Author: stef-guest
Date: 2006-11-08 20:46:48 +0100 (Wed, 08 Nov 2006)
New Revision: 4936
Modified:
data/CVE/list
Log:
some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-08 19:20:43 UTC (rev 4935)
+++ data/CVE/list 2006-11-08 19:46:48 UTC (rev 4936)
@@ -3,73 +3,73 @@
CVE-2006-XXXX [motion insecure tempfile creation]
- motion 3.2.3-2 (bug #393846; low)
CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows
remote ...)
- TODO: check
+ NOT-FOR-US: XLink Omni-NFS Enterprise
CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c
in ELOG ...)
- elog <unfixed> (medium; bug #392016)
CVE-2006-5790 (Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2
and ...)
- elog <unfixed> (medium; bug #392016)
CVE-2006-5789 (WarFTPd 1.82.00-RC11 allows remote authenticated users to cause
a ...)
- TODO: check
+ NOT-FOR-US: WarFTPd
CVE-2006-5788 (PHP remote file inclusion vulnerability in (1) index.php and
(2) ...)
- TODO: check
+ NOT-FOR-US: IPrimal Forums
CVE-2006-5787 (admin/index.php in IPrimal Forums as of 20061105 allows remote
...)
- TODO: check
+ NOT-FOR-US: IPrimal Forums
CVE-2006-5786 (Directory traversal vulnerability in class2.php in e107 0.7.5
and ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2006-5785 (Unspecified vulnerability in SAP Web Application Server 6.40
before ...)
- TODO: check
+ NOT-FOR-US: SAP Web Application Server
CVE-2006-5784 (Unspecified vulnerability in SAP Web Application Server 6.40
before ...)
- TODO: check
+ NOT-FOR-US: SAP Web Application Server
CVE-2006-5783 (** DISPUTED ** ...)
- TODO: check
+ NOTE: irreproducible firefox issue
CVE-2006-5782
RESERVED
CVE-2006-5781 (Stack-based buffer overflow in the handshake function in iodine
0.3.2 ...)
- TODO: check
+ NOT-FOR-US: iodine
CVE-2006-5780 (Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS
Server 5.2 ...)
- TODO: check
+ NOT-FOR-US: XLink Omni-NFS
CVE-2006-5779 (Unspecified vulnerability in the openldap-2.2.29-1 package of
OpenLDAP ...)
TODO: check
CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote
attackers to ...)
- TODO: check
+ NOT-FOR-US: Creasito E-Commerce Content Manager
CVE-2006-5776 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Ariadne
CVE-2006-5775 (Cross-site scripting (XSS) vulnerability in profile.php in
FunkBoard ...)
- TODO: check
+ NOT-FOR-US: FunkBoard
CVE-2006-5774 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System
before ...)
- TODO: check
+ NOT-FOR-US: Hyper NIKKI System
CVE-2006-5773 (Directory traversal vulnerability in index.php in FreeWebshop
2.2.1 ...)
- TODO: check
+ NOT-FOR-US: FreeWebshop
CVE-2006-5772 (Multiple SQL injection vulnerabilities in index.php in
FreeWebshop ...)
- TODO: check
+ NOT-FOR-US: FreeWebshop
CVE-2006-5771 (Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0
and 2.0 ...)
- TODO: check
+ NOT-FOR-US: Arkoon SSL360
CVE-2006-5770 (Multiple cross-site scripting (XSS) vulnerabilities in Mobile
allow ...)
- TODO: check
+ NOT-FOR-US: Mobile
CVE-2006-5769 (Multiple cross-site scripting (XSS) vulnerabilities in
admin.tool CMS ...)
- TODO: check
+ NOT-FOR-US: admin.tool CMS
CVE-2006-5768 (Multiple PHP remote file inclusion vulnerabilities in
Cyberfolio 2.0 ...)
- TODO: check
+ NOT-FOR-US: Cyberfolio
CVE-2006-5767 (PHP remote file inclusion vulnerability in includes/xhtml.php
in Drake ...)
