[Secure-testing-commits] r4023 - data/CVE
Alec Berryman
alec-guest at costa.debian.org
Sun May 21 10:16:24 UTC 2006
Author: alec-guest
Date: 2006-05-21 10:16:21 +0000 (Sun, 21 May 2006)
New Revision: 4023
Modified:
data/CVE/list
Log:
* found fixed pdns-recursor (not yet in etch)
* NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-21 09:52:00 UTC (rev 4022)
+++ data/CVE/list 2006-05-21 10:16:21 UTC (rev 4023)
@@ -854,7 +854,7 @@
CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php in ...)
NOT-FOR-US: OpenBB
CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open ...)
- TODO: check
+ NOT-FOR-US: OpenBB
CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote ...)
NOT-FOR-US: Hitachi Groupmax
CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx ...)
@@ -890,7 +890,7 @@
- bind9 <unfixed> (low)
[sarge] - bind9 <no-dsa> (Only exploitable by trusted users after TSIG transaction)
CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and ...)
- TODO: check
+ NOT-FOR-US: DeleGate
CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility function in ...)
TODO: check
CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State ...)
@@ -900,93 +900,93 @@
CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass ...)
TODO: check
CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 ...)
- TODO: check
+ NOT-FOR-US: DevBB
CVE-2006-2069 (The recursor in PowerDNS before 3.0.1 allows remote attackers to cause ...)
- TODO: check
+ - pdns-recursor 3.0.1-1 (medium)
CVE-2006-2068 (Unspecified vulnerability in Hitachi JP1 products allow remote ...)
NOT-FOR-US: Hitachi JP1
CVE-2006-2067 (SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, ...)
- TODO: check
+ NOT-FOR-US: MKPortal
CVE-2006-2066 (Multiple cross-site scripting (XSS) vulnerabilities pm_popup.php in ...)
- TODO: check
+ NOT-FOR-US: MKPortal
CVE-2006-2065 (SQL injection vulnerability in save.php in PHPSurveyor 0.995 and ...)
- TODO: check
+ NOT-FOR-US: PHPSurveyor
CVE-2006-2064 (Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 ...)
- TODO: check
+ NOT-FOR-US: Sun
CVE-2006-2063 (Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full ...)
- TODO: check
+ NOT-FOR-US: Leadhound
CVE-2006-2062 (Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, ...)
- TODO: check
+ NOT-FOR-US: Leadhound
CVE-2006-2061 (SQL injection vulnerability in lib/func_taskmanager.php in Invision ...)
- TODO: check
+ NOT-FOR-US: Invision
CVE-2006-2060 (Directory traversal vulnerability in action_admin/paysubscriptions.php ...)
- TODO: check
+ NOT-FOR-US: Invision
CVE-2006-2059 (action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x ...)
- TODO: check
+ NOT-FOR-US: Invision
CVE-2006-2058 (Argument injection vulnerability in Avant Browser 10.1 Build 17 allows ...)
- TODO: check
+ NOT-FOR-US: Avant
CVE-2006-2057 (Argument injection vulnerability in Mozilla Firefox 1.06 allows ...)
- TODO: check
+ NOT-FOR-US: Only on Windows
CVE-2006-2056 (Argument injection vulnerability in Internet Explorer 6 for Windows XP ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-2055 (Argument injection vulnerability in Micrsoft Outlook 2003 SP1 allows ...)
NOT-FOR-US: Micrsoft Outlook
CVE-2006-2054 (3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before ...)
NOT-FOR-US: 3Com
CVE-2006-2053 (Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier ...)
- TODO: check
+ NOT-FOR-US: QuickEStore
CVE-2006-2052 (Cross-site scripting (XSS) vulnerability in Verosky Media Instant ...)
- TODO: check
+ NOT-FOR-US: Verosky
CVE-2006-2051 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- TODO: check
+ NOT-FOR-US: NextAge
CVE-2006-2050 (SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite ...)
