[Secure-testing-commits] r3923 - data/CVE
Joey Hess
joeyh at costa.debian.org
Tue May 9 09:14:43 UTC 2006
Author: joeyh
Date: 2006-05-09 09:14:29 +0000 (Tue, 09 May 2006)
New Revision: 3923
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-08 07:23:24 UTC (rev 3922)
+++ data/CVE/list 2006-05-09 09:14:29 UTC (rev 3923)
@@ -1,3 +1,121 @@
+CVE-2006-2270 (PHP remote file inclusion vulnerability in includes/config.php in ...)
+ TODO: check
+CVE-2006-2269 (Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3 ...)
+ TODO: check
+CVE-2006-2268 (SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows ...)
+ TODO: check
+CVE-2006-2267 (Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause ...)
+ TODO: check
+CVE-2006-2266 (SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to ...)
+ TODO: check
+CVE-2006-2265 (Cross-site scripting vulnerability in admin/main.asp in Ocean12 ...)
+ TODO: check
+CVE-2006-2264 (Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro ...)
+ TODO: check
+CVE-2006-2263 (SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows ...)
+ TODO: check
+CVE-2006-2262 (Cross-site scripting (XSS) vulnerability in index.php in singapore ...)
+ TODO: check
+CVE-2006-2261 (PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 ...)
+ TODO: check
+CVE-2006-2260 (Cross-site scripting (XSS) vulnerability in the project module ...)
+ TODO: check
+CVE-2006-2259 (SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows ...)
+ TODO: check
+CVE-2006-2258 (Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule ...)
+ TODO: check
+CVE-2006-2257 (Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 ...)
+ TODO: check
+CVE-2006-2256 (PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp ...)
+ TODO: check
+CVE-2006-2255 (Multiple SQL injection vulnerabilities in Creative Community Portal ...)
+ TODO: check
+CVE-2006-2254 (Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote ...)
+ TODO: check
+CVE-2006-2253 (PHP remote file inclusion vulnerability in visible_count_inc.php in ...)
+ TODO: check
+CVE-2006-2252 (Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 ...)
+ TODO: check
+CVE-2006-2251 (SQL injection vulnerability in the do_mmod function in mod.php in ...)
+ TODO: check
+CVE-2006-2250 (CuteNews 1.4.1 allows remote attackers to obtain sensitive information ...)
+ TODO: check
+CVE-2006-2249 (Multiple cross-site scripting (XSS) vulnerabilities in search.php in ...)
+ TODO: check
+CVE-2006-2248 (Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source ...)
+ TODO: check
+CVE-2006-2247 (WebCalendar 1.0.1 to 1.0.3 generates different error messages ...)
+ TODO: check
+CVE-2006-2246 (Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition ...)
+ TODO: check
+CVE-2006-2245 (PHP remote file inclusion vulnerability in auction\auction_common.php ...)
+ TODO: check
+CVE-2006-2244 (Multiple SQL injection vulnerabilities in Web4Future News Portal allow ...)
+ TODO: check
+CVE-2006-2243 (Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News ...)
+ TODO: check
+CVE-2006-2242 (acFTP 1.4 allows remote attackers to cause a denial of service ...)
+ TODO: check
+CVE-2006-2241 (PHP remote file inclusion vulnerability in show.php in Fast Click SQL ...)
+ TODO: check
+CVE-2006-2240 (Unspecified vulnerability in the (1) web cache or (2) web proxy in ...)
+ TODO: check
+CVE-2006-2239 (SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows ...)
+ TODO: check
+CVE-2006-2238
+ RESERVED
+CVE-2006-2237 (The web interface for AWStats 6.4 and 6.5, when statistics updates are ...)
+ TODO: check
+CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...)
+ TODO: check
+CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is ...)
+ TODO: check
+CVE-2006-2234 (Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta ...)
+ TODO: check
+CVE-2006-2233 (Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) ...)
+ TODO: check
+CVE-2006-2232 (Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook ...)
+ TODO: check
+CVE-2006-2231 (Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in ...)
+ TODO: check
+CVE-2006-2230 (Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine ...)
+ TODO: check
+CVE-2006-2229 (OpenVPN 2.0.7 and earlier, when configured to use the --management ...)
