[Secure-testing-commits] r4907 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Nov 1 21:14:20 CET 2006 

Author: joeyh
Date: 2006-11-01 21:14:19 +0100 (Wed, 01 Nov 2006)
New Revision: 4907

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-01 17:24:12 UTC (rev 4906)
+++ data/CVE/list	2006-11-01 20:14:19 UTC (rev 4907)
@@ -1,3 +1,67 @@
+CVE-2006-5643 (Cross-site scripting (XSS) vulnerability in search_de.html in foresite ...)
+	TODO: check
+CVE-2006-5642 (Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown ...)
+	TODO: check
+CVE-2006-5641 (SQL injection vulnerability in MainAnnounce2.asp in Techno Dreams ...)
+	TODO: check
+CVE-2006-5640 (SQL injection vulnerability in guestbookview.asp in Techno Dreams ...)
+	TODO: check
+CVE-2006-5639 (Unspecified vulnerability in the random number generator in OpenWBEM ...)
+	TODO: check
+CVE-2006-5638 (Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing ...)
+	TODO: check
+CVE-2006-5637 (PHP remote file inclusion vulnerability in faq_reply.php in Faq ...)
+	TODO: check
+CVE-2006-5636 (PHP remote file inclusion vulnerability in common.php in Simple ...)
+	TODO: check
+CVE-2006-5635 (SQL injection vulnerability in forum/search.asp in Web Wiz Forums ...)
+	TODO: check
+CVE-2006-5634 (Multile PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...)
+	TODO: check
+CVE-2006-5633 (Firefox 1.5.0.7 and 2.0 allows remote attackers to cause a denial of ...)
+	TODO: check
+CVE-2006-5632 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
+	TODO: check
+CVE-2006-5631 (Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop ...)
+	TODO: check
+CVE-2006-5630 (Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to ...)
+	TODO: check
+CVE-2006-5629 (Multiple SQL injection vulnerabilities in Hosting Controller 6.1 ...)
+	TODO: check
+CVE-2006-5628 (SQL injection vulnerability in login.asp in UNISOR Content Management ...)
+	TODO: check
+CVE-2006-5627 (Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and ...)
+	TODO: check
+CVE-2006-5626 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
+CVE-2006-5625 (PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in ...)
+	TODO: check
+CVE-2006-5624 (Multiple PHP remote file inclusion vulnerabilities in Multi-Page ...)
+	TODO: check
+CVE-2006-5623 (PHP remote file inclusion vulnerability in ip.inc.php in Electronic ...)
+	TODO: check
+CVE-2006-5622 (SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery ...)
+	TODO: check
+CVE-2006-5621 (PHP remote file inclusion vulnerability in end.php in ask_rave 0.9 PR ...)
+	TODO: check
+CVE-2006-5620 (PHP remote file inclusion vulnerability in include/menu_builder.php in ...)
+	TODO: check
+CVE-2006-5619 (The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in ...)
+	TODO: check
+CVE-2006-5618 (Directory traversal vulnerability in script/cat_for_aff.php in Netref ...)
+	TODO: check
+CVE-2006-5617 (Directory traversal vulnerability in index.php in Thepeak File Upload ...)
+	TODO: check
+CVE-2006-5616 (Multiple unspecified vulnerabilities in OpenPBS, as use in SUSE Linux ...)
+	TODO: check
+CVE-2006-5615 (PHP remote file inclusion vulnerability in publish.php in Textpattern ...)
+	TODO: check
+CVE-2006-5614 (Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP ...)
+	TODO: check
+CVE-2006-5613 (PHP remote file inclusion in Core/core.inc.php in MP3 Streaming ...)
+	TODO: check
+CVE-2006-5612 (PHP remote file inclusion vulnerability in aide.php3 in GestArt beta ...)
+	TODO: check
 CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 ...)
 	TODO: check
 CVE-2006-5610 (PHP remote file inclusion vulnerability in player/includes/common.php ...)
@@ -8,8 +72,8 @@
 	TODO: check
 CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 ...)
 	TODO: check
-CVE-2006-5606
-	RESERVED
+CVE-2006-5606 (Multiple SQL injection vulnerabilities in BytesFall Explorer ...)
+	TODO: check
 CVE-2006-5605 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	TODO: check
 CVE-2006-5604 (Directory traversal vulnerability in phpcards.header.php in phpCards ...)
@@ -198,7 +262,7 @@
 	- wireshark 0.99.4-1 (bug #396258; medium)
 CVE-2006-5602 (Multiple memory leaks in xsupplicant before 1.2.6, and possibly other ...)
 	- xsupplicant <unfixed> (bug #396204; medium)
-CVE-2006-5601 (Stack-based buffer overflow in xsupplicant before 1.2.6, and possibly ...)
+CVE-2006-5601 (Stack-based buffer overflow in the eap_do_notify function in eap.c in ...)
 	- xsupplicant <unfixed> (bug #396204; medium)
 CVE-2006-XXXX [several possible mysql 5.0 local DoS vulnerabilities]
 	- mysql-dfsg-5.0 5.0.26-1 (low)
@@ -2970,8 +3034,7 @@
 	RESERVED
 CVE-2006-4249
 	RESERVED
-CVE-2006-4248 [thttpd insecure use of temporary files]
-	RESERVED
+CVE-2006-4248 (thttpd on Debian GNU/Linux, and possibly other distributions, allows ...)
 	- thttpd 2.23beta1-5 (bug #396277)
 CVE-2006-4247 (Unspecified vulnerability in the Password Reset Tool before 0.4.1 on ...)
 	[sarge] - zope-cmfplone <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list