[Secure-testing-commits] r4936 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Wed Nov 8 20:46:49 CET 2006
Author: stef-guest
Date: 2006-11-08 20:46:48 +0100 (Wed, 08 Nov 2006)
New Revision: 4936
Modified:
data/CVE/list
Log:
some NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-08 19:20:43 UTC (rev 4935)
+++ data/CVE/list 2006-11-08 19:46:48 UTC (rev 4936)
@@ -3,73 +3,73 @@
CVE-2006-XXXX [motion insecure tempfile creation]
- motion 3.2.3-2 (bug #393846; low)
CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote ...)
- TODO: check
+ NOT-FOR-US: XLink Omni-NFS Enterprise
CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG ...)
- elog <unfixed> (medium; bug #392016)
CVE-2006-5790 (Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and ...)
- elog <unfixed> (medium; bug #392016)
CVE-2006-5789 (WarFTPd 1.82.00-RC11 allows remote authenticated users to cause a ...)
- TODO: check
+ NOT-FOR-US: WarFTPd
CVE-2006-5788 (PHP remote file inclusion vulnerability in (1) index.php and (2) ...)
- TODO: check
+ NOT-FOR-US: IPrimal Forums
CVE-2006-5787 (admin/index.php in IPrimal Forums as of 20061105 allows remote ...)
- TODO: check
+ NOT-FOR-US: IPrimal Forums
CVE-2006-5786 (Directory traversal vulnerability in class2.php in e107 0.7.5 and ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2006-5785 (Unspecified vulnerability in SAP Web Application Server 6.40 before ...)
- TODO: check
+ NOT-FOR-US: SAP Web Application Server
CVE-2006-5784 (Unspecified vulnerability in SAP Web Application Server 6.40 before ...)
- TODO: check
+ NOT-FOR-US: SAP Web Application Server
CVE-2006-5783 (** DISPUTED ** ...)
- TODO: check
+ NOTE: irreproducible firefox issue
CVE-2006-5782
RESERVED
CVE-2006-5781 (Stack-based buffer overflow in the handshake function in iodine 0.3.2 ...)
- TODO: check
+ NOT-FOR-US: iodine
CVE-2006-5780 (Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 ...)
- TODO: check
+ NOT-FOR-US: XLink Omni-NFS
CVE-2006-5779 (Unspecified vulnerability in the openldap-2.2.29-1 package of OpenLDAP ...)
TODO: check
CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Creasito E-Commerce Content Manager
CVE-2006-5776 (** DISPUTED ** ...)
- TODO: check
+ NOT-FOR-US: Ariadne
CVE-2006-5775 (Cross-site scripting (XSS) vulnerability in profile.php in FunkBoard ...)
- TODO: check
+ NOT-FOR-US: FunkBoard
CVE-2006-5774 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System before ...)
- TODO: check
+ NOT-FOR-US: Hyper NIKKI System
CVE-2006-5773 (Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 ...)
- TODO: check
+ NOT-FOR-US: FreeWebshop
CVE-2006-5772 (Multiple SQL injection vulnerabilities in index.php in FreeWebshop ...)
- TODO: check
+ NOT-FOR-US: FreeWebshop
CVE-2006-5771 (Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 and 2.0 ...)
- TODO: check
+ NOT-FOR-US: Arkoon SSL360
CVE-2006-5770 (Multiple cross-site scripting (XSS) vulnerabilities in Mobile allow ...)
- TODO: check
+ NOT-FOR-US: Mobile
CVE-2006-5769 (Multiple cross-site scripting (XSS) vulnerabilities in admin.tool CMS ...)
- TODO: check
+ NOT-FOR-US: admin.tool CMS
CVE-2006-5768 (Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 ...)
- TODO: check
+ NOT-FOR-US: Cyberfolio
CVE-2006-5767 (PHP remote file inclusion vulnerability in includes/xhtml.php in Drake ...)
- TODO: check
+ NOT-FOR-US: Drake CMS
CVE-2006-5766 (PHP remote file inclusion vulnerability in volume.php in Article ...)
- TODO: check
+ NOT-FOR-US: Article System
CVE-2006-5765 (SQL injection vulnerability in rss.php in Article Script 1.6.3 and ...)
- TODO: check
+ NOT-FOR-US: Article Script
CVE-2006-5764 (PHP remote file inclusion vulnerability in contact.php in Free File ...)
- TODO: check
+ NOT-FOR-US: Free File Hosting
CVE-2006-5763 (Multiple PHP remote file inclusion vulnerabilities in Free File ...)
- TODO: check
+ NOT-FOR-US: Free File Hosting
CVE-2006-5762 (PHP remote file inclusion vulnerability in forgot_pass.php in Free ...)
- TODO: check
+ NOT-FOR-US: Free File Hosting
CVE-2006-5761 (Cross-site scripting (XSS) vulnerability in index.php in Rhadrix ...)
- TODO: check
+ NOT-FOR-US: Rhadrix If-CMS
CVE-2006-5760 (Multiple PHP remote file inclusion vulnerabilities in phpDynaSite ...)
- TODO: check
+ NOT-FOR-US: phpDynaSite
CVE-2006-5759 (index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote ...)
- TODO: check
+ NOT-FOR-US: Rhadrix If-CMS
CVE-2006-5758 (Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5757 (Race condition in the __find_get_block_slow function in the ISO9660 ...)
TODO: check
CVE-2006-5756
@@ -93,83 +93,83 @@
CVE-2006-5747
RESERVED
CVE-2006-5746 (The console in AirMagnet Enterprise does not properly validate the ...)
