[Secure-testing-commits] r5025 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Nov 29 21:15:12 CET 2006 

Author: joeyh
Date: 2006-11-29 21:15:09 +0100 (Wed, 29 Nov 2006)
New Revision: 5025

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-11-29 19:05:32 UTC (rev 5024)
+++ data/CVE/list	2006-11-29 20:15:09 UTC (rev 5025)
@@ -1,3 +1,81 @@
+CVE-2006-6168 (tiki-register.php in TikiWiki before 1.9.7 allows remote attackers to ...)
+	TODO: check
+CVE-2006-6167 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-6166 (Cross-site scripting (XSS) vulnerability in jce.php in the JCE Admin ...)
+	TODO: check
+CVE-2006-6165 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-6164 (The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 ...)
+	TODO: check
+CVE-2006-6163 (Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in ...)
+	TODO: check
+CVE-2006-6162 (Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php ...)
+	TODO: check
+CVE-2006-6161 (Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk ...)
+	TODO: check
+CVE-2006-6160 (SQL injection vulnerability in details.asp in Doug Luxem Liberum Help ...)
+	TODO: check
+CVE-2006-6159 (Multiple cross-site scripting (XSS) vulnerabilities in newticket.php ...)
+	TODO: check
+CVE-2006-6158 (Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help ...)
+	TODO: check
+CVE-2006-6157 (SQL injection vulnerability in index.php in ContentNow 1.39 and ...)
+	TODO: check
+CVE-2006-6156 (Cross-site scripting (XSS) vulnerability in auth/message.php in HIOX ...)
+	TODO: check
+CVE-2006-6155 (Multiple SQL injection vulnerabilities in addrating.php in HIOX Star ...)
+	TODO: check
+CVE-2006-6154 (PHP remote file inclusion vulnerability in addcode.php in HIOX Star ...)
+	TODO: check
+CVE-2006-6153 (Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net ...)
+	TODO: check
+CVE-2006-6152 (Multiple SQL injection vulnerabilities in vSpin.net Classified System ...)
+	TODO: check
+CVE-2006-6151 (PHP remote file inclusion vulnerability in centre.php in Messagerie ...)
+	TODO: check
+CVE-2006-6150 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-6149 (SQL injection vulnerability in index.asp in JiRos FAQ Manager 1.0 ...)
+	TODO: check
+CVE-2006-6148 (Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp ...)
+	TODO: check
+CVE-2006-6147 (Multiple SQL injection vulnerabilities in JiRos Links Manager allow ...)
+	TODO: check
+CVE-2006-6146 (Buffer overflow in the HPDF_Page_Circle function in ...)
+	TODO: check
+CVE-2006-6145 (CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in ...)
+	TODO: check
+CVE-2006-6144
+	RESERVED
+CVE-2006-6143
+	RESERVED
+CVE-2006-6142
+	RESERVED
+CVE-2006-6141 (Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a ...)
+	TODO: check
+CVE-2006-6140 (PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang ...)
+	TODO: check
+CVE-2006-6139 (Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus ...)
+	TODO: check
+CVE-2006-6138 (Directory traversal vulnerability in download.php in Sisfo Kampus 0.8 ...)
+	TODO: check
+CVE-2006-6137 (Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 ...)
+	TODO: check
+CVE-2006-6136 (IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) ...)
+	TODO: check
+CVE-2006-6135 (Multiple unspecified vulnerabilities in IBM WebSphere Application ...)
+	TODO: check
