[Secure-testing-commits] r5010 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Mon Nov 27 09:14:18 CET 2006
Author: joeyh
Date: 2006-11-27 09:14:16 +0100 (Mon, 27 Nov 2006)
New Revision: 5010
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-11-26 07:21:32 UTC (rev 5009)
+++ data/CVE/list 2006-11-27 08:14:16 UTC (rev 5010)
@@ -1,3 +1,137 @@
+CVE-2006-6129 (Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows ...)
+ TODO: check
+CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other ...)
+ TODO: check
+CVE-2006-6127 (Apple Mac OS X kernel allows local users to cause a denial of service ...)
+ TODO: check
+CVE-2006-6126 (Apple Mac OS X allows local users to cause a denial of service (memory ...)
+ TODO: check
+CVE-2006-6125 (Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) ...)
+ TODO: check
+CVE-2006-6124 (Cross-site scripting (XSS) vulnerability in SeleniumServer Web Server ...)
+ TODO: check
+CVE-2006-6123 (Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals ...)
+ TODO: check
+CVE-2006-6122 (Multiple buffer overflows in TIN before 1.8.2 have unspecified impact ...)
+ TODO: check
+CVE-2006-6121 (Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers ...)
+ TODO: check
+CVE-2006-6120
+ RESERVED
+CVE-2006-6119 (mmgallery 1.55 allows remote attackers to obtain sensitive information ...)
+ TODO: check
+CVE-2006-6118 (Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery ...)
+ TODO: check
+CVE-2006-6117 (SQL injection vulnerability in index1.asp in fipsGallery 1.5 and ...)
+ TODO: check
+CVE-2006-6116 (SQL injection vulnerability in default2.asp in fipsForum 2.6 and ...)
+ TODO: check
+CVE-2006-6115 (SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier ...)
+ TODO: check
+CVE-2006-6114 (Buffer overflow in NWSPOOL.DLL in Novell Client 4.91 Post-SP3 for ...)
+ TODO: check
+CVE-2006-6113
+ RESERVED
+CVE-2006-6112
+ RESERVED
+CVE-2006-6111 (Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 ...)
+ TODO: check
+CVE-2006-6110 (Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech ...)
+ TODO: check
+CVE-2006-6109 (Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 ...)
+ TODO: check
+CVE-2006-6108 (Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta ...)
+ TODO: check
+CVE-2006-6107
+ RESERVED
+CVE-2006-6106
+ RESERVED
+CVE-2006-6105
+ RESERVED
+CVE-2006-6104
+ RESERVED
+CVE-2006-6103
+ RESERVED
+CVE-2006-6102
+ RESERVED
+CVE-2006-6101
+ RESERVED
+CVE-2006-6100
+ RESERVED
+CVE-2006-6099
+ RESERVED
+CVE-2006-6098
+ RESERVED
+CVE-2006-6097 (GNU tar 1.16 and 1.15.1, and possibly other versions, allows ...)
+ TODO: check
+CVE-2006-6096 (Cross-site scripting (XSS) vulnerability in activenews_search.asp in ...)
+ TODO: check
+CVE-2006-6095 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow ...)
+ TODO: check
+CVE-2006-6094 (Multiple SQL injection vulnerabilities in ActiveNews Manager allow ...)
+ TODO: check
+CVE-2006-6093 (Multiple PHP remote file inclusion vulnerabilities in adminprint.php ...)
+ TODO: check
+CVE-2006-6092 (Multiple SQL injection vulnerabilities in vehiclelistings.asp in 20/20 ...)
+ TODO: check
+CVE-2006-6091 (Cross-site scripting (XSS) vulnerability in Grim Pirate GrimBB before ...)
+ TODO: check
+CVE-2006-6090 (Multiple SQL injection vulnerabilities in BaalAsp forum allow remote ...)
+ TODO: check
+CVE-2006-6089 (Multiple cross-site scripting (XSS) vulnerabilities in addpost1.asp in ...)
+ TODO: check
+CVE-2006-6088 (Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar ...)
+ TODO: check
+CVE-2006-6087 (Cross-site scripting (XSS) vulnerability in weblog.php in my little ...)
+ TODO: check
+CVE-2006-6086 (PHP remote file inclusion vulnerability in ark_inc.php in e-Ark 1.0 ...)
+ TODO: check
+CVE-2006-6085 (Kile before 1.9.3 does not assign a backup file the same permissions ...)
+ TODO: check
+CVE-2006-6084 (Directory traversal vulnerability in abitwhizzy.php in aBitWhizzy ...)
+ TODO: check
+CVE-2006-6083 (SQL injection vulnerability in search.asp in CreaScripts Creadirectory ...)
+ TODO: check
+CVE-2006-6082 (Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts ...)
+ TODO: check
+CVE-2006-6081 (PHP remote file inclusion vulnerability in Smarty_Compiler.class.php ...)
+ TODO: check
+CVE-2006-6080 (Multiple SQL injection vulnerabilities in categories.asp in gNews ...)
+ TODO: check
+CVE-2006-6079 (Multiple PHP remote file inclusion vulnerabilities in LoudMouth 2.4 ...)
+ TODO: check
+CVE-2006-6078 (PHP remote file inclusion vulnerability in common.inc.php in a-ConMan ...)
+ TODO: check
+CVE-2006-6077 (The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and ...)
