[Secure-testing-commits] r3948 - data/CVE

Joey Hess joeyh at costa.debian.org
Fri May 12 21:14:57 UTC 2006 

Author: joeyh
Date: 2006-05-12 21:14:39 +0000 (Fri, 12 May 2006)
New Revision: 3948

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-05-12 19:52:44 UTC (rev 3947)
+++ data/CVE/list	2006-05-12 21:14:39 UTC (rev 3948)
@@ -1,3 +1,91 @@
+CVE-2006-2341 (The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, ...)
+	TODO: check
+CVE-2006-2340 (Cross-site scripting (XSS) vulnerability in PassMasterFlex and ...)
+	TODO: check
+CVE-2006-2339 (SQL injection vulnerability in index.php in evoTopsites 2.x and ...)
+	TODO: check
+CVE-2006-2338 (PlaNet Concept plaNetStat 20050127 allows remote attackers to gain ...)
+	TODO: check
+CVE-2006-2337 (Directory traversal vulnerability in webcm in the D-Link DSL-G604T ...)
+	TODO: check
+CVE-2006-2336 (SQL injection vulnerability in showthread.php in MyBB (aka ...)
+	TODO: check
+CVE-2006-2335 (Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and ...)
+	TODO: check
+CVE-2006-2334 (The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in ...)
+	TODO: check
+CVE-2006-2333 (Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) ...)
+	TODO: check
+CVE-2006-2332 (Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2006-2331 (Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 ...)
+	TODO: check
+CVE-2006-2330 (PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server ...)
+	TODO: check
+CVE-2006-2329 (AngelineCMS 0.6.5 and earlier allow remote attackers to obtain ...)
+	TODO: check
+CVE-2006-2328 (SQL injection vulnerability in lib/adodb/server.php in AngelineCMS ...)
+	TODO: check
+CVE-2006-2327 (Integer overflow in the DPRPCNLM.NLM NDPS/iPrint module in Novell ...)
+	TODO: check
+CVE-2006-2326 (Directory traversal vulnerability in index.php in OnlyScript.info ...)
+	TODO: check
+CVE-2006-2325 (Cross-site scripting (XSS) vulnerability in index.php in ...)
+	TODO: check
+CVE-2006-2324 (180solutions Zango downloads "required Adware components" without ...)
+	TODO: check
+CVE-2006-2323 (Multiple PHP remote file inclusion vulnerabilities in SmartISoft ...)
+	TODO: check
+CVE-2006-2322 (The transparent proxy feature of the Cisco Application Velocity System ...)
+	TODO: check
+CVE-2006-2321 (Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science ...)
+	TODO: check
+CVE-2006-2320 (Multiple SQL injection vulnerabilities in Ideal Science Ideal BB ...)
+	TODO: check
+CVE-2006-2319 (Ideal Science Ideal BB 1.5.4a and earlier does not properly check file ...)
+	TODO: check
+CVE-2006-2318 (Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a ...)
+	TODO: check
+CVE-2006-2317 (Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier ...)
+	TODO: check
+CVE-2006-2316 (S24EvMon.exe in the Intel PROset/Wireless software, possibly ...)
+	TODO: check
+CVE-2006-2315 (PHP remote file inclusion vulnerability in session.inc.php in ...)
+	TODO: check
+CVE-2006-2314
+	RESERVED
+CVE-2006-2313
+	RESERVED
+CVE-2006-2312
+	RESERVED
+CVE-2006-2311
+	RESERVED
+CVE-2006-2310
+	RESERVED
+CVE-2006-2309
+	RESERVED
+CVE-2006-2308
+	RESERVED
+CVE-2006-2307 (Cross-site scripting (XSS) vulnerability in Website Baker CMS allows ...)
+	TODO: check
+CVE-2006-2306 (Cross-site scripting (XSS) vulnerability in moreinfo.asp in ...)
+	TODO: check
+CVE-2006-2305 (Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow ...)
+	TODO: check
+CVE-2006-2304 (Buffer overflow in DPRPCW32.DLL in Novell Client 4.83 SP3, 4.90 SP2 ...)
+	TODO: check
+CVE-2006-2303 (Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 ...)
+	TODO: check
+CVE-2006-2302 (SQL injection vulnerability in admin_default.asp in DUGallery 2.x ...)
+	TODO: check
+CVE-2006-2301 (SQL injection vulnerability in admin_default.asp in OzzyWork Galeri ...)
+	TODO: check
+CVE-2006-2300 (Multiple SQL injection vulnerabilities in EImagePro allow remote ...)
+	TODO: check
+CVE-2006-2299
+	RESERVED
+CVE-2006-2298 (The Internet Key Exchange version 1 (IKEv1) implementation in the ...)
+	TODO: check
 CVE-2006-2297 (Heap-based buffer overflow in Microsoft Infotech Storage System ...)
 	NOT-FOR-US: Microsoft Infotech Storage System
 CVE-2006-2296 (SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 ...)
@@ -30,7 +118,7 @@
 	NOT-FOR-US: phpRaid
 CVE-2006-2282 (Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier ...)
 	NOT-FOR-US: X7 Chat
-CVE-2006-2281 (X-Scripts X-Poll 2.30 allows remote attackers to execute arbitrary PHP ...)
+CVE-2006-2281 (X-Scripts X-Poll (xpoll) 2.30 allows remote attackers to execute ...)
 	NOT-FOR-US: X-Scripts X-Poll
 CVE-2006-2280 (Directory traversal vulnerability in website.php in openEngine 1.8 ...)
 	NOT-FOR-US: openEngine
@@ -46,8 +134,8 @@
 	TODO: check
 CVE-2006-2274 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
 	TODO: check
-CVE-2006-2273
-	RESERVED
+CVE-2006-2273 (The InstallProduct routine in the Verisign VUpdater.Install (aka ...)
+	TODO: check
 CVE-2006-2272 (Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a ...)
 	TODO: check
 CVE-2006-2271 (The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows ...)
@@ -986,10 +1074,10 @@
 	RESERVED
 CVE-2006-1861
 	RESERVED
-CVE-2006-1860
-	RESERVED
-CVE-2006-1859
-	RESERVED
+CVE-2006-1860 (lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows ...)
+	TODO: check
+CVE-2006-1859 (Memory leak in __setlease in fs/locks.c in Linux kernel before ...)
+	TODO: check
 CVE-2006-1858
 	RESERVED
 CVE-2006-1857

More information about the Secure-testing-commits mailing list