+CVE-2006-6134 (Windows Media 10.00.00.4036 allows remote attackers to cause a denial ...)
+	TODO: check
+CVE-2006-6133 (Stack-based buffer overflow in Business Objects Crystal Reports XI ...)
+	TODO: check
+CVE-2006-6132 (Multiple SQL injection vulnerabilities in Link Exchange Lite allow ...)
+	TODO: check
+CVE-2006-6131 (Untrusted search path vulnerability in (1) WSAdminServer and (2) ...)
+	TODO: check
+CVE-2006-6130 (Apple Mac OS X AppleTalk allows local users to cause a denial of ...)
+	TODO: check
 CVE-2006-XXXX [kronolith arbitrary file inclusion]
 	- kronolith2 2.1.4-1 (bug #400899)
 	TODO: check kronolith 1.x
@@ -50,8 +128,8 @@
 	NOT-FOR-US: fipsCMS
 CVE-2006-6114 (Buffer overflow in NWSPOOL.DLL in Novell Client 4.91 Post-SP3 for ...)
 	NOT-FOR-US: Novell
-CVE-2006-6113
-	RESERVED
+CVE-2006-6113 (Monkey Boards 0.3.5 allows remote attackers to obtain sensitive ...)
+	TODO: check
 CVE-2006-6112
 	RESERVED
 CVE-2006-6111 (Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 ...)
@@ -500,8 +578,8 @@
 	NOT-FOR-US: PhpMyChat 
 CVE-2006-5897 (Multiple directory traversal vulnerabilities in PhpMyChat Plus 1.9 and ...)
 	NOT-FOR-US: PhpMyChat Plus
-CVE-2006-5896
-	RESERVED
+CVE-2006-5896 (REMLAB Web Mech Designer 2.0.5 allows remote attackers to obtain the ...)
+	TODO: check
 CVE-2006-5895 (PHP remote file inclusion vulnerability in core/core.php in EncapsCMS ...)
 	NOT-FOR-US: EncapsCMS
 CVE-2006-5894 (Directory traversal vulnerability in lang.php in Rama CMS 0.68 and ...)
@@ -812,8 +890,8 @@
 	RESERVED
 CVE-2006-5751
 	RESERVED
-CVE-2006-5750
-	RESERVED
+CVE-2006-5750 (Directory traversal vulnerability in JBoss Application Server ...)
+	TODO: check
 CVE-2006-5749
 	RESERVED
 CVE-2006-5748 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
@@ -832,7 +910,7 @@
 	- xulrunner <unfixed> (high)
 	[sarge] - mozilla-firefox <not-affected> (Vulnerable code not present)
 	- mozilla-thunderbird <removed> (medium)
-CVE-2006-5746 (The console in AirMagnet Enterprise does not properly validate the ...)
+CVE-2006-5746 (The console in AirMagnet Enterprise before 7.5 build 6307 does not ...)
 	NOT-FOR-US: AirMagnet
 CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the ...)
 	NOT-FOR-US: Microsoft
@@ -1060,7 +1138,7 @@
 	NOT-FOR-US: Web Wiz Forums
 CVE-2006-5634 (Multile PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...)
 	NOT-FOR-US: phpProfiles
-CVE-2006-5633 (Firefox 1.5.0.7 and 2.0 allows remote attackers to cause a denial of ...)
+CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers ...)
 	- firefox <unfixed> (low)
 	- icedove <unfixed> (low)
 	- mozilla <unfixed> (low)
@@ -3515,8 +3593,8 @@
 	RESERVED
 CVE-2006-4519
 	RESERVED
-CVE-2006-4518
-	RESERVED
+CVE-2006-4518 (Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a ...)
+	TODO: check
 CVE-2006-4517 (Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a ...)
 	NOT-FOR-US: Novell iManager
 CVE-2006-4516 (Integer signedness error in FreeBSD 6.0-RELEASE allows local users to ...)
@@ -4302,8 +4380,8 @@
 CVE-2006-4182 (Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions ...)
 	{DSA-1196-1}
 	- clamav 0.88.5-1 (high; bug #393445)
-CVE-2006-4181
-	RESERVED
+CVE-2006-4181 (Format string vulnerability in the sqllog function in the SQL ...)
+	TODO: check
 CVE-2006-4180
 	REJECTED
 CVE-2006-4179

More information about the Secure-testing-commits mailing list