+ TODO: check
+CVE-2006-6076 (Buffer overflow in the Tape Engine (tapeeng.exe) in Computer ...)
+ TODO: check
+CVE-2006-6075 (Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp ...)
+ TODO: check
+CVE-2006-6074 (Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart ...)
+ TODO: check
+CVE-2006-6073 (Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart ...)
+ TODO: check
+CVE-2006-6072 (SQL injection vulnerability in bpg/publications_list.asp in ...)
+ TODO: check
+CVE-2006-6071
+ RESERVED
+CVE-2006-6070 (SQL injection vulnerability in module/account/register/register.asp in ...)
+ TODO: check
+CVE-2006-6069 (index.php in mAlbum 0.3 and earlier allows remote attackers to obtain ...)
+ TODO: check
+CVE-2006-6068 (Directory traversal vulnerability in the cached_album function in ...)
+ TODO: check
+CVE-2006-6067 (Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real ...)
+ TODO: check
+CVE-2006-6066 (Multiple SQL injection vulnerabilities in Dragon Calendar / Events ...)
+ TODO: check
+CVE-2006-6065 (PHP remote file inclusion vulnerability in includes/mx_common.php in ...)
+ TODO: check
+CVE-2006-6064 (Multiple buffer overflows in the Message Parsing Interpreter (MPI) in ...)
+ TODO: check
+CVE-2006-6063 (Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier ...)
+ TODO: check
CVE-2006-6062 (Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other ...)
NOT-FOR-US: Apple Mac OS X
CVE-2006-6061 (com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and ...)
@@ -150,7 +284,7 @@
- libapache-mod-auth-kerb 5.3-1 (low)
CVE-2006-5988 (Unspecified vulnerability in Windows 2000 Advanced Server SP4 running ...)
NOT-FOR-US: Windows
-CVE-2006-5987 (SQL injection vulnerability in default.asp in ASPintranet 2.1 allows ...)
+CVE-2006-5987 (SQL injection vulnerability in default.asp in ASPintranet, possibly ...)
NOT-FOR-US: ASPintranet
CVE-2006-5986 (admin/options.php in Extreme CMS 0.9, and possibly earlier, does not ...)
NOT-FOR-US: Extreme CMS
@@ -160,9 +294,9 @@
NOT-FOR-US: Helm Hosting Control Panel
CVE-2006-5983 (Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software ...)
NOT-FOR-US: DirectAdmin
-CVE-2006-5982 (Selenium Server 1.0, and possibly earlier, stores user passwords in ...)
+CVE-2006-5982 (SeleniumServer FTP Server 1.0, and possibly earlier, stores user ...)
NOT-FOR-US: Selenium Server
-CVE-2006-5981 (Multiple directory traversal vulnerabilities in Selenium Server 1.0, ...)
+CVE-2006-5981 (Multiple directory traversal vulnerabilities in SeleniumServer FTP ...)
NOT-FOR-US: Selenium Server
CVE-2006-5980 (adm_lgn_admin.asp in Renasoft NetJetServer 2.5.3.939, and possibly ...)
NOT-FOR-US: NetJetServer
@@ -202,8 +336,8 @@
NOT-FOR-US: Panda ActiveScan
CVE-2006-5966 (Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows ...)
NOT-FOR-US: Panda ActiveScan
-CVE-2006-5965
- RESERVED
+CVE-2006-5965 (PassGo SSO Plus 2.1.0.32, and probably earlier versions, uses insecure ...)
+ TODO: check
CVE-2006-5964
RESERVED
CVE-2006-5963
@@ -250,8 +384,8 @@
TODO: check
CVE-2006-5942 (Cross-site scripting (XSS) vulnerability in ...)
TODO: check
-CVE-2006-5941
- RESERVED
+CVE-2006-5941 (snmpd in (1) the SUNWsmagt package in Solaris 10 before 20061122 and ...)
+ TODO: check
CVE-2006-5940 (Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has ...)
NOT-FOR-US: Grisoft AVG Anti-Virus
CVE-2006-5939 (Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause ...)
@@ -402,8 +536,8 @@
RESERVED
CVE-2006-5870
RESERVED
-CVE-2006-5869
- RESERVED
+CVE-2006-5869 (pstotext before 1.9 allows user-assisted attackers to execute ...)
+ TODO: check
CVE-2006-5868 (Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 ...)
{DSA-1213}
- imagemagick 7:6.2.4.5.dfsg1-0.11
@@ -593,7 +727,7 @@
NOT-FOR-US: iodine
CVE-2006-5780 (Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 ...)
NOT-FOR-US: XLink Omni-NFS
-CVE-2006-5779 (OpenLDAP 2.2.29 and earlier allows remote attackers to cause a denial ...)
+CVE-2006-5779 (OpenLDAP before 2.3.29 allows remote attackers to cause a denial of ...)
- openldap2.2 <unfixed> (bug #397673)
- openldap2.3 2.3.29-1
CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to ...)
@@ -4598,8 +4732,8 @@
NOT-FOR-US: CA eTrust Antivirus WebScan
CVE-2006-3974
RESERVED
-CVE-2006-3973
- RESERVED
+CVE-2006-3973 (My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is ...)
+ TODO: check
CVE-2006-3972 (Directory traversal vulnerability in ...)
NOT-FOR-US: Ajax Chat
CVE-2006-3971 (Cross-site scripting (XSS) vulnerability in ...)
More information about the Secure-testing-commits
mailing list