[Secure-testing-commits] r3443 - data/CVE

Joey Hess joeyh at costa.debian.org
Wed Feb 8 09:14:28 UTC 2006 

Author: joeyh
Date: 2006-02-08 09:14:21 +0000 (Wed, 08 Feb 2006)
New Revision: 3443

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-08 08:47:28 UTC (rev 3442)
+++ data/CVE/list	2006-02-08 09:14:21 UTC (rev 3443)
@@ -1,3 +1,57 @@
+CVE-2006-0593 (Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 ...)
+	TODO: check
+CVE-2006-0592 (Unspecified vulnerability in the Lexmark Printer Sharing service ...)
+	TODO: check
+CVE-2006-0591 (The crypt_gensalt functions for BSDI-style extended DES-based and ...)
+	TODO: check
+CVE-2006-0590 (MyTopix 1.2.3 allows remote attackers to obtain the installation path ...)
+	TODO: check
+CVE-2006-0589 (MyTopix 1.2.3 allows remote attackers to obtain the installation path ...)
+	TODO: check
+CVE-2006-0588 (SQL injection vulnerability in search.php in MyTopix 1.2.3 allows ...)
+	TODO: check
+CVE-2006-0587 (Unspecified vulnerability in Gallery before 1.5.2-pl2 allows remote ...)
+	TODO: check
+CVE-2006-0586 (Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before ...)
+	TODO: check
+CVE-2006-0585 (jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows ...)
+	TODO: check
+CVE-2006-0584 (The PSCipher function in PeopleSoft People Tools 8.4x uses weak ...)
+	TODO: check
+CVE-2006-0583 (SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and ...)
+	TODO: check
+CVE-2006-0582 (Unspecified vulnerability in Heimdal rshd 0.6.x before 0.6.6 and 0.7.x ...)
+	TODO: check
+CVE-2006-0581 (SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 ...)
+	TODO: check
+CVE-2006-0580 (IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial ...)
+	TODO: check
+CVE-2006-0579 (Multiple integer overflows in (1) the new_demux_packet function in ...)
+	TODO: check
+CVE-2006-0578 (Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce ...)
+	TODO: check
+CVE-2006-0577 (Lexmark X1185 printer allows local users to gain SYSTEM privileges by ...)
+	TODO: check
+CVE-2006-0576 (Untrusted search path vulnerability in opcontrol in OProfile allows ...)
+	TODO: check
+CVE-2006-0575 (convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to ...)
+	TODO: check
+CVE-2006-0574 (Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel ...)
+	TODO: check
+CVE-2006-0573 (Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and ...)
+	TODO: check
+CVE-2006-0572 (phpstatus 1.0 does not require passwords when using cookies to ...)
+	TODO: check
+CVE-2006-0571 (Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 ...)
+	TODO: check
+CVE-2006-0570 (Multiple SQL injection vulnerabilities in phpstatus 1.0, when ...)
+	TODO: check
+CVE-2006-0569 (Cross-site scripting (XSS) vulnerability in user_class.php in Papoo ...)
+	TODO: check
+CVE-2006-0568 (Cross-site scripting (XSS) vulnerability in throw.main in Outblaze ...)
+	TODO: check
+CVE-2006-0567 (Directory traversal vulnerability in Files Xaraya module before 0.5.1, ...)
+	TODO: check
 CVE-2006-XXXX [bluez-hcidump DoS]
 	- bluez-hcidump <unfixed> (bug filed)
 begin claimed by jmm
@@ -57,7 +111,7 @@
 	TODO: check
 CVE-2006-0539 (The convert-fcrontab program in fcron 3.0.0 might allow local users to ...)
 	TODO: check
-CVE-2006-0538 (IronMail 5.0.1, when &quot;Denial of Service Protection&quot; is enabled, allows ...)
+CVE-2006-0538 (CipherTrust IronMail 5.0.1, when &quot;Denial of Service Protection&quot; is ...)
 	TODO: check
 CVE-2006-0537 (Buffer overflow in eXchange POP3 before 5.0.060125 allows remote ...)
 	TODO: check
@@ -317,8 +371,7 @@
 	RESERVED
 CVE-2006-0455
 	RESERVED
-CVE-2006-0454 [kernel remote DoS in ICMP code]
-	RESERVED
+CVE-2006-0454 (Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ...)
 	- linux-2.6 2.6.15-5
 	[sarge] - kernel-source-2.6.8 <not-affected>
 	[sarge] - kernel-source-2.4.27 <not-affected>
@@ -1079,7 +1132,7 @@
 	- libphp-adodb <unfixed> (medium; bug #349985)
 CVE-2006-0146 (The server.php test script in ADOdb for PHP before 4.70, as used in ...)
 	- libphp-adodb <unfixed> (medium; bug #349985)
-CVE-2006-0145 (The lseek system call in kernfs in NetBSD 1.6 through 2.1 does not ...)
+CVE-2006-0145 (The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and ...)
 	NOT-FOR-US: NetBSD
 CVE-2006-0144 (The proxy server feature in go-pear.php in PHP PEAR 0.2.2 allows ...)
 	TODO: check, whether this is included in the PEAR packages from PHP 4 oder 5
@@ -2917,8 +2970,8 @@
 	RESERVED
 CVE-2006-0024
 	RESERVED
-CVE-2006-0023
-	RESERVED
+CVE-2006-0023 (Microsoft Windows XP SP1 and SP2 before August 2004, and possibly ...)
+	TODO: check
 CVE-2006-0022
 	RESERVED
 CVE-2006-0021
@@ -19492,7 +19545,7 @@
 	{DSA-518}
 	- kdelibs 4:3.2.3
 CVE-2004-0410
-	RESERVED
+	REJECTED
 CVE-2004-0409 (Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 ...)
 	{DSA-493}
 	- xchat 2.0.8-1
@@ -21559,7 +21612,7 @@
 CVE-2003-0464 (The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are ...)
 	NOTE: fixed in linux 2.4.22-pre8
 CVE-2003-0463
-	RESERVED
+	REJECTED
 CVE-2003-0462 (A race condition in the way env_start and env_end pointers are ...)
 	{DSA-423 DSA-358}
 	- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.1)

More information about the Secure-testing-commits mailing list