[Secure-testing-commits] r4993 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Nov 22 09:14:24 CET 2006
Author: joeyh
Date: 2006-11-22 09:14:21 +0100 (Wed, 22 Nov 2006)
New Revision: 4993
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-21 22:20:07 UTC (rev 4992)
+++ data/CVE/list 2006-11-22 08:14:21 UTC (rev 4993)
@@ -1,3 +1,185 @@
+CVE-2006-6062 (Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other ...)
+ TODO: check
+CVE-2006-6061 (com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and ...)
+ TODO: check
+CVE-2006-6060 (The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and ...)
+ TODO: check
+CVE-2006-6059 (Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear ...)
+ TODO: check
+CVE-2006-6058 (The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and ...)
+ TODO: check
+CVE-2006-6057 (The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on ...)
+ TODO: check
+CVE-2006-6056 (Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when ...)
+ TODO: check
+CVE-2006-6055 (Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link ...)
+ TODO: check
+CVE-2006-6054 (The ext2 file system code in Linux kernel 2.6.x allows local users to ...)
+ TODO: check
+CVE-2006-6053 (The ext3fs_dirhash function in Linux kernel 2.6.x allows local users ...)
+ TODO: check
+CVE-2006-6052 (NetEpi Case Manager before 0.98 generates different error messages ...)
+ TODO: check
+CVE-2006-6051 (PHP remote file inclusion vulnerability in reporter.logic.php in the ...)
+ TODO: check
+CVE-2006-6050 (Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em ...)
+ TODO: check
+CVE-2006-6049 (PHP remote file inclusion vulnerability in shambo2.php in the Shambo2 ...)
+ TODO: check
+CVE-2006-6048 (SQL injection vulnerability in index.php in Etomite CMS 0.6.1.2, when ...)
+ TODO: check
+CVE-2006-6047 (Directory traversal vulnerability in manager/index.php in Etomite ...)
+ TODO: check
+CVE-2006-6046 (Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 ...)
+ TODO: check
+CVE-2006-6045 (Multiple PHP remote file inclusion vulnerabilities in Comdev One Admin ...)
+ TODO: check
+CVE-2006-6044 (PHP remote file inclusion vulnerability in gallery_top.inc.php in ...)
+ TODO: check
+CVE-2006-6043 (PHP file inclusion vulnerability in loginform-inc.php in Oliver ...)
+ TODO: check
+CVE-2006-6042 (PHP remote file inclusion vulnerability in core/editor.php in ...)
+ TODO: check
+CVE-2006-6041 (Multiple PHP remote file inclusion vulnerabilities in WORK system ...)
+ TODO: check
+CVE-2006-6040 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-6039 (SQL injection vulnerability in matchdetail.php in Powie's PHP ...)
+ TODO: check
+CVE-2006-6038 (SQL injection vulnerability in editpoll.php in Powie's PHP Forum ...)
+ TODO: check
+CVE-2006-6037 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+ TODO: check
+CVE-2006-6036 (SQL injection vulnerability in OpenHuman before 1.0 allows remote ...)
+ TODO: check
+CVE-2006-6035 (Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 ...)
+ TODO: check
+CVE-2006-6034 (Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 ...)
+ TODO: check
+CVE-2006-6033 (Multiple directory traversal vulnerabilities in Simple PHP Blog ...)
+ TODO: check
+CVE-2006-6032 (Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog ...)
+ TODO: check
+CVE-2006-6031 (Multiple SQL injection vulnerabilities in Greater Cincinnati Internet ...)
+ TODO: check
+CVE-2006-6030 (Multiple SQL injection vulnerabilities in E-Calendar Pro 3.0 allow ...)
+ TODO: check
+CVE-2006-6029 (SQL injection vulnerability in vir_Login.asp in Property Pro 1.0 ...)
+ TODO: check
+CVE-2006-6028 (Directory traversal vulnerability in textview.php in Anton Vlasov ...)
+ TODO: check
+CVE-2006-6027 (Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote ...)
+ TODO: check
+CVE-2006-6026 (Heap-based buffer overflow in Helix DNA Server 11.0 and 11.1 has ...)