- TODO: check
+ NOT-FOR-US: DCScripts
CVE-2006-2049 (Cross-site scripting (XSS) vulnerability in dcboard.cgi in DCScripts ...)
- TODO: check
+ NOT-FOR-US: DCScripts
CVE-2006-2048 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
- TODO: check
+ NOT-FOR-US: phpWebFTP
CVE-2006-2047 (Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allows ...)
- TODO: check
+ NOT-FOR-US: ColdFusion
CVE-2006-2046 (Multiple SQL injection vulnerabilities in Application Dynamics ...)
- TODO: check
+ NOT-FOR-US: ColdFusion
CVE-2006-2045 (The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks ...)
- TODO: check
+ NOT-FOR-US: IP3
CVE-2006-2044 (na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default ...)
- TODO: check
+ NOT-FOR-US: IP3
CVE-2006-2043 (na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local ...)
- TODO: check
+ NOT-FOR-US: IP3
CVE-2006-2042 (Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2006-2041 (PhpWebGallery before 1.6.0RC1 allows remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: PhpWebGallery
CVE-2006-2040 (Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 ...)
- TODO: check
+ NOT-FOR-US: photokorn
CVE-2006-2039 (Multiple SQL injection vulnerabilities in the osTicket module in Help ...)
- TODO: check
+ NOT-FOR-US: Help Center Live
CVE-2006-2038 (Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier ...)
- TODO: check
+ NOT-FOR-US: ampleShop
CVE-2006-2037 (Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 ...)
- TODO: check
+ NOT-FOR-US: Thwboard
CVE-2006-2036 (iOpus Secure Email Attachments (SEA), probably 1.0, does not properly ...)
- TODO: check
+ NOT-FOR-US: iOpus
CVE-2006-2035 (Websense, when configured to permit access to the dynamic content ...)
- TODO: check
+ NOT-FOR-US: Websense
CVE-2006-2034 (SQL injection vulnerability in function/showprofile.php in FlexBB ...)
- TODO: check
+ NOT-FOR-US: FlexBB
CVE-2006-2033 (PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and ...)
- TODO: check
+ NOT-FOR-US: Core
CVE-2006-2032 (Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and ...)
- TODO: check
+ NOT-FOR-US: Core
CVE-2006-2031 (Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin ...)
TODO: check
CVE-2006-2030 (The Allied Telesyn AT-9724TS switch allows remote attackers to cause a ...)
NOT-FOR-US: Allied Telesyn
CVE-2006-2029 (Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog ...)
- TODO: check
+ NOT-FOR-US: Simplog
CVE-2006-2028 (Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy ...)
- TODO: check
+ NOT-FOR-US: Simplog
CVE-2006-2027 (Buffer overflow in Unicode processing in the logging functionality in ...)
- TODO: check
+ NOT-FOR-US: Pablo Software
CVE-2006-2026 (Double-free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows ...)
{DSA-1054-1}
[sarge] - tiff 3.7.2-3sarge1
@@ -1003,15 +1003,15 @@
[woody] - tiff 3.5.5-7woody1
- tiff 3.8.1
CVE-2006-2023 (Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c ...)
- TODO: check
+ NOT-FOR-US: Fenice
CVE-2006-2022 (Buffer overflow in the parse_url function in the RTSP module ...)
- TODO: check
+ NOT-FOR-US: Fenice
CVE-2006-2021 (Absolute path traversal vulnerability in recordings/misc/audio.php in ...)
- TODO: check
+ NOT-FOR-US: Asterisk at Home
CVE-2006-2020 (Asterisk Recording Interface (ARI) in Asterisk at Home before 2.8 stores ...)
- TODO: check
+ NOT-FOR-US: Asterisk at Home
CVE-2006-2019 (Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2005-4791 (Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 ...)
TODO: check
CVE-2005-4790 (Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and ...)
More information about the Secure-testing-commits
mailing list