[Secure-testing-commits] r4930 - data/CVE

Joey Hess Tue, 07 Nov 2006 12:14:42 -0800

Author: joeyh
Date: 2006-11-07 21:14:37 +0100 (Tue, 07 Nov 2006)
New Revision: 4930


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-11-07 19:42:05 UTC (rev 4929)
+++ data/CVE/list       2006-11-07 20:14:37 UTC (rev 4930)
@@ -1,3 +1,257 @@
+CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote 
attackers to ...)
+       TODO: check
+CVE-2006-5776 (** DISPUTED ** ...)
+       TODO: check
+CVE-2006-5775 (Cross-site scripting (XSS) vulnerability in profile.php in 
FunkBoard ...)
+       TODO: check
+CVE-2006-5774 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System 
before ...)
+       TODO: check
+CVE-2006-5773 (Directory traversal vulnerability in index.php in FreeWebshop 
2.2.1 ...)
+       TODO: check
+CVE-2006-5772 (Multiple SQL injection vulnerabilities in index.php in 
FreeWebshop ...)
+       TODO: check
+CVE-2006-5771 (Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 
and 2.0 ...)
+       TODO: check
+CVE-2006-5770 (Multiple cross-site scripting (XSS) vulnerabilities in Mobile 
allow ...)
+       TODO: check
+CVE-2006-5769 (Multiple cross-site scripting (XSS) vulnerabilities in 
admin.tool CMS ...)
+       TODO: check
+CVE-2006-5768 (Multiple PHP remote file inclusion vulnerabilities in 
Cyberfolio 2.0 ...)
+       TODO: check
+CVE-2006-5767 (PHP remote file inclusion vulnerability in includes/xhtml.php 
in Drake ...)
+       TODO: check
+CVE-2006-5766 (PHP remote file inclusion vulnerability in volume.php in 
Article ...)
+       TODO: check
+CVE-2006-5765 (SQL injection vulnerability in rss.php in Article Script 1.6.3 
and ...)
+       TODO: check
+CVE-2006-5764 (PHP remote file inclusion vulnerability in contact.php in Free 
File ...)
+       TODO: check
+CVE-2006-5763 (Multiple PHP remote file inclusion vulnerabilities in Free File 
...)
+       TODO: check
+CVE-2006-5762 (PHP remote file inclusion vulnerability in forgot_pass.php in 
Free ...)
+       TODO: check
+CVE-2006-5761 (Cross-site scripting (XSS) vulnerability in index.php in 
Rhadrix ...)
+       TODO: check
+CVE-2006-5760 (Multiple PHP remote file inclusion vulnerabilities in 
phpDynaSite ...)
+       TODO: check
+CVE-2006-5759 (index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows 
remote ...)
+       TODO: check
+CVE-2006-5758 (Microsoft Windows 2000 through 2000 SP4 and Windows XP through 
SP2 ...)
+       TODO: check
+CVE-2006-5757 (Race condition in the __find_get_block_slow function in the 
ISO9660 ...)
+       TODO: check
+CVE-2006-5756
+       RESERVED
+CVE-2006-5755
+       RESERVED
+CVE-2006-5754
+       RESERVED
+CVE-2006-5753
+       RESERVED
+CVE-2006-5752
+       RESERVED
+CVE-2006-5751
+       RESERVED
+CVE-2006-5750
+       RESERVED
+CVE-2006-5749
+       RESERVED
+CVE-2006-5748
+       RESERVED
+CVE-2006-5747
+       RESERVED
+CVE-2006-5746 (The console in AirMagnet Enterprise does not properly validate 
the ...)
+       TODO: check
+CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the 
...)
+       TODO: check
+CVE-2006-5744 (Multiple SQL injection vulnerabilities in Highwall Enterprise 
and ...)
+       TODO: check
+CVE-2006-5743 (Multiple cross-site scripting (XSS) vulnerabilities in Highwall 
...)
+       TODO: check
+CVE-2006-5742 (The AirMagnet Enterprise console and Remote Sensor console 
(Laptop) in ...)
+       TODO: check
+CVE-2006-5741 (Multiple cross-site scripting (XSS) vulnerabilities in 
AirMagnet ...)
+       TODO: check
+CVE-2006-5739 (PHP remote file inclusion vulnerability in 
cpadmin/cpa_index.php in ...)
