[Secure-testing-commits] r3770 - data/CVE

Joey Hess joeyh at costa.debian.org
Fri Apr 7 09:14:40 UTC 2006 

Author: joeyh
Date: 2006-04-07 09:14:32 +0000 (Fri, 07 Apr 2006)
New Revision: 3770

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-04-07 08:00:31 UTC (rev 3769)
+++ data/CVE/list	2006-04-07 09:14:32 UTC (rev 3770)
@@ -1,3 +1,57 @@
+CVE-2006-1656 (vserver in util-vserver 0.30.209 executes a command as root when the ...)
+	TODO: check
+CVE-2006-1655 (Unspecified vulnerability in mpg123 0.59r allows user-complicit ...)
+	TODO: check
+CVE-2006-1654 (Directory traversal vulnerability in the HP Color LaserJet 2500 ...)
+	TODO: check
+CVE-2006-1653 (PHP remote file inclusion vulnerability in loadkernel.php in ...)
+	TODO: check
+CVE-2006-1652 (Multiple buffer overflows in (a) UltraVNC (aka Ultr at VNC) 1.0.1 and ...)
+	TODO: check
+CVE-2006-1651 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-1650 (Firefox 1.5.0.1 allows remote attackers to spoof the address bar and ...)
+	TODO: check
+CVE-2006-1649 (The "restore to" selection in the "quarantine a file" capability of ...)
+	TODO: check
+CVE-2006-1648 (SMART SynchronEyes Student and Teacher 6.0, and possibly earlier ...)
+	TODO: check
+CVE-2006-1647 (An unspecified "logical programming mistake" in SMART SynchronEyes ...)
+	TODO: check
+CVE-2006-1646 (The Internet Key Exchange version 1 (IKEv1) implementation ...)
+	TODO: check
+CVE-2006-1645 (Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav ...)
+	TODO: check
+CVE-2006-1644 (login.php in Interact 2.1.1 generates different responses depending on ...)
+	TODO: check
+CVE-2006-1643 (SQL injection vulnerability in login.php in Interact 2.1.1 allows ...)
+	TODO: check
+CVE-2006-1642 (Cross-site scripting (XSS) vulnerability in Interact 2.1.1 allows ...)
+	TODO: check
+CVE-2006-1641 (Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote ...)
+	TODO: check
+CVE-2006-1640 (Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14 ...)
+	TODO: check
+CVE-2006-1639 (SQL injection vulnerability in index.php in wpBlog 0.4 allows remote ...)
+	TODO: check
+CVE-2006-1638 (Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote ...)
+	TODO: check
+CVE-2006-1637 (Multiple cross-site scripting (XSS) vulnerabilities in aWebBB 1.2 ...)
+	TODO: check
+CVE-2006-1636 (PHP remote file inclusion vulnerability in get_header.php in VWar ...)
+	TODO: check
+CVE-2006-1635 (LucidCMS 2.0.0 RC4 allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2006-1634 (Cross-site scripting (XSS) vulnerability in index.php in LucidCMS ...)
+	TODO: check
+CVE-2006-1633
+	RESERVED
+CVE-2006-1632
+	RESERVED
+CVE-2006-1631 (Unspecified vulnerability in the HTTP compression functionality in ...)
+	TODO: check
+CVE-2006-1629
+	RESERVED
 CVE-2006-1628
 	RESERVED
 CVE-2006-1627
@@ -2,3 +56,3 @@
 	RESERVED
-CVE-2006-1626 (Internet Explorer 6 for Windows XP SP2, and earlier allows remote ...)
+CVE-2006-1626 (Internet Explorer 6 for Windows XP SP2 and earlier allows remote ...)
 	TODO: check
@@ -92,6 +146,7 @@
 	{DSA-1024-1}
 	- clamav 0.88.1-1
 CVE-2006-1630 [clamav 0.88.1 fix possible crash in cli_bitset_test()]
+	RESERVED
 	{DSA-1024-1}
 	- clamav 0.88.1-1
 CVE-2006-1615 [clamav 0.88.1 format string flaws]
@@ -1309,8 +1364,7 @@
 	RESERVED
 CVE-2006-1056
 	RESERVED
-CVE-2006-1055 [local DoS in kernel's sysfs code]
-	RESERVED
+CVE-2006-1055 (The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 ...)
 	- linux-2.6 <unfixed>
 CVE-2006-1054
 	RESERVED
@@ -3078,7 +3132,7 @@
 CVE-2006-0302 (ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 ...)
 	NOT-FOR-US: ZyXel hardware
 CVE-2006-0301 (Heap-based buffer overflow in Splash.cc in xpdf, as used in other ...)
-	{DSA-998-1 DSA-984-1 DSA-983-1 DSA-982-1 DSA-979-1 DSA-974-1 DSA-972-1 DSA-971-1}
+	{DSA-1019-1 DSA-998-1 DSA-984-1 DSA-983-1 DSA-982-1 DSA-979-1 DSA-974-1 DSA-972-1 DSA-971-1}
 	- poppler 0.4.5-1 (medium)
 	- tetex-bin 3.0-12 (medium)
 	- kdegraphics 4:3.5.1-2 (medium)
@@ -7741,7 +7795,7 @@
 	- cupsys 1.1.23-13 (unimportant)
 	- pdfkit.framework 0.8-4
 CVE-2005-3192 (Heap-based buffer overflow in the StreamPredictor function in Xpdf ...)
-	{DSA-983-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
+	{DSA-1019-1 DSA-983-1 DSA-962-1 DSA-961-1 DSA-950-1 DSA-940-1 DSA-937-1 DSA-936-1 DSA-932-1 DSA-931-1}
 	- xpdf 3.01-3 (bug #342281; bug #342337; medium)
 	- gpdf 2.10.0-1 (bug #342286; medium)
 	- pdftohtml 0.36-12 (bug #342289; medium)

More information about the Secure-testing-commits mailing list