[Secure-testing-commits] r5185 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Dec 27 21:14:32 CET 2006
Author: joeyh
Date: 2006-12-27 21:14:30 +0100 (Wed, 27 Dec 2006)
New Revision: 5185
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-27 19:31:25 UTC (rev 5184)
+++ data/CVE/list 2006-12-27 20:14:30 UTC (rev 5185)
@@ -1,3 +1,151 @@
+CVE-2006-6768 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...)
+ TODO: check
+CVE-2006-6767
+ RESERVED
+CVE-2006-6766 (Multiple SQL injection vulnerabilities in cwmExplorer 1.1.0 and ...)
+ TODO: check
+CVE-2006-6765 (Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php ...)
+ TODO: check
+CVE-2006-6764 (PHP remote file inclusion vulnerability in authenticate.php in Keep It ...)
+ TODO: check
+CVE-2006-6763 (Multiple PHP remote file inclusion vulnerabilities in the Keep It ...)
+ TODO: check
+CVE-2006-6762 (The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows ...)
+ TODO: check
+CVE-2006-6761 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell ...)
+ TODO: check
+CVE-2006-6760 (Multiple PHP remote file inclusion vulnerabilities in template.php in ...)
+ TODO: check
+CVE-2006-6759 (A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer ...)
+ TODO: check
+CVE-2006-6758 (Directory traversal vulnerability in Http explorer 1.02 allows remote ...)
+ TODO: check
+CVE-2006-6757 (Directory traversal vulnerability in index.php in cwmExplorer 1.0 ...)
+ TODO: check
+CVE-2006-6756 (The code function in install.fct.php in Ixprim 1.2 produces a ...)
+ TODO: check
+CVE-2006-6755 (Ixprim 1.2 allows remote attackers to obtain sensitive information via ...)
+ TODO: check
+CVE-2006-6754 (Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote ...)
+ TODO: check
+CVE-2006-6753 (Event Viewer (eventvwr.exe) in Microsoft Windows does not properly ...)
+ TODO: check
+CVE-2006-6752 (Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain ...)
+ TODO: check
+CVE-2006-6751 (Format string vulnerability in XM Easy Personal FTP Server 5.2.1 ...)
+ TODO: check
+CVE-2006-6750 (Format string vulnerability in XM Easy Personal FTP Server 5.0.1 ...)
+ TODO: check
+CVE-2006-6749 (Buffer overflow in the parse_expression function in parse_config in ...)
+ TODO: check
+CVE-2006-6748 (PHP remote file inclusion vulnerability in i-accueil.php in Newxooper ...)
+ TODO: check
+CVE-2006-6747 (SQL injection vulnerability in show_news.php in Xt-News 0.1 allows ...)
+ TODO: check
+CVE-2006-6746 (Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 ...)
+ TODO: check
+CVE-2006-6745 (Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) ...)
+ TODO: check
+CVE-2006-6744 (phpProfiles before 2.1.1 does not have an index.php or other index ...)
+ TODO: check
+CVE-2006-6743 (phpProfiles before 2.1.1 uses world writable permissions for certain ...)
+ TODO: check
+CVE-2006-6742 (Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP ...)
+ TODO: check
+CVE-2006-6741 (Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal ...)
+ TODO: check
+CVE-2006-6740 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles ...)
+ TODO: check
+CVE-2006-6739 (PHP remote file inclusion vulnerability in buycd.php in Paristemi ...)
+ TODO: check
+CVE-2006-6738 (PHP remote file inclusion vulnerability in statistic.php in cwmCounter ...)
+ TODO: check
+CVE-2006-6737 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java ...)
+ TODO: check
+CVE-2006-6736 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java ...)
+ TODO: check
+CVE-2006-6735 (modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web ...)
+ TODO: check
+CVE-2006-6734 (Cross-site scripting (XSS) vulnerability in modules/viewcategory.php ...)
+ TODO: check
+CVE-2006-6733 (Cross-site scripting (XSS) vulnerability in support/view.php in ...)
+ TODO: check
+CVE-2006-6732 (PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 ...)
+ TODO: check
+CVE-2006-6731 (Multiple buffer overflows in Sun Java Development Kit (JDK) and Java ...)
+ TODO: check
+CVE-2006-6730 (OpenBSD and NetBSD permit usermode code to kill the display server and ...)
+ TODO: check
+CVE-2006-6729 (Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier ...)
+ TODO: check
+CVE-2006-6728 (Unspecified vulnerability in the info request mechanism in LAN ...)
+ TODO: check
+CVE-2006-6727 (PHP remote file inclusion vulnerability in inertianews_class.php in ...)
+ TODO: check
+CVE-2006-6726 (PHP remote file inclusion vulnerability in inertianews_main.php in ...)
+ TODO: check
+CVE-2006-6725 (Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and ...)
+ TODO: check
+CVE-2006-6724 (BolinTech Dream FTP Server 1.02 allows remote authenticated users, ...)
+ TODO: check
+CVE-2006-6723 (The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows ...)
+ TODO: check
+CVE-2006-6722 (Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers ...)
+ TODO: check
+CVE-2006-6721 (Cross-site scripting (XSS) vulnerability in shout.php in Knusperleicht ...)
+ TODO: check
+CVE-2006-6720 (PHP remote file inclusion vulnerability in admin/index_sitios.php in ...)
+ TODO: check
+CVE-2006-6719 (The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) ...)
+ TODO: check
+CVE-2006-6718 (The Allied Telesis AT-9000/24 Ethernet switch has a default password ...)