+       TODO: check
+CVE-2006-5738 (Multiple SQL injection vulnerabilities in PunBB before 1.2.14 
allow ...)
+       TODO: check
+CVE-2006-5737 (PunBB uses a predictable cookie_seed value that can be derived 
from ...)
+       TODO: check
+CVE-2006-5736 (SQL injection vulnerability in search.php in PunBB before 
1.2.14, when ...)
+       TODO: check
+CVE-2006-5735 (Directory traversal vulnerability in include/common.php in 
PunBB ...)
+       TODO: check
+CVE-2006-5734 (Multiple PHP remote file inclusion vulnerabilities in ATutor 
1.5.3.2 ...)
+       TODO: check
+CVE-2006-5733 (Directory traversal vulnerability in error.php in PostNuke 
0.763 and ...)
+       TODO: check
+CVE-2006-5732 (SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 
and ...)
+       TODO: check
+CVE-2006-5731 (Directory traversal vulnerability in classes/index.php in 
Lithium CMS ...)
+       TODO: check
+CVE-2006-5730 (PHP remote file inclusion vulnerability in ...)
+       TODO: check
+CVE-2006-5729 (Yazd Discussion Forum before 3.0 beta does not properly manage 
forum ...)
+       TODO: check
+CVE-2006-5728 (XM Easy Personal FTP Server 5.2.1 and earlier allows remote ...)
+       TODO: check
+CVE-2006-5727 (PHP remote file inclusion vulnerability in 
admin/controls/cart.php in ...)
+       TODO: check
+CVE-2006-5726 (alloccgblk in the UFS filesystem in Solaris 10 allows local 
users to ...)
+       TODO: check
+CVE-2006-5725 (The SSL server in AEP Smartgate 4.3b allows remote attackers to 
...)
+       TODO: check
+CVE-2006-5724 (Heap-based buffer overflow the &quot;Answering Service&quot; 
function in ICQ ...)
+       TODO: check
+CVE-2006-5723 (SQL injection vulnerability in DataparkSearch Engine 4.42 and 
earlier ...)
+       TODO: check
+CVE-2006-5722 (Multiple PHP remote file inclusion vulnerabilities in Segue CMS 
1.5.9 ...)
+       TODO: check
+CVE-2006-5721 (The \Device\SandBox driver in Outpost Firewall PRO 4.0 
(964.582.059) ...)
+       TODO: check
+CVE-2006-5720 (SQL injection vulnerability in modules/journal/search.php in 
the ...)
+       TODO: check
+CVE-2006-5719 (SQL injection vulnerability in libs/sessions.lib.php in 
BytesFall ...)
+       TODO: check
+CVE-2006-5718 (Cross-site scripting (XSS) vulnerability in error.php in 
phpMyAdmin ...)
+       TODO: check
+CVE-2006-5717 (Multiple cross-site scripting (XSS) vulnerabilities in Zend 
Google ...)
+       TODO: check
+CVE-2006-5716 (Directory traversal vulnerability in aff_news.php in FreeNews 
2.1 ...)
+       TODO: check
+CVE-2006-5715 (Easy File Sharing (EFS) Easy Address Book 1.2, when run on an 
NTFS ...)
+       TODO: check
+CVE-2006-5714 (Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS 
file ...)
+       TODO: check
+CVE-2006-5713 (Cross-site scripting (XSS) vulnerability in Easy File Sharing 
(EFS) ...)
+       TODO: check
+CVE-2006-5712 (Cross-site scripting (XSS) vulnerability in Mirapoint WebMail 
allows ...)
+       TODO: check
+CVE-2006-5711 (ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router allows 
remote ...)
+       TODO: check
+CVE-2006-5710 (The Airport driver for certain Orinoco based Airport cards in 
Darwin ...)
+       TODO: check
+CVE-2006-5709 (Unspecified vulnerability in WorldClient in Alt-N Technologies 
MDaemon ...)
+       TODO: check
+CVE-2006-5708 (Multiple unspecified vulnerabilities in MDaemon and WorldClient 
in ...)
+       TODO: check
+CVE-2006-5707 (SQL injection vulnerability in index.php in PHPEasyData Pro 
1.4.1 and ...)
+       TODO: check
+CVE-2006-5706 (Unspecified vulnerabilities in PHP, probably before 5.2.0, 
allow local ...)