- TODO: check
+ NOT-FOR-US: Drake CMS
CVE-2006-5766 (PHP remote file inclusion vulnerability in volume.php in
Article ...)
- TODO: check
+ NOT-FOR-US: Article System
CVE-2006-5765 (SQL injection vulnerability in rss.php in Article Script 1.6.3
and ...)
- TODO: check
+ NOT-FOR-US: Article Script
CVE-2006-5764 (PHP remote file inclusion vulnerability in contact.php in Free
File ...)
- TODO: check
+ NOT-FOR-US: Free File Hosting
CVE-2006-5763 (Multiple PHP remote file inclusion vulnerabilities in Free File
...)
- TODO: check
+ NOT-FOR-US: Free File Hosting
CVE-2006-5762 (PHP remote file inclusion vulnerability in forgot_pass.php in
Free ...)
- TODO: check
+ NOT-FOR-US: Free File Hosting
CVE-2006-5761 (Cross-site scripting (XSS) vulnerability in index.php in
Rhadrix ...)
- TODO: check
+ NOT-FOR-US: Rhadrix If-CMS
CVE-2006-5760 (Multiple PHP remote file inclusion vulnerabilities in
phpDynaSite ...)
- TODO: check
+ NOT-FOR-US: phpDynaSite
CVE-2006-5759 (index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows
remote ...)
- TODO: check
+ NOT-FOR-US: Rhadrix If-CMS
CVE-2006-5758 (Microsoft Windows 2000 through 2000 SP4 and Windows XP through
SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5757 (Race condition in the __find_get_block_slow function in the
ISO9660 ...)
TODO: check
CVE-2006-5756
@@ -93,83 +93,83 @@
CVE-2006-5747
RESERVED
CVE-2006-5746 (The console in AirMagnet Enterprise does not properly validate
the ...)
- TODO: check
+ NOT-FOR-US: AirMagnet
CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the
...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5744 (Multiple SQL injection vulnerabilities in Highwall Enterprise
and ...)
- TODO: check
+ NOT-FOR-US: Highwall Enterprise
CVE-2006-5743 (Multiple cross-site scripting (XSS) vulnerabilities in Highwall
...)
- TODO: check
+ NOT-FOR-US: Highwall Enterprise
CVE-2006-5742 (The AirMagnet Enterprise console and Remote Sensor console
(Laptop) in ...)
- TODO: check
+ NOT-FOR-US: AirMagnet Enterprise
CVE-2006-5741 (Multiple cross-site scripting (XSS) vulnerabilities in
AirMagnet ...)
- TODO: check
+ NOT-FOR-US: AirMagnet Enterprise
CVE-2006-5739 (PHP remote file inclusion vulnerability in
cpadmin/cpa_index.php in ...)
- TODO: check
+ NOT-FOR-US: communityPortals
CVE-2006-5738 (Multiple SQL injection vulnerabilities in PunBB before 1.2.14
allow ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5737 (PunBB uses a predictable cookie_seed value that can be derived
from ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5736 (SQL injection vulnerability in search.php in PunBB before
1.2.14, when ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5735 (Directory traversal vulnerability in include/common.php in
PunBB ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5734 (Multiple PHP remote file inclusion vulnerabilities in ATutor
1.5.3.2 ...)
- TODO: check
+ NOT-FOR-US: ATutor
CVE-2006-5733 (Directory traversal vulnerability in error.php in PostNuke
0.763 and ...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2006-5732 (SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7
and ...)
- TODO: check
+ NOT-FOR-US: T.G.S. CMS
CVE-2006-5731 (Directory traversal vulnerability in classes/index.php in
Lithium CMS ...)
- TODO: check
+ NOT-FOR-US: Lithium CMS
CVE-2006-5730 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Modx CMS
CVE-2006-5729 (Yazd Discussion Forum before 3.0 beta does not properly manage
forum ...)