- TODO: check
+ NOT-FOR-US: AirMagnet
CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2006-5744 (Multiple SQL injection vulnerabilities in Highwall Enterprise and ...)
- TODO: check
+ NOT-FOR-US: Highwall Enterprise
CVE-2006-5743 (Multiple cross-site scripting (XSS) vulnerabilities in Highwall ...)
- TODO: check
+ NOT-FOR-US: Highwall Enterprise
CVE-2006-5742 (The AirMagnet Enterprise console and Remote Sensor console (Laptop) in ...)
- TODO: check
+ NOT-FOR-US: AirMagnet Enterprise
CVE-2006-5741 (Multiple cross-site scripting (XSS) vulnerabilities in AirMagnet ...)
- TODO: check
+ NOT-FOR-US: AirMagnet Enterprise
CVE-2006-5739 (PHP remote file inclusion vulnerability in cpadmin/cpa_index.php in ...)
- TODO: check
+ NOT-FOR-US: communityPortals
CVE-2006-5738 (Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5737 (PunBB uses a predictable cookie_seed value that can be derived from ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5736 (SQL injection vulnerability in search.php in PunBB before 1.2.14, when ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5735 (Directory traversal vulnerability in include/common.php in PunBB ...)
- TODO: check
+ NOT-FOR-US: PunBB
CVE-2006-5734 (Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 ...)
- TODO: check
+ NOT-FOR-US: ATutor
CVE-2006-5733 (Directory traversal vulnerability in error.php in PostNuke 0.763 and ...)
- TODO: check
+ NOT-FOR-US: PostNuke
CVE-2006-5732 (SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and ...)
- TODO: check
+ NOT-FOR-US: T.G.S. CMS
CVE-2006-5731 (Directory traversal vulnerability in classes/index.php in Lithium CMS ...)
- TODO: check
+ NOT-FOR-US: Lithium CMS
CVE-2006-5730 (PHP remote file inclusion vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Modx CMS
CVE-2006-5729 (Yazd Discussion Forum before 3.0 beta does not properly manage forum ...)
- TODO: check
+ NOT-FOR-US: Yazd Discussion Forum
CVE-2006-5728 (XM Easy Personal FTP Server 5.2.1 and earlier allows remote ...)
- TODO: check
+ NOT-FOR-US: XM Easy Personal FTP Server
CVE-2006-5727 (PHP remote file inclusion vulnerability in admin/controls/cart.php in ...)
- TODO: check
+ NOT-FOR-US: sazcart
CVE-2006-5726 (alloccgblk in the UFS filesystem in Solaris 10 allows local users to ...)
- TODO: check
+ NOT-FOR-US: Solaris
CVE-2006-5725 (The SSL server in AEP Smartgate 4.3b allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: AEP Smartgate
CVE-2006-5724 (Heap-based buffer overflow the "Answering Service" function in ICQ ...)
- TODO: check
+ NOT-FOR-US: ICQ
CVE-2006-5723 (SQL injection vulnerability in DataparkSearch Engine 4.42 and earlier ...)
- TODO: check
+ NOT-FOR-US: DataparkSearch Engine
CVE-2006-5722 (Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 ...)
- TODO: check
+ NOT-FOR-US: Segue CMS
CVE-2006-5721 (The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) ...)
- TODO: check
+ NOT-FOR-US: Outpost Firewall PRO
CVE-2006-5720 (SQL injection vulnerability in modules/journal/search.php in the ...)
- TODO: check
+ NOT-FOR-US: PHP-Nuke
CVE-2006-5719 (SQL injection vulnerability in libs/sessions.lib.php in BytesFall ...)
- TODO: check
+ NOT-FOR-US: BytesFall Explorer (bfExplorer)
CVE-2006-5718 (Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin ...)
TODO: check
CVE-2006-5717 (Multiple cross-site scripting (XSS) vulnerabilities in Zend Google ...)
- TODO: check
+ NOT-FOR-US: Zend Google Data Client Library (ZendGData)
CVE-2006-5716 (Directory traversal vulnerability in aff_news.php in FreeNews 2.1 ...)
- TODO: check
+ NOT-FOR-US: FreeNews
CVE-2006-5715 (Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS ...)
- TODO: check
+ NOT-FOR-US: Easy File Sharing (EFS) Easy Address Book
CVE-2006-5714 (Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file ...)
- TODO: check
+ NOT-FOR-US: Easy File Sharing (EFS) Web Server
CVE-2006-5713 (Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) ...)
- TODO: check
+ NOT-FOR-US: Easy File Sharing (EFS) Web Server
CVE-2006-5712 (Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows ...)
- TODO: check
+ NOT-FOR-US: Mirapoint WebMail
CVE-2006-5711 (ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router allows remote ...)
- TODO: check
+ NOT-FOR-US: ECI Telecom
CVE-2006-5710 (The Airport driver for certain Orinoco based Airport cards in Darwin ...)
- TODO: check
+ NOT-FOR-US: Apple Mac OS X
CVE-2006-5709 (Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon ...)
- TODO: check
+ NOT-FOR-US: Alt-N Technologies MDaemon
CVE-2006-5708 (Multiple unspecified vulnerabilities in MDaemon and WorldClient in ...)
- TODO: check
+ NOT-FOR-US: Alt-N Technologies MDaemon
CVE-2006-5707 (SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and ...)
- TODO: check
+ NOT-FOR-US: PHPEasyData
CVE-2006-5706 (Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local ...)
TODO: check
CVE-2006-5705 (Directory traversal vulnerability in plugins/wp-db-backup.php in ...)
More information about the Secure-testing-commits
mailing list