+       TODO: check
+CVE-2006-5705 (Directory traversal vulnerability in plugins/wp-db-backup.php 
in ...)
+       TODO: check
+CVE-2006-5704 (HP NonStop Server G06.29, when running Standard Security 
T6533G06 ...)
+       TODO: check
+CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in 
tiki-featured_link.php in ...)
+       TODO: check
+CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive 
information ...)
+       TODO: check
+CVE-2006-5701 (Double free vulnerability in squashfs module in the Linux 
kernel ...)
+       TODO: check
+CVE-2006-5700
+       RESERVED
+CVE-2006-5699
+       RESERVED
+CVE-2006-5698
+       RESERVED
+CVE-2006-5697
+       RESERVED
+CVE-2006-5696
+       RESERVED
+CVE-2006-5695
+       RESERVED
+CVE-2006-5694
+       RESERVED
+CVE-2006-5693
+       RESERVED
+CVE-2006-5692
+       RESERVED
+CVE-2006-5691
+       RESERVED
+CVE-2006-5690
+       RESERVED
+CVE-2006-5689
+       RESERVED
+CVE-2006-5688
+       RESERVED
+CVE-2006-5687
+       RESERVED
+CVE-2006-5686
+       RESERVED
+CVE-2006-5685
+       RESERVED
+CVE-2006-5684
+       RESERVED
+CVE-2006-5683
+       RESERVED
+CVE-2006-5682
+       RESERVED
+CVE-2006-5681
+       RESERVED
+CVE-2006-5680
+       RESERVED
+CVE-2006-5679 (Integer overflow in the ffs_mountfs function in FreeBSD 6.1 
allows ...)
+       TODO: check
+CVE-2006-5678 (** DISPUTED ** ...)
+       TODO: check
+CVE-2006-5677 (resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 
2.0.0p8 and ...)
+       TODO: check
+CVE-2006-5676 (SQL injection vulnerability in consult/classement.php in 
Uni-Vert ...)
+       TODO: check
+CVE-2006-5675 (Multiple unspecified vulnerabilities in Pentaho Business 
Intelligence ...)
+       TODO: check
+CVE-2006-5674 (Multiple PHP remote file inclusion vulnerabilities in miniBB 
2.0.2 and ...)
+       TODO: check
+CVE-2006-5673 (PHP remote file inclusion vulnerability in bb_func_txt.php in 
miniBB ...)
+       TODO: check
+CVE-2006-5672 (PHP remote file inclusion vulnerability in 
web/init_mysource.php in ...)
+       TODO: check
+CVE-2006-5671 (PHP remote file inclusion vulnerability in contact.php in Free 
Image ...)
+       TODO: check
+CVE-2006-5670 (PHP remote file inclusion vulnerability in forgot_pass.php in 
Free ...)
+       TODO: check
+CVE-2006-5669 (PHP remote file inclusion vulnerability in 
gestion/savebackup.php in ...)
+       TODO: check
+CVE-2006-5668 (Unspecified vulnerability in Ampache 3.3.2 and earlier, when 
...)
+       TODO: check
+CVE-2006-5667 (Multiple PHP remote file inclusion vulnerabilities in P-Book 
1.17 and ...)
+       TODO: check
+CVE-2006-5666 (SQL injection vulnerability in includes/menu.inc.php in E-Annu 
1.0 ...)
+       TODO: check
+CVE-2006-5665 (PHP remote file inclusion vulnerability in 
admin/modules_data.php in ...)
+       TODO: check
+CVE-2006-5664 (The installation script in IBM Informix Dynamic Server 10.00, 
Informix ...)
+       TODO: check
+CVE-2006-5663 (IBM Informix Dynamic Server 10.00, Informix Client Software ...)
+       TODO: check
+CVE-2006-5662 (SQL injection vulnerability in easy notesManager (eNM) 0.0.1 
allows ...)
+       TODO: check
+CVE-2006-5661 (Cross-site scripting (XSS) vulnerability in nquser.php in 
VIRtech ...)
+       TODO: check
+CVE-2006-5660 (Cisco Security Agent Management Center (CSAMC) 5.1 before 
5.1.0.79 ...)
+       TODO: check
+CVE-2006-5659 (PAM_extern before 0.2 sends a password as a command line 
argument, ...)
+       TODO: check
+CVE-2006-5658 (BlooMooWeb ActiveX control (AidemATL.dll) allows remote 
attackers to ...)