+ TODO: check
+CVE-2006-6025 (QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a ...)
+ TODO: check
+CVE-2006-6024 (Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 ...)
+ TODO: check
+CVE-2006-6023 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-6022 (Cross-site scripting (XSS) vulnerability in login_form.asp in ...)
+ TODO: check
+CVE-2006-6021 (SQL injection vulnerability in the login component in BestWebApp ...)
+ TODO: check
+CVE-2006-6020 (Cross-site scripting (XSS) vulnerability in announce.php in Blog ...)
+ TODO: check
+CVE-2006-6019 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2006-6018 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-6017 (WordPress before 2.0.5 does not properly store a profile containing a ...)
+ TODO: check
+CVE-2006-6016 (wp-admin/user-edit.php in WordPress before 2.0.5 allows remote ...)
+ TODO: check
+CVE-2006-6015 (Buffer overflow in the JavaScript implementation in Safari on Apple ...)
+ TODO: check
+CVE-2006-6014 (The NetBSD-current kernel before 20061028 does not properly perform ...)
+ TODO: check
+CVE-2006-6013 (Integer signedness error in the fw_ioctl (FW_IOCTL) function in the ...)
+ TODO: check
+CVE-2006-6012 (Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in ...)
+ TODO: check
+CVE-2006-6011 (Unspecified vulnerability in SAP Web Application Server before 6.40 ...)
+ TODO: check
+CVE-2006-6010 (SAP allows remote attackers to obtain potentially sensitive ...)
+ TODO: check
+CVE-2006-6009 (Unspecified vulnerability in the Java Runtime Environment (JRE) Swing ...)
+ TODO: check
+CVE-2006-6008 (ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, ...)
+ TODO: check
+CVE-2006-6007 (save_profile.asp in WebEvents (Online Event Registration Template) 2.0 ...)
+ TODO: check
+CVE-2006-6006
+ RESERVED
+CVE-2006-6005
+ RESERVED
+CVE-2006-6004
+ RESERVED
+CVE-2006-6003
+ RESERVED
+CVE-2006-6002
+ RESERVED
+CVE-2006-6001
+ RESERVED
+CVE-2006-6000
+ RESERVED
+CVE-2006-5999
+ RESERVED
+CVE-2006-5998
+ RESERVED
+CVE-2006-5997
+ RESERVED
+CVE-2006-5996
+ RESERVED
+CVE-2006-5995
+ RESERVED
+CVE-2006-5994
+ RESERVED
+CVE-2006-5993
+ RESERVED
+CVE-2006-5992
+ RESERVED
+CVE-2006-5991 (Multiple SQL injection vulnerabilities in wwweb concepts CactuShop ...)
+ TODO: check
+CVE-2006-5990 (VMWare VirtualCenter client 2.x before 2.0.1 Patch 1 (Build 33643) and ...)
+ TODO: check
+CVE-2006-5989 (Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 ...)
+ TODO: check
+CVE-2006-5988 (Unspecified vulnerability in Windows 2000 Advanced Server SP4 running ...)
+ TODO: check
+CVE-2006-5987 (SQL injection vulnerability in default.asp in ASPintranet 2.1 allows ...)
+ TODO: check
+CVE-2006-5986 (admin/options.php in Extreme CMS 0.9, and possibly earlier, does not ...)
+ TODO: check
+CVE-2006-5985 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-5984 (Multiple cross-site scripting (XSS) vulnerabilities in Helm Web ...)
+ TODO: check
+CVE-2006-5983 (Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software ...)
+ TODO: check
+CVE-2006-5982 (Selenium Server 1.0, and possibly earlier, stores user passwords in ...)
+ TODO: check
+CVE-2006-5981 (Multiple directory traversal vulnerabilities in Selenium Server 1.0, ...)
+ TODO: check
+CVE-2006-5980 (adm_lgn_admin.asp in Renasoft NetJetServer 2.5.3.939, and possibly ...)
+ TODO: check
+CVE-2006-5979 (Renasoft NetJetServer 2.5.3.939, and possibly earlier, uses insecure ...)
