[Secure-testing-commits] r4018 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Sat May 20 23:28:12 UTC 2006
Author: alec-guest
Date: 2006-05-20 23:28:08 +0000 (Sat, 20 May 2006)
New Revision: 4018
Modified:
data/CVE/list
Log:
* pdnsd vulns (high)
* mydns vuln (high)
* quake3 vuln (itp)
* more NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-20 22:59:58 UTC (rev 4017)
+++ data/CVE/list 2006-05-20 23:28:08 UTC (rev 4018)
@@ -813,46 +813,46 @@
NOTE: #357204: request for removal
- jsboard 2.0.10-2
CVE-2006-2108 (parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: OCE
CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: BL4
CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software Trac ...)
- trac 0.9.5-1 (medium)
[sarge] - trac <unfixed> (medium)
CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 ...)
- TODO: check
+ NOT-FOR-US: Jupiter
CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email ...)
- TODO: check
+ NOT-FOR-US: Kamgaing
CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote ...)
- TODO: check
+ NOT-FOR-US: PowerISO
CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote ...)
- TODO: check
+ NOT-FOR-US: WinISO
CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows ...)
- TODO: check
+ NOT-FOR-US: Magic ISO
CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote ...)
- TODO: check
+ NOT-FOR-US: UltraISO
CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex before ...)
- TODO: check
+ NOT-FOR-US: Thumbnail AutoIndex
CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power Board ...)
- TODO: check
+ NOT-FOR-US: Invision
CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: LDU
CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of service ...)
- TODO: check
+ NOT-FOR-US: Phex
CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 and ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows user-complicit ...)
- libnasl <unfixed> (bug #365898; low)
CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for Windows ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows ...)
NOT-FOR-US: Virtual War
CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x ...)
- TODO: check
+ NOT-FOR-US: MySmartBB
CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in ...)
- TODO: check
+ NOT-FOR-US: OpenBB
CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open ...)
TODO: check
CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...)
@@ -862,27 +862,27 @@
CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in ...)
NOT-FOR-US: SpeedProject Squeez
CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 ...)
- TODO: check
+ NOT-FOR-US: FarsiNews
CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended ...)
- rsync 2.6.8-1 (bug #365614; high)
[sarge] - rsync <not-affected> (xattr patch appeared in 2.6.7)
[woody] - rsync <not-affected> (xattr patch appeared in 2.6.7)
CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in ...)
- TODO: check
+ - quake3 <itp> (bug #337937)
CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute ...)
NOT-FOR-US: Oracle
CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky ...)
- TODO: check
+ NOT-FOR-US: Verosky
CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky ...)
- TODO: check
+ NOT-FOR-US: Verosky
CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet products, ...)
- TODO: check
+ NOT-FOR-US: FITELnet
CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact ...)
- TODO: check
+ - pdnsd <unfixed> (high)
CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote ...)
- TODO: check
+ - pdnsd <unfixed> (high)
CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to ...)
- TODO: check
+ - mydns <unfixed> (high)
CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series routers ...)
NOT-FOR-US: Juniper Networks JUNOSe
CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers to cause ...)
More information about the Secure-testing-commits
mailing list