+       TODO: check
+CVE-2006-5657 (Multiple off-by-one errors in src/text.c in Vilistextum before 
2.6.9 ...)
+       TODO: check
+CVE-2006-5656 (Memory leak in the push_align function in src/util.c in 
Vilistextum ...)
+       TODO: check
+CVE-2006-5655 (SQL injection vulnerability in index.php in OpenDocMan 1.2p3 
allows ...)
+       TODO: check
+CVE-2006-5654 (Unspecified vulnerability in the Network Security Services 
(NSS) in ...)
+       TODO: check
+CVE-2006-5653 (Cross-site scripting (XSS) vulnerability in the errorHTML 
function in ...)
+       TODO: check
+CVE-2006-5652 (Cross-site scripting (XSS) vulnerability in Sun iPlanet 
Messaging ...)
+       TODO: check
+CVE-2006-5651
+       RESERVED
+CVE-2006-5650
+       RESERVED
 CVE-2006-XXXX [phpmyadmin XSS (PMASA-2006-6)]
        - phpmyadmin 4:2.9.0.3-1 (low; bug #396638)
        [sarge] - phpmyadmin <not-affected> (Vulnerable code not present)
@@ -71,7 +325,7 @@
        TODO: check
 CVE-2006-5617 (Directory traversal vulnerability in index.php in Thepeak File 
Upload ...)
        TODO: check
-CVE-2006-5616 (Multiple unspecified vulnerabilities in OpenPBS, as use in SUSE 
Linux ...)
+CVE-2006-5616 (Multiple unspecified vulnerabilities in OpenPBS, as used in 
SUSE Linux ...)
        TODO: check
 CVE-2006-5615 (PHP remote file inclusion vulnerability in publish.php in 
Textpattern ...)
        TODO: check
@@ -195,7 +449,7 @@
        TODO: check
 CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 
5.0 ...)
        NOT-FOR-US: Cisco Security Agent 
-CVE-2006-5552 (Heap-based buffer overflow in RevilloC MailServer 1.21 and 
earlier ...)
+CVE-2006-5552 (Multiple heap-based buffer overflows in RevilloC MailServer 
1.21 and ...)
        TODO: check
 CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might 
allow ...)
        TODO: check
@@ -353,7 +607,7 @@
        NOT-FOR-US: Castor
 CVE-2006-5479 (The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows 
remote ...)
        NOT-FOR-US: Novell eDirectory
-CVE-2006-5478 (Stack-based buffer overflow in the BuildRedirectURL function in 
the ...)
+CVE-2006-5478 (Multiple stack-based buffer overflows in Novell eDirectory 
8.8.x ...)
        NOT-FOR-US: Novell eDirectory
 CVE-2006-5477 (Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form 
...)
        - drupal <unfixed> (low)
@@ -377,13 +631,11 @@
        - wireshark 0.99.4-1 (bug #396258; medium)
 CVE-2006-5467 (The cgi.rb CGI library for Ruby 1.8 allows remote attackers to 
cause a ...)
        TODO: check
-CVE-2006-5466 [rpm heap overflow in changelog parsing]
-       RESERVED
+CVE-2006-5466 (Heap-based buffer overflow in the showQueryPackage function in 
librpm ...)
        - rpm 4.4.1-11 (low)
        NOTE: This needs further investigation, most probably a non-issue, 
pinged maintainer
        NOTE: [sarge] - rpm <no-dsa> (You need to trust the RPMs you're 
installing)
-CVE-2006-5465 [php htmlentities() and htmlspecialchars() buffer overflow]
-       RESERVED
+CVE-2006-5465 (Buffer overflow in PHP before 5.2.0 allows remote attackers to 
execute ...)
        - php4 4:4.4.4-4 (high; bug #396764)
        - php5 5.1.6-6 (high; bug #396766)
 CVE-2006-5464
@@ -530,8 +782,8 @@
        NOT-FOR-US: PHPRecipeBook
 CVE-2006-5398 (SQL injection vulnerability in comments.php in Simplog 0.9.3.1 
allows ...)
        NOT-FOR-US: Simplog
-CVE-2006-5397
-       RESERVED
+CVE-2006-5397 (The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 
1.0.2 ...)
+       TODO: check
 CVE-2006-5396 (The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel 
before ...)
