[Secure-testing-commits] r4800 - data/CVE

Mon Oct 2 21:14:21 UTC 2006

Author: joeyh
Date: 2006-10-02 21:14:19 +0000 (Mon, 02 Oct 2006)
New Revision: 4800

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-10-02 14:29:26 UTC (rev 4799)
+++ data/CVE/list	2006-10-02 21:14:19 UTC (rev 4800)
@@ -1,3 +1,57 @@
+CVE-2006-5099 (lib/exec/fetch.php in DokuWiki before 2006-03-09e, when ...)
+	TODO: check
+CVE-2006-5098 (lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote ...)
+	TODO: check
+CVE-2006-5097 (PHP remote file inclusion vulnerability in index.php in net2ftp allows ...)
+	TODO: check
+CVE-2006-5096 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...)
+	TODO: check
+CVE-2006-5095 (** DISPUTED ** ...)
+	TODO: check
+CVE-2006-5094 (PHP remote file inclusion vulnerability in includes/functions_kb.php ...)
+	TODO: check
+CVE-2006-5093 (PHP remote file inclusion vulnerability in index.php in Tagmin Control ...)
+	TODO: check
+CVE-2006-5092 (PHP remote file inclusion vulnerability in navigation/menu.php in ...)
+	TODO: check
+CVE-2006-5091 (Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server ...)
+	TODO: check
+CVE-2006-5090 (Multiple cross-site scripting (XSS) vulnerabilities in Phoenix ...)
+	TODO: check
+CVE-2006-5089 (PHP remote file inclusion vulnerability in mybic_server.php in My-BIC ...)
+	TODO: check
+CVE-2006-5088 (PHP remote file inclusion vulnerability in connected_users.lib.php3 in ...)
+	TODO: check
+CVE-2006-5087 (Multiple PHP remote file inclusion vulnerabilities in evoBB 0.3 and ...)
+	TODO: check
+CVE-2006-5086 (Blog Pixel Motion 2.1.1 allows remote attackers to change the username ...)
+	TODO: check
+CVE-2006-5085 (Static code injection vulnerability in config.php in Blog Pixel Motion ...)
+	TODO: check
+CVE-2006-5084 (Format string vulnerability in eBay Skype 1.5.0.79 has unspecified ...)
+	TODO: check
+CVE-2006-5083 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-5082 (Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before ...)
+	TODO: check
+CVE-2006-5081 (PHP remote file inclusion vulnerability in acc.php in QuickBlogger ...)
+	TODO: check
+CVE-2006-5080 (Cross-site scripting (XSS) vulnerability in the search function in Six ...)
+	TODO: check
+CVE-2006-5079 (PHP remote file inclusion vulnerability in class.mysql.php in Matt ...)
+	TODO: check
+CVE-2006-5078 (PHP remote file inclusion vulnerability in view/general.php in ...)
+	TODO: check
+CVE-2006-5077 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2006-5076 (Multiple PHP remote file inclusion vulnerabilities in OpenConcept ...)
+	TODO: check
+CVE-2006-5075 (The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris ...)
+	TODO: check
+CVE-2006-5074 (Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice ...)
+	TODO: check
+CVE-2006-5073 (Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote ...)
+	TODO: check
 CVE-2006-XXXX [graphicsmagic buffer overflows]
 	- graphicsmagick 1.1.7-9
 	TODO: check for security relevance and CVE-ids. Maybe imagemagick is affected, too
@@ -305,8 +359,7 @@
 	NOT-FOR-US: SISCO OSI stack for Windows
 CVE-2005-4811 (The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and ...)
 	- linux-2.6 2.6.14
-CVE-2006-4925 (openssh GSSAPI information leak)
-	RESERVED
+CVE-2006-4925 (packet.c in ssh in OpenSSH allows remote attackers to cause a denial ...)
 	- openssh <unfixed> (low)
 	- openssh-krb5 <unfixed> (low)
 	[sarge] - openssh <not-affected>
@@ -1595,7 +1648,7 @@
 	- asterisk 1:1.2.11.dfsg-1 (medium; bug #385060)
 CVE-2006-4344 (CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) ...)
 	NOT-FOR-US: CGI-Rescue Mail F/W System
-CVE-2006-4343 (Unspecified vulnerability in the SSLv2 client code in OpenSSL 0.9.7 ...)
+CVE-2006-4343 (The get_server_hello function in the SSLv2 client code in OpenSSL ...)
 	{DSA-1185-1}
 	- openssl 0.9.8c-2
 	- openssl097 0.9.7k-2
@@ -1825,8 +1878,7 @@
 	RESERVED
 CVE-2006-4248
 	RESERVED
-CVE-2006-4247 [plone password reset vulnerability]
-	RESERVED
+CVE-2006-4247 (Unspecified vulnerability in the Password Reset Tool before 0.4.1 on ...)
 	[sarge] - zope-cmfplone <not-affected> (Vulnerable code not present)
 	- zope-cmfplone <unfixed>
 CVE-2006-4246 (Usermin before 1.220 (20060629) allows remote attackers to read ...)