+ TODO: check
+CVE-2006-6717 (The Allied Telesis AT-9000/24 Ethernet switch accepts management ...)
+ TODO: check
+CVE-2006-6716 (SQL injection vulnerability in administration/administre2.php in Eric ...)
+ TODO: check
+CVE-2006-6715 (PHP remote file inclusion vulnerability in footer.inc.php in PowerClan ...)
+ TODO: check
+CVE-2006-6714 (Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before ...)
+ TODO: check
+CVE-2006-6713 (Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before ...)
+ TODO: check
+CVE-2006-6712 (Cross-site scripting (XSS) vulnerability in SugarCRM Open Source ...)
+ TODO: check
+CVE-2006-6711 (PHP remote file inclusion vulnerability in compteur/mapage.php in ...)
+ TODO: check
+CVE-2006-6710 (Multiple PHP remote file inclusion vulnerabilities in PgmReloaded ...)
+ TODO: check
+CVE-2006-6709 (Multiple SQL injection vulnerabilities in MGinternet Property Site ...)
+ TODO: check
+CVE-2006-6708 (Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet ...)
+ TODO: check
+CVE-2006-6707 (Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ...)
+ TODO: check
+CVE-2006-6706 (SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 ...)
+ TODO: check
+CVE-2006-6705 (Multiple unspecified vulnerabilities in the template files in Soumu ...)
+ TODO: check
+CVE-2006-6704 (Cross-site scripting (XSS) vulnerability in the Webadmin in @Mail ...)
+ TODO: check
+CVE-2006-6703 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal ...)
+ TODO: check
+CVE-2006-6702 (Cross-site scripting (XSS) vulnerability in Global.pm in @Mail before ...)
+ TODO: check
+CVE-2006-6701 (Cross-site request forgery (CSRF) vulnerability in @Mail WebMail ...)
+ TODO: check
+CVE-2006-6700 (Cross-site scripting (XSS) vulnerability in @Mail WebMail allows ...)
+ TODO: check
+CVE-2006-6699 (Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and ...)
+ TODO: check
+CVE-2006-6698 (The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files ...)
+ TODO: check
+CVE-2005-4816 (Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote ...)
+ TODO: check
+CVE-2003-1314 (PHP remote file inclusion vulnerability in admin/auth.php in ...)
+ TODO: check
+CVE-2003-1313 (Multiple PHP remote file inclusion vulnerabilities in EternalMart ...)
+ TODO: check
CVE-2006-XXXX [openser permissions module buffer overflow]
- openser 1.1.0-8 (medium; bug #404591)
NOTE: OpenPKG-SA-2006.042
@@ -50,7 +198,7 @@
- netrik 1.15.3-1.1 (medium; bug #404233)
CVE-2006-6677 (ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a ...)
NOT-FOR-US: ESET NOD32 Antivirus
-CVE-2006-6676 (Integer overflow in ESET NOD32 Antivirus before 1.1743 allows remote ...)
+CVE-2006-6676 (Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 ...)
NOT-FOR-US: ESET NOD32 Antivirus
CVE-2006-6675 (Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support ...)
NOT-FOR-US: Novell
@@ -383,7 +531,7 @@
NOT-FOR-US: AppIntellect SpotLight CRM
CVE-2006-6542 (SQL injection vulnerability in news.php in Fantastic News 2.1.4 and ...)
NOT-FOR-US: Fantastic News
-CVE-2006-6541 (PHP remote file inclusion vulnerability in signer/final.php in ...)
+CVE-2006-6541 (** DISPUTED ** ...)
NOT-FOR-US: Animated Smiley Generator
CVE-2006-6540 (SQL injection vulnerability in bt-trackback.php in Bluetrait before ...)
NOT-FOR-US: Bluetrait
@@ -692,10 +840,10 @@
NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro
CVE-2006-6426 (PHP remote file inclusion vulnerability in design/thinkedit/render.php ...)
NOT-FOR-US: ThinkEdit
-CVE-2006-6425
- RESERVED
-CVE-2006-6424
- RESERVED
+CVE-2006-6425 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell ...)
+ TODO: check
+CVE-2006-6424 (Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow ...)
+ TODO: check
CVE-2006-6423 (Stack-based buffer overflow in the IMAP service for MailEnable ...)
NOT-FOR-US: MailEnable
CVE-2006-6422 (Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle ...)
@@ -2393,7 +2541,7 @@
NOT-FOR-US: Simple Website Software
CVE-2006-5635 (SQL injection vulnerability in forum/search.asp in Web Wiz Forums ...)
NOT-FOR-US: Web Wiz Forums
-CVE-2006-5634 (Multile PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...)
+CVE-2006-5634 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...)
NOT-FOR-US: phpProfiles
CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers ...)
- firefox <removed> (unimportant)
@@ -5592,7 +5740,7 @@
NOT-FOR-US: ASPPlayground.NET Forum Advanced Edition
CVE-2006-4205 (Multiple PHP remote file inclusion vulnerabilities in WebDynamite ...)
NOT-FOR-US: WebDynamite ProjectButler
-CVE-2006-4204 (Multile PHP remote file inclusion vulnerabilities in PHProjekt 5.1 and ...)
+CVE-2006-4204 (Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 ...)
NOT-FOR-US: PHProjekt
CVE-2006-4203 (PHP remote file inclusion vulnerability in help.mmp.php in the MMP ...)
NOT-FOR-US: MMP Component (com_mmp) for Mambo
More information about the Secure-testing-commits
mailing list