[Secure-testing-commits] r3724 - data/CVE
Joey Hess
joeyh at costa.debian.org
Fri Mar 31 09:14:29 UTC 2006
Author: joeyh
Date: 2006-03-31 09:14:22 +0000 (Fri, 31 Mar 2006)
New Revision: 3724
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-03-31 09:09:03 UTC (rev 3723)
+++ data/CVE/list 2006-03-31 09:14:22 UTC (rev 3724)
@@ -1,3 +1,113 @@
+CVE-2006-1545 (Direct static code injection vulnerability in admin/config.php in ...)
+ TODO: check
+CVE-2006-1544 (Multiple cross-site scripting (XSS) vulnerabilities in news.php in ...)
+ TODO: check
+CVE-2006-1543 (Multiple SQL injection vulnerabilities in vscripts (aka Kuba ...)
+ TODO: check
+CVE-2006-1542 (Stack-based buffer overflow in Python 2.4.2 and earlier, running on ...)
+ TODO: check
+CVE-2006-1541 (SQL injection vulnerability in Default.asp in EzASPSite 2.0 RC3 and ...)
+ TODO: check
+CVE-2006-1540 (Microsoft Office 2002 (aka Office XP) allows user-complicit attackers ...)
+ TODO: check
+CVE-2006-1539 (Multiple buffer overflows in the checkscores function in scores.c in ...)
+ TODO: check
+CVE-2006-1538 (The Enova X-Wall ASIC encrypts with a key obtained via Microwire from ...)
+ TODO: check
+CVE-2006-1537 (Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain ...)
+ TODO: check
+CVE-2006-1536 (Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts ...)
+ TODO: check
+CVE-2006-1535 (Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net ...)
+ TODO: check
+CVE-2006-1534 (Multiple SQL injection vulnerabilities in Null news allow remote ...)
+ TODO: check
+CVE-2006-1533 (SQL injection vulnerability in newsletter.php in Sourceworkshop ...)
+ TODO: check
+CVE-2006-1532 (Cross-site scripting (XSS) vulnerability in search.php in PHP ...)
+ TODO: check
+CVE-2006-1531
+ RESERVED
+CVE-2006-1530
+ RESERVED
+CVE-2006-1529
+ RESERVED
+CVE-2006-1528
+ RESERVED
+CVE-2006-1527
+ RESERVED
+CVE-2006-1526
+ RESERVED
+CVE-2006-1525
+ RESERVED
+CVE-2006-1524
+ RESERVED
+CVE-2006-1523
+ RESERVED
+CVE-2006-1522
+ RESERVED
+CVE-2006-1521
+ RESERVED
+CVE-2006-1520
+ RESERVED
+CVE-2006-1519
+ RESERVED
+CVE-2006-1518
+ RESERVED
+CVE-2006-1517
+ RESERVED
+CVE-2006-1516
+ RESERVED
+CVE-2006-1515
+ RESERVED
+CVE-2006-1514
+ RESERVED
+CVE-2006-1513
+ RESERVED
+CVE-2006-1512
+ RESERVED
+CVE-2006-1511 (Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and ...)
+ TODO: check
+CVE-2006-1510 (Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll ...)
+ TODO: check
+CVE-2006-1509 (/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 ...)
+ TODO: check
+CVE-2006-1508 (Multiple cross-site scripting (XSS) vulnerabilities in MH Software ...)
+ TODO: check
+CVE-2006-1507 (Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows ...)
+ TODO: check
+CVE-2006-1506 (Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine ...)
+ TODO: check
+CVE-2006-1505 (base_maintenance.php in Basic Analysis and Security Engine (BASE) ...)
+ TODO: check
+CVE-2006-1504 (Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 ...)
+ TODO: check
+CVE-2006-1503 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2006-1502 (Multiple integer overflows in MPlayer 1.0pre7try2 allow remote ...)
+ TODO: check
+CVE-2006-1501 (SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows ...)