        NOT-FOR-US: Sun Solaris
 CVE-2006-5395 (Buffer overflow in Microsoft Class Package Export Tool (aka ...)
@@ -1775,17 +2027,13 @@
        - qt4-x11 4.2.1-1 (bug #394192)
 CVE-2006-4810
        RESERVED
-CVE-2006-4809 [imlib2 vulnerability]
-       RESERVED
+CVE-2006-4809 (Stack-based buffer overflow in loader_pnm.c in imlib2 before 
1.2.1, ...)
        - imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4808 [imlib2 vulnerability]
-       RESERVED
+CVE-2006-4808 (Heap-based buffer overflow in loader_tga.c in imlib2 before 
1.2.1, and ...)
        - imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4807 [imlib2 vulnerability]
-       RESERVED
+CVE-2006-4807 (loader_tga.c in imlib2 before 1.2.1, and possibly other 
versions, ...)
        - imlib2 1.3.0.0debian1-3 (medium; bug #397371)
-CVE-2006-4806 [imlib2 vulnerability]
-       RESERVED
+CVE-2006-4806 (Multiple integer overflows in imlib2 allow user-assisted remote 
...)
        - imlib2 1.3.0.0debian1-3 (medium; bug #397371)
 CVE-2006-4805 (epan/dissectors/packet-xot.c in the XOT dissector 
(dissect_xot_pdu) in ...)
        {DSA-1201-1}
@@ -2294,8 +2542,8 @@
 CVE-2006-4573 (Multiple unspecified vulnerabilities in the &quot;utf8 
combining characters ...)
        {DSA-1202-1}
        - screen 4.0.3-0.1 (bug #395225; medium)
-CVE-2006-4572
-       RESERVED
+CVE-2006-4572 (Multiple unspecified vulnerabilities in netfilter for IPv6 code 
in ...)
+       TODO: check
 CVE-2006-4571 (Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, 
...)
        {DSA-1192-1 DSA-1191-1}
        NOTE: MFSA-2006-64
@@ -2447,8 +2695,8 @@
 CVE-2006-XXXX [hostapd dos]
        - hostapd 1:0.5.4-1
        [sarge] - hostapd <not-affected> (Vulnerable code not present)
-CVE-2006-4521
-       RESERVED
+CVE-2006-4521 (The BerDecodeLoginDataRequest function in the libnmasldap.so 
NMAS ...)
+       TODO: check
 CVE-2006-4520
        RESERVED
 CVE-2006-4519
@@ -3015,7 +3263,7 @@
        NOT-FOR-US: Jelsoft vBulletin
 CVE-2006-4270 (PHP remote file inclusion vulnerability in mambelfish.class.php 
in the ...)
        NOT-FOR-US: mambelfish component (com_mambelfish) for Mambo
-CVE-2006-4269 (PHP remote file inclusion vulnerability in admin.x-shop.php in 
the ...)
+CVE-2006-4269 (** DISPUTED ** ...)
        NOT-FOR-US: x-shop component (com_x-shop) for Mambo and Joomla!
 CVE-2006-4268 (Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 
3.0.11 ...)
        NOT-FOR-US: CubeCart
@@ -3489,7 +3737,7 @@
        NOT-FOR-US: SAPID Blog
 CVE-2006-4062 (PHP remote file inclusion vulnerability in ...)
        NOT-FOR-US: SAPID Shop 
-CVE-2006-4061 (PHP remote file inclusion vulnerability in index.php in Thomas 
Pequet ...)
+CVE-2006-4061 (** DISPUTED ** ...)
        NOT-FOR-US: phpPrintAnalyzer
 CVE-2006-4060 (PHP remote file inclusion vulnerability in calendar.php in 
Visual ...)
        NOT-FOR-US: Visual Events Calendar
@@ -24226,7 +24474,7 @@
        NOT-FOR-US: Novell portmapper
 CVE-2003-1149 (Cross-site scripting (XSS) vulnerability in Symantec Norton 
Internet ...)
        NOT-FOR-US: Symantec Norton Internet Security
-CVE-2003-1148 (PHP remote file inclusion vulnerability in (1) config.inc.php 
and (2) ...)
+CVE-2003-1148 (Multiple PHP remote file inclusion vulnerabilities in J-Pierre 
DEZELUS ...)
        NOT-FOR-US: Les Visiteurs
 CVE-2003-1147
        REJECTED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r4930 - data/CVE

Reply via email to