerability in GeoNetwork opensource before
2.0.3 ...)
+ TODO: check
+CVE-2005-4814 (Unrestricted file upload vulnerability in Segue CMS before
1.3.6, when ...)
+ TODO: check
+CVE-2006-5740 (Unspecified vulnerability in the LDAP dissector in Wireshark
(formerly ...)
- wireshark <unfixed> (bug #396258; medium)
-CVE-2006-5602 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability]
+CVE-2006-5602 (Multiple memory leaks in xsupplicant before 1.2.6, and possibly
other ...)
- xsupplicant <unfixed> (bug #396204; medium)
-CVE-2006-5601 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability]
+CVE-2006-5601 (Stack-based buffer overflow in xsupplicant before 1.2.6, and
possibly ...)
- xsupplicant <unfixed> (bug #396204; medium)
CVE-2006-XXXX [several possible mysql 5.0 local DoS vulnerabilities]
- mysql-dfsg-5.0 5.0.26-1 (low)
@@ -91,15 +287,13 @@
CVE-2006-5471 (PHP remote file inclusion vulnerability in
example/lib/grid3.lib.php ...)
NOT-FOR-US: Softerra PHP Developer Library
CVE-2006-5470
- RESERVED
-CVE-2006-5469 [Wireshark WBXML dissector issue]
- RESERVED
+ REJECTED
+CVE-2006-5469 (Unspecified vulnerability in the WBXML dissector in Wireshark
...)
- wireshark <unfixed> (bug #396258; medium)
-CVE-2006-5468 [Wireshark HTTP dissector issue]
- RESERVED
+CVE-2006-5468 (Unspecified vulnerability in the HTTP dissector in Wireshark
(formerly ...)
- wireshark <unfixed> (bug #396258; medium)
-CVE-2006-5467
- RESERVED
+CVE-2006-5467 (The cgi.rb CGI library for Ruby 1.8 allows remote attackers to
cause a ...)
+ TODO: check
CVE-2006-5466
RESERVED
CVE-2006-5465
@@ -1498,8 +1692,7 @@
RESERVED
CVE-2006-4806
RESERVED
-CVE-2006-4805 [wireshark XOT dissector issue]
- RESERVED
+CVE-2006-4805 (epan/dissectors/packet-xot.c in the XOT dissector
(dissect_xot_pdu) in ...)
- wireshark <unfixed> (bug #396258; medium)
CVE-2006-4804
RESERVED
@@ -2000,8 +2193,7 @@
RESERVED
CVE-2006-4575
RESERVED
-CVE-2006-4574 [Wireshark MIME Multipart dissector issue]
- RESERVED
+CVE-2006-4574 (Off-by-one error in the MIME Multipart dissector in Wireshark
...)
- wireshark <unfixed> (bug #396258; medium)
CVE-2006-4573 (Multiple unspecified vulnerabilities in the "utf8
combining characters ...)
- screen 4.0.3-0.1 (bug #395225; medium)
@@ -2174,8 +2366,7 @@
RESERVED
CVE-2006-4514
RESERVED
-CVE-2006-4513 [wvware Multiple Integer Overflow Vulnerabilities]
- RESERVED
+CVE-2006-4513 (Multiple integer overflows in the WV library in wvWare
(formerly ...)
- wv <unfixed> (bug #396256; medium)
CVE-2006-4512
RESERVED
@@ -5265,7 +5456,7 @@
NOT-FOR-US: Open-Realty
CVE-2006-3147 (Unspecified vulnerability in Hosting Controller before 6.1 (aka
Hotfix ...)
NOT-FOR-US: Hosting Controller
-CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.23 and
earlier ...)
+CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and
earlier ...)
NOT-FOR-US: Toshiba drivers for Windows
CVE-2006-3145 (Buffer overflow in pamtofits of NetPBM 10.30 through 10.33
allows ...)
- netpbm-free <not-affected> (Debian's version is too old; affects
10.30 to 10.33 only)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
