[Secure-testing-commits] r3539 - data/CVE
Stefan Fritsch
stef-guest at costa.debian.org
Sun Feb 26 16:11:34 UTC 2006
Author: stef-guest
Date: 2006-02-26 16:11:28 +0000 (Sun, 26 Feb 2006)
New Revision: 3539
Modified:
data/CVE/list
Log:
new php-auth, popfile, mambo issues
claim some more
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-02-26 15:00:56 UTC (rev 3538)
+++ data/CVE/list 2006-02-26 16:11:28 UTC (rev 3539)
@@ -1,60 +1,58 @@
CVE-2006-0883
RESERVED
-
-begin claimed by stef-guest
-
CVE-2006-0882 (Directory traversal vulnerability in include.php in Noah's Classifieds ...)
- TODO: check
+ NOT-FOR-US: Noah's Classifieds
CVE-2006-0881 (Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php ...)
- TODO: check
+ NOT-FOR-US: Noah's Classifieds
CVE-2006-0880 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: Noah's Classifieds
CVE-2006-0879 (SQL injection vulnerability in the search tool in Noah's Classifieds ...)
- TODO: check
+ NOT-FOR-US: Noah's Classifieds
CVE-2006-0878 (Noah's Classifieds 1.3 allows remote attackers to obtain the ...)
- TODO: check
+ NOT-FOR-US: Noah's Classifieds
CVE-2006-0877 (Cross-site scripting vulnerability in Easy Forum 2.5 allows remote ...)
- TODO: check
+ NOT-FOR-US: Easy Forum
CVE-2006-0876 (POPFile before 0.22.4 allows remote attackers to cause a denial of ...)
- TODO: check
+ - popfile <unfixed> (bug #354464; medium)
CVE-2006-0875 (Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 ...)
- TODO: check
+ NOT-FOR-US: runCMS
CVE-2006-0874 (Multiple unspecified vulnerabilities in Intensive Point iUser ...)
- TODO: check
+ NOT-FOR-US: Intensive Point iUser Ecommerce
CVE-2006-0873 (Absolute path traversal vulnerability in docs/showdocs.php in ...)
- TODO: check
+ - coppermine <itp> (bug #259206)
CVE-2006-0872 (Directory traversal vulnerability in init.inc.php in Coppermine Photo ...)
- TODO: check
+ - coppermine <itp> (bug #259206)
CVE-2006-0871 (Unspecified vulnerability in Mambo 4.5.3, 4.5.3h, and possibly ...)
- TODO: check
+ - mambo <unfixed> (bug #354468)
+ NOTE: only in experimental
CVE-2006-0870 (SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 ...)
- TODO: check
+ NOT-FOR-US: Mini-Nuke CMS
CVE-2006-0869 (Directory traversal vulnerability in the "remember me" feature in PHP ...)
- TODO: check
+ NOT-FOR-US: PHP PEAR LiveUser
CVE-2006-0868 (Multiple unspecified injection vulnerabilities in unspecified Auth ...)
- TODO: check
+ - php-auth <unfixed> (bug #354474)
CVE-2006-0867 (Buffer overflow in certain versions of South River (aka SRT) WebDrive, ...)
- TODO: check
+ NOT-FOR-US: WebDrive
CVE-2006-0866 (PunBB 1.2.10 and earlier allows remote attackers to conduct brute ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-0865 (PunBB 1.2.10 and earlier allows remote attackers to cause a denial of ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-0864 (filescan in Global Hauri ViRobot 2.0 20050817 does not verify the ...)
- TODO: check
+ NOT-FOR-US: Global Hauri ViRobot
CVE-2006-0863 (InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote ...)
- TODO: check
+ NOT-FOR-US: InfoVista PortalSE
CVE-2006-0862 (Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on ...)
- TODO: check
+ NOT-FOR-US: InfoVista PortalSE
CVE-2006-0861 (Michael Salzer Guestbox 0.6 allows remote attackers to obtain the ...)
- TODO: check
+ NOT-FOR-US: Michael Salzer Guestbox
CVE-2006-0860 (Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer ...)
- TODO: check
+ NOT-FOR-US: Michael Salzer Guestbox
CVE-2006-0859 (Michael Salzer Guestbox 0.6 allows remote attackers to post an admin ...)
- TODO: check
+ NOT-FOR-US: Michael Salzer Guestbox
CVE-2006-0858 (Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the ...)
- TODO: check
+ NOT-FOR-US: StarForce Safe'n'Sec Personal
-end claimed by stef-guest
+begin claimed by stef-guest
CVE-2006-0857 (Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 ...)
TODO: check
@@ -86,6 +84,9 @@
TODO: check
CVE-2006-0843 (Leif M. Wright's Blog 3.5 stores the config file and other txt files ...)
TODO: check
+
+end claimed by stef-guest
+
CVE-2006-0842 (Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows ...)
TODO: check
CVE-2006-0841 (Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 ...)
More information about the Secure-testing-commits
mailing list