[Secure-testing-commits] r3905 - data/CVE

Joey Hess joeyh at costa.debian.org
Tue May 2 09:14:26 UTC 2006 

Author: joeyh
Date: 2006-05-02 09:14:20 +0000 (Tue, 02 May 2006)
New Revision: 3905

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-01 09:14:25 UTC (rev 3904)
+++ data/CVE/list	2006-05-02 09:14:20 UTC (rev 3905)
@@ -1,3 +1,133 @@
+CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and ...)
+	TODO: check
+CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified allows ...)
+	TODO: check
+CVE-2006-2131 (include/class_poll.php in Advanced Poll 2.0.4 uses the ...)
+	TODO: check
+CVE-2006-2130 (SQL injection vulnerability in include/class_poll.php in Advanced Poll ...)
+	TODO: check
+CVE-2006-2129 (Direct static code injection vulnerability in Pro Publish 2.0 allows ...)
+	TODO: check
+CVE-2006-2128 (Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote ...)
+	TODO: check
+CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x ...)
+	TODO: check
+CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and ...)
+	TODO: check
+CVE-2006-2125 (Unspecified vulnerability in xterm in HP-UX B.11.00, B.11.11, and ...)
+	TODO: check
+CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and ...)
+	TODO: check
+CVE-2006-2123 (Multiple SQL injection vulnerabilities in the report interface in ...)
+	TODO: check
+CVE-2006-2122 (PHP remote file inclusion vulnerability in index.php in CoolMenus allows ...)
+	TODO: check
+CVE-2006-2121 (PHP remote file include vulnerability in admin/config_settings.tpl.php ...)
+	TODO: check
+CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers ...)
+	TODO: check
+CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in Artmedic ...)
+	TODO: check
+CVE-2006-2118 (JMK's Picture Gallery allows remote attackers to bypass authentication ...)
+	TODO: check
+CVE-2006-2117 (Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote ...)
+	TODO: check
+CVE-2006-2116 (planetGallery allows remote attackers to gain administrator privileges ...)
+	TODO: check
+CVE-2006-2115 (Format string vulnerability in SWS web Server 0.1.7 allows remote ...)
+	TODO: check
+CVE-2006-2114 (Buffer overflow in SWS web Server 0.1.7 allows remote attackers to ...)
+	TODO: check
+CVE-2006-2113
+	RESERVED
+CVE-2006-2112
+	RESERVED
+CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly other ...)
+	TODO: check
+CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x ...)
+	TODO: check
+CVE-2006-2109
+	RESERVED
+CVE-2006-2108 (parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to ...)
+	TODO: check
+CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote ...)
+	TODO: check
+CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Trac ...)
+	TODO: check
+CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 ...)
+	TODO: check
+CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email ...)
+	TODO: check
+CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows ...)
+	TODO: check
+CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote ...)
+	TODO: check
+CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote ...)
+	TODO: check
+CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows ...)
+	TODO: check
+CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote ...)
+	TODO: check
+CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex before ...)
+	TODO: check
+CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power Board ...)
+	TODO: check
+CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote ...)
+	TODO: check
+CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of service ...)
+	TODO: check
+CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and ...)
+	TODO: check
+CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-complicit ...)
+	TODO: check
+CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for Windows ...)
+	TODO: check
+CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows ...)
+	TODO: check
+CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x ...)
+	TODO: check
+CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in ...)
+	TODO: check
+CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open ...)
+	TODO: check
+CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...)
+	TODO: check
+CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx ...)
+	TODO: check
+CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in ...)
+	TODO: check
+CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 ...)
+	TODO: check
+CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended ...)
+	TODO: check
+CVE-2006-2082
+	RESERVED
+CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute ...)
+	TODO: check
+CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky ...)
+	TODO: check
+CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky ...)
+	TODO: check
+CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet products, ...)
+	TODO: check
+CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact ...)
+	TODO: check
+CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote ...)
+	TODO: check
+CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to ...)
+	TODO: check
+CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series routers ...)
+	TODO: check
+CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to cause ...)
+	TODO: check
+CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and ...)
+	TODO: check
+CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in ...)
+	TODO: check
+CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...)
+	TODO: check
+CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to execute a ...)
+	TODO: check
 CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...)
 	TODO: check
 CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 ...)
@@ -175,8 +305,7 @@
 CVE-2006-1990 (Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ...)
 	- php4 <unfixed> (bug #365311; medium)
 	- php5 <unfixed> (bug #365312; medium)
-CVE-2006-1989 [freshclam: lack of proper check for the size of header data]
-	RESERVED
+CVE-2006-1989 (Buffer overflow in the get_database function in the HTTP client in ...)
 	- clamav 0.88.2-1
 CVE-2006-1988 (The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function ...)
 	NOT-FOR-US: Apple Safari
@@ -11718,10 +11847,10 @@
 CVE-2005-2317 (Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before ...)
 	{DSA-849-1}
 	- shorewall 2.4.1-2 (bug #318946; medium)
-CVE-2005-2316
-	RESERVED
-CVE-2005-2315
-	RESERVED
+CVE-2005-2316 (Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers ...)
+	TODO: check
+CVE-2005-2315 (Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 ...)
+	TODO: check
 CVE-2005-2314 (inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to ...)
 	NOT-FOR-US: PHPsFTPd
 CVE-2005-2313 (Check Point SecuRemote NG with Application Intelligence R54 allows ...)
@@ -20623,12 +20752,12 @@
 	NOTE: These are known issues of IPSEC and basically every VPN system using
 	NOTE: encryption without authentication.
 	NOTE: openswan even prevents such configurations
-CVE-2005-0038
-	RESERVED
-CVE-2005-0037
-	RESERVED
-CVE-2005-0036
-	RESERVED
+CVE-2005-0038 (The DNS implementation of PowerDNS 2.9.16 and earlier allows remote ...)
+	TODO: check
+CVE-2005-0037 (The DNS implementation of DNRD before 2.10 allows remote attackers to ...)
+	TODO: check
+CVE-2005-0036 (The DNS implementation in DeleGate 8.10.2 and earlier allows remote ...)
+	TODO: check
 CVE-2005-0035 (The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and ...)
 	NOT-FOR-US: Adobe
 CVE-2005-0034 (An &quot;incorrect assumption&quot; in the authvalidated validator function in ...)

More information about the Secure-testing-commits mailing list