+ TODO: check
+CVE-2006-2228 (Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) ...)
+ TODO: check
+CVE-2006-2227 (Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 ...)
+ TODO: check
+CVE-2006-2226 (Buffer overflow in XM Easy Personal FTP Server 4.2 allows remote ...)
+ TODO: check
+CVE-2006-2225 (Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows ...)
+ TODO: check
+CVE-2006-2224 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce ...)
+ TODO: check
+CVE-2006-2223 (RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly ...)
+ TODO: check
+CVE-2006-2222 (Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, ...)
+ TODO: check
+CVE-2006-2221 (A third-party installer generation tool, possibly BitRock ...)
+ TODO: check
+CVE-2006-2220
+ RESERVED
+CVE-2006-2219
+ RESERVED
+CVE-2006-2218 (Unspecified vulnerability in Internet Explorer 6.0 on Microsoft ...)
+ TODO: check
+CVE-2006-2217 (SQL injection vulnerability in index.php in Invision Power Board ...)
+ TODO: check
+CVE-2006-2216 (Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to obtain ...)
+ TODO: check
+CVE-2006-2215 (Multiple cross-site scripting (XSS) vulnerabilities in Albinator 2.x ...)
+ TODO: check
+CVE-2005-4797 (Directory traversal vulnerability in printd line printer daemon (lpd) ...)
+ TODO: check
+CVE-2005-4796 (Unspecified vulnerability in the XView library (libxview.so) in ...)
+ TODO: check
+CVE-2005-4795 (Unspecified vulnerability in the multi-language environment library ...)
+ TODO: check
CVE-2006-XXXX [pstotext insufficient filename sanitizing]
- pstotext 1.9-3 (bug #356988; medium)
CVE-2006-XXXX [cyrus-imapd allows user probes]
@@ -28,7 +146,7 @@
TODO: check
CVE-2006-2202 (SQL injection vulnerability in post.php in Invision Gallery 2.0.6 ...)
TODO: check
-CVE-2006-2201 (Unspecified vulnerability in CA CAI Resource Initialization Manager ...)
+CVE-2006-2201 (Unspecified vulnerability in CA Resource Initialization Manager ...)
TODO: check
CVE-2006-2200
RESERVED
@@ -108,8 +226,8 @@
TODO: check
CVE-2006-2162 (Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before ...)
TODO: check
-CVE-2006-2161
- RESERVED
+CVE-2006-2161 (Buffer overflow in TZipBuilder 1.79.03.01 allows remote attackers to ...)
+ TODO: check
CVE-2006-XXXX [MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution]
- mysql-dfsg-5.0 5.0.21-1 (bug #365939)
- mysql-dfsg-4.1 <unfixed> (bug #365939)
@@ -2492,8 +2610,8 @@
RESERVED
CVE-2006-1173
RESERVED
-CVE-2006-1172
- RESERVED
+CVE-2006-1172 (Stack-based buffer overflow in the createPKCS10 function in ...)
+ TODO: check
CVE-2006-1171
RESERVED
CVE-2006-1170
@@ -3972,8 +4090,8 @@
NOTE: http://www.securityfocus.com/bid/16551
CVE-2006-0516 (Unspecified vulnerability in the kernel processing in Solaris 10 64 ...)
NOT-FOR-US: Solaris
-CVE-2006-0515
- RESERVED
+CVE-2006-0515 (Cisco PIX 7.0.x before 7.0.x and 6.3.x before 6.3.5(112), and FWSM ...)
+ TODO: check
CVE-2006-0514
RESERVED
CVE-2006-0513 (Directory traversal vulnerability in pkmslogout in Tivoli Web Server ...)
@@ -13315,7 +13433,7 @@
NOT-FOR-US: PHP-Fusion
CVE-2005-2073 (Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through ...)
NOT-FOR-US: DB2
-CVE-2005-2072 (ld.so in Solaris 9 and 10 trusts the LD_AUDIT environment variable in ...)
+CVE-2005-2072 (The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT ...)
NOT-FOR-US: Solaris
CVE-2005-2071 (traceroute in Sun Solaris 10 on x86 systems allows local users to ...)
NOT-FOR-US: Solaris
More information about the Secure-testing-commits
mailing list