+ TODO: check
+CVE-2006-1500 (SQL injection vulnerability in index.php in Tilde CMS 3.0 allows ...)
+ TODO: check
+CVE-2006-1499 (SQL injection vulnerability in vCounter.php in vCounter 1.0 allows ...)
+ TODO: check
+CVE-2006-1497 (Directory traversal vulnerability in index.php in ViHor Design allows ...)
+ TODO: check
+CVE-2006-1496 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2006-1495 (SQL injection vulnerability in general/sendpassword.php in (1) ...)
+ TODO: check
+CVE-2006-1494
+ RESERVED
+CVE-2006-1493 (Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP ...)
+ TODO: check
+CVE-2006-1492 (Directory traversal vulnerability in dir.php in Explorer XP allows ...)
+ TODO: check
+CVE-2006-1489 (Multiple SQL injection vulnerabilities in FusionZONE CouponZONE ...)
+ TODO: check
+CVE-2005-4748 (PHP remote file include vulnerability in functions_admin.php in ...)
+ TODO: check
CVE-2006-XXXX [gpib rpath set to /tmp]
- gpib <unfixed> (bug #358239; low)
[sarge] - gpib <not-affected> (rpath not set to /tmp in Sarge)
@@ -9,12 +119,12 @@
[sarge] - gauche <not-affected> (gauche-config is a shell script in Sarge)
CVE-2006-1550 [dia buffer overflow in xfig import]
- dia 0.94.0-18
-CVE-2006-1498 [Unspecified mediawiki issue]
+CVE-2006-1498 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and ...)
- mediawiki 1.4.15-1
- mediawiki1.5 1.5.8-1
-CVE-2006-1491 [horde3 eval injection()]
+CVE-2006-1491 (Eval injection vulnerability in Horde Application Framework versions ...)
- horde3 <unfixed>
-CVE-2006-1490 [PHP information leak]
+CVE-2006-1490 (PHP before 5.1.3-RC1 might allow remote attackers to obtain portions ...)
- php5 <unfixed> (bug #359904; low)
- php4 <unfixed> (bug #359907; low)
CVE-2006-1488 (ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the ...)
@@ -157,9 +267,9 @@
TODO: check
CVE-2006-1419 (SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 ...)
TODO: check
-CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in E-School ...)
+CVE-2006-1418 (Cross-site scripting (XSS) vulnerability in default.asp in Caloris ...)
TODO: check
-CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Web Quiz pro, ...)
+CVE-2006-1417 (Multiple cross-site scripting (XSS) vulnerabilities in Caloris ...)
TODO: check
CVE-2006-1416 (Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute ...)
TODO: check
@@ -183,7 +293,7 @@
TODO: check
CVE-2006-1406 (Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx ...)
TODO: check
-CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ssCMS 2.1.0 ...)
+CVE-2006-1405 (Cross-site scripting (XSS) vulnerability in search.aspx in ...)
TODO: check
CVE-2006-1404 (Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in ...)
TODO: check
@@ -1133,7 +1243,8 @@
NOT-FOR-US: MTS Pro
CVE-2006-0976 (Directory traversal vulnerability in scan_lang_insert.php in Boris ...)
NOT-FOR-US: SPiD
-CVE-2006-0975 (Multiple unspecified vulnerabilities in Will Estes and John Millaway ...)
+CVE-2006-0975
+ REJECTED
- flex 2.5.33-1
NOTE: There are other package affected by this vulnerability
NOTE: Martin Pitt has built a list for ubuntu and also mentionned that
@@ -2370,8 +2481,7 @@
CVE-2006-0460 (Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote ...)
{DSA-997-1}
- bomberclone 0.11.6.2-1
-CVE-2006-0459
- RESERVED
+CVE-2006-0459 (flex.skl in Will Estes and John Millaway Fast Lexical Analyzer ...)
{DSA-1020-1}
CVE-2006-0458 (The DCC ACCEPT command handler in irssi before ...)
TODO: check
More information about the Secure-testing-commits
mailing list