- TODO: check
+ NOT-FOR-US: Yazd Discussion Forum
CVE-2006-5728 (XM Easy Personal FTP Server 5.2.1 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: XM Easy Personal FTP Server
CVE-2006-5727 (PHP remote file inclusion vulnerability in
admin/controls/cart.php in ...)
- TODO: check
+ NOT-FOR-US: sazcart
CVE-2006-5726 (alloccgblk in the UFS filesystem in Solaris 10 allows local
users to ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-5725 (The SSL server in AEP Smartgate 4.3b allows remote attackers to
...)
- TODO: check
+ NOT-FOR-US: AEP Smartgate
CVE-2006-5724 (Heap-based buffer overflow the "Answering Service"
function in ICQ ...)
- TODO: check
+ NOT-FOR-US: ICQ
CVE-2006-5723 (SQL injection vulnerability in DataparkSearch Engine 4.42 and
earlier ...)
- TODO: check
+ NOT-FOR-US: DataparkSearch Engine
CVE-2006-5722 (Multiple PHP remote file inclusion vulnerabilities in Segue CMS
1.5.9 ...)
- TODO: check
+ NOT-FOR-US: Segue CMS
CVE-2006-5721 (The \Device\SandBox driver in Outpost Firewall PRO 4.0
(964.582.059) ...)
- TODO: check
+ NOT-FOR-US: Outpost Firewall PRO
CVE-2006-5720 (SQL injection vulnerability in modules/journal/search.php in
the ...)
- TODO: check
+ NOT-FOR-US: PHP-Nuke
CVE-2006-5719 (SQL injection vulnerability in libs/sessions.lib.php in
BytesFall ...)
- TODO: check
+ NOT-FOR-US: BytesFall Explorer (bfExplorer)
CVE-2006-5718 (Cross-site scripting (XSS) vulnerability in error.php in
phpMyAdmin ...)
TODO: check
CVE-2006-5717 (Multiple cross-site scripting (XSS) vulnerabilities in Zend
Google ...)
- TODO: check
+ NOT-FOR-US: Zend Google Data Client Library (ZendGData)
CVE-2006-5716 (Directory traversal vulnerability in aff_news.php in FreeNews
2.1 ...)
- TODO: check
+ NOT-FOR-US: FreeNews
CVE-2006-5715 (Easy File Sharing (EFS) Easy Address Book 1.2, when run on an
NTFS ...)
- TODO: check
+ NOT-FOR-US: Easy File Sharing (EFS) Easy Address Book
CVE-2006-5714 (Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS
file ...)
- TODO: check
+ NOT-FOR-US: Easy File Sharing (EFS) Web Server
CVE-2006-5713 (Cross-site scripting (XSS) vulnerability in Easy File Sharing
(EFS) ...)
- TODO: check
+ NOT-FOR-US: Easy File Sharing (EFS) Web Server
CVE-2006-5712 (Cross-site scripting (XSS) vulnerability in Mirapoint WebMail
allows ...)
- TODO: check
+ NOT-FOR-US: Mirapoint WebMail
CVE-2006-5711 (ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router allows
remote ...)
- TODO: check
+ NOT-FOR-US: ECI Telecom
CVE-2006-5710 (The Airport driver for certain Orinoco based Airport cards in
Darwin ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2006-5709 (Unspecified vulnerability in WorldClient in Alt-N Technologies
MDaemon ...)
- TODO: check
+ NOT-FOR-US: Alt-N Technologies MDaemon
CVE-2006-5708 (Multiple unspecified vulnerabilities in MDaemon and WorldClient
in ...)
- TODO: check
+ NOT-FOR-US: Alt-N Technologies MDaemon
CVE-2006-5707 (SQL injection vulnerability in index.php in PHPEasyData Pro
1.4.1 and ...)
- TODO: check
+ NOT-FOR-US: PHPEasyData
CVE-2006-5706 (Unspecified vulnerabilities in PHP, probably before 5.2.0,
allow local ...)
TODO: check
CVE-2006-5705 (Directory traversal vulnerability in plugins/wp-db-backup.php
in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