+ TODO: check
+CVE-2006-5978 (Unspecified vulnerability in E-Xoopport before 2.2.0 has unknown ...)
+ TODO: check
+CVE-2006-5977 (Multiple SQL injection vulnerabilities in MultiCalendars allow remote ...)
+ TODO: check
+CVE-2006-5976 (Multiple SQL injection vulnerabilities in admin_login.asp in BlogMe ...)
+ TODO: check
+CVE-2006-5975 (Multiple cross-site scripting (XSS) vulnerabilities in comments.asp in ...)
+ TODO: check
+CVE-2006-5974
+ RESERVED
+CVE-2006-5973 (Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and ...)
+ TODO: check
+CVE-2005-4815 (SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before ...)
+ TODO: check
CVE-2006-XXXX [dovecot off-by-one]
- dovecot 1.0.rc15-1
[sarge] - dovecot <not-affected> (Vulnerable code not present)
@@ -222,8 +404,7 @@
RESERVED
CVE-2006-5869
RESERVED
-CVE-2006-5868
- RESERVED
+CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 ...)
{DSA-1213}
CVE-2006-5867
RESERVED
@@ -331,7 +512,7 @@
NOT-FOR-US: Parallels
CVE-2006-5816 (Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko ...)
NOT-FOR-US: Business Card Web Builder
-CVE-2006-5815 (Unspecified vulnerability in ProFTPD allows remote attackers to ...)
+CVE-2006-5815 (Buffer overflow in ProFTPD 1.3.0 and earlier, when configured to use ...)
{DSA-1218}
- proftpd-dfsg 1.3.0-13 (bug #399070)
- proftpd <removed>
@@ -411,7 +592,7 @@
NOT-FOR-US: iodine
CVE-2006-5780 (Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 ...)
NOT-FOR-US: XLink Omni-NFS
-CVE-2006-5779 (Unspecified vulnerability in the openldap-2.2.29-1 package of OpenLDAP ...)
+CVE-2006-5779 (OpenLDAP 2.2.29 and earlier allows remote attackers to cause a denial ...)
- openldap2.2 <unfixed> (bug #397673)
- openldap2.3 2.3.29-1
CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to ...)
@@ -1905,7 +2086,7 @@
NOT-FOR-US: HP-UX Samba
CVE-2006-5090 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix ...)
NOT-FOR-US: Phoenix Evolution CMS (PECMS)
-CVE-2006-5089 (PHP remote file inclusion vulnerability in mybic_server.php in My-BIC ...)
+CVE-2006-5089 (** DISPUTED ** ...)
NOT-FOR-US: My-BIC
CVE-2006-5088 (PHP remote file inclusion vulnerability in connected_users.lib.php3 in ...)
NOT-FOR-US: phpMyChat
@@ -2513,7 +2694,6 @@
CVE-2006-4803 (The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager ...)
NOT-FOR-US: Novell Identity Manager
CVE-2006-4802 (Format string vulnerability in the Real Time Virus Scan service in ...)
- {DSA-1216}
NOT-FOR-US: Symantec
CVE-2006-4801 (Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and ...)
NOT-FOR-US: Roxio Toast
@@ -4593,8 +4773,8 @@
RESERVED
CVE-2006-3891
RESERVED
-CVE-2006-3890
- RESERVED
+CVE-2006-3890 (Stack-based buffer overflow in the Sky Software FileView ActiveX ...)
+ TODO: check
CVE-2006-3889
RESERVED
CVE-2006-3888 (Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader ...)
@@ -8116,6 +8296,7 @@
{DSA-857-1}
- graphviz 2.2.1-1sarge1 (bug #336985; low)
CVE-2005-4802 (Flexbackup 1.2.1 and earlier allows local users to overwrite files and ...)
+ {DSA-1216}
- flexbackup 1.2.1-3 (bug #334350; low)
CVE-2005-4801 (Multiple cross-site request forgery (CSRF) vulnerabilities in Yet ...)
NOT-FOR-US: YaPIG
More information about the Secure-testing-commits
mailing list