[Secure-testing-commits] r4809 - data/CVE
Joey Hess
joeyh at costa.debian.org
Wed Oct 4 21:14:26 UTC 2006
Author: joeyh
Date: 2006-10-04 21:14:25 +0000 (Wed, 04 Oct 2006)
New Revision: 4809
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-03 19:35:35 UTC (rev 4808)
+++ data/CVE/list 2006-10-04 21:14:25 UTC (rev 4809)
@@ -1,3 +1,51 @@
+CVE-2006-5167 (Multiple PHP remote file inclusion vulnerabilities in BasiliX 1.1.1 ...)
+ TODO: check
+CVE-2006-5166 (PHP remote file inclusion vulnerability in functions.php in PHP Web ...)
+ TODO: check
+CVE-2006-5165 (PHP remote file inclusion vulnerability in inc/functions.inc.php in ...)
+ TODO: check
+CVE-2006-5164 (Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum ...)
+ TODO: check
+CVE-2006-5163 (IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly ...)
+ TODO: check
+CVE-2006-5162 (wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows ...)
+ TODO: check
+CVE-2006-5161 (IBM Client Security Password Manager stores and distributes saved ...)
+ TODO: check
+CVE-2006-5160 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-5159 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-5158 (Unspecified vulnerability in NFS lockd in the kernel in SUSE Linux 9.2 ...)
+ TODO: check
+CVE-2006-5157 (Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in ...)
+ TODO: check
+CVE-2006-5156 (Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ...)
+ TODO: check
+CVE-2006-5155 (PHP remote file inclusion vulnerability in core/pdf.php in VideoDB ...)
+ TODO: check
+CVE-2006-5154 (PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 ...)
+ TODO: check
+CVE-2006-5153 (The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal ...)
+ TODO: check
+CVE-2006-5152 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
+ TODO: check
+CVE-2006-5151 (Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for ...)
+ TODO: check
+CVE-2006-5150 (SQL injection vulnerability in the reports system in OpenBiblio before ...)
+ TODO: check
+CVE-2006-5149 (Multiple PHP remote file inclusion vulnerabilities in (1) ...)
+ TODO: check
+CVE-2006-5148 (Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b ...)
+ TODO: check
+CVE-2006-5147 (PHP remote file inclusion vulnerability in wamp_dir/setup/yesno.phtml ...)
+ TODO: check
+CVE-2006-5146 (Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow ...)
+ TODO: check
+CVE-2006-5145 (Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow ...)
+ TODO: check
+CVE-2006-5144 (Cross-site scripting (XSS) vulnerability in userupload.php in ...)
+ TODO: check
CVE-2006-XXXX [openssl fix for CVE-2006-2940 introduced new security bug]
- openssl097 0.9.7k-3
- openssl 0.9.8c-3
@@ -58,7 +106,7 @@
TODO: check
CVE-2006-5117 (phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web ...)
TODO: check
-CVE-2006-5116 (Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.1-rc1 ...)
+CVE-2006-5116 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
TODO: check
CVE-2006-5115 (Directory traversal vulnerability in kgcall.php in KGB 1.87 allows ...)
TODO: check
@@ -387,7 +435,7 @@
NOT-FOR-US: Php Blue Dragon
CVE-2006-4959 (Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows ...)
NOT-FOR-US: Sun Secure Global Desktop
-CVE-2006-4958 (Cross-site scripting (XSS) vulnerability in Sun Secure Global Desktop ...)
+CVE-2006-4958 (Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure ...)
NOT-FOR-US: Sun Secure Global Desktop
CVE-2006-4957 (SQL injection vulnerability in the GetMember function in functions.php ...)
NOT-FOR-US: MyReview
@@ -1370,8 +1418,8 @@
RESERVED
CVE-2006-4512
RESERVED
-CVE-2006-4511
- RESERVED
+CVE-2006-4511 (Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows ...)
+ TODO: check
CVE-2006-4510
RESERVED
CVE-2006-4509
@@ -4617,7 +4665,7 @@
NOT-FOR-US: MP3 Search/Archive
CVE-2006-3070 (write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with ...)
NOT-FOR-US: Zeroboard
-CVE-2006-3069 (PHP remote file inclusion vulnerability in DoubleSpeak 0.1, when ...)
+CVE-2006-3069 (** DISPUTED ** ...)
NOT-FOR-US: DoubleSpeak
CVE-2006-3068 (IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote ...)
NOT-FOR-US: IBM DB2
@@ -12375,7 +12423,7 @@
NOT-FOR-US: SiteEnable
CVE-2005-4482 (Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 ...)
NOT-FOR-US: PortalApp
-CVE-2005-4481 (Cross-site scripting (XSS) vulnerability in Polopoly 9 and earlier ...)
+CVE-2005-4481 (** DISPUTED ** ...)
NOT-FOR-US: Polypoly
CVE-2005-4480 (Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and ...)
NOT-FOR-US: Plexcor CMS
@@ -20673,9 +20721,9 @@
NOT-FOR-US: Fortibus CMS
CVE-2005-2037 (Multiple SQL injection vulnerabilities in Fortibus CMS 4.0.0 allow ...)
NOT-FOR-US: Fortibus CMS
-CVE-2005-2036 (modifyUser.asp in Cool Cafe Chat 1.2.1 allows remote attackers to ...)
+CVE-2005-2036 (modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote ...)
NOT-FOR-US: Cool Cafe Chat
-CVE-2005-2035 (SQL injection vulnerability in login.asp for Cool Cafe Chat 1.2.1 ...)
+CVE-2005-2035 (SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) ...)
NOT-FOR-US: Cool Cafe Chat
CVE-2005-2034 (Cross-site scripting (XSS) vulnerability in folderview.asp for ...)
NOT-FOR-US: iGallery
@@ -21435,7 +21483,7 @@
NOT-FOR-US: MyBB
CVE-2005-1832 (Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard ...)
NOT-FOR-US: MyBB
-CVE-2005-1831 (Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux ...)
+CVE-2005-1831 (** DISPUTED ** ...)
- sudo <not-affected> (Unreproducable, seems like a broken PAM setup on the submitter's side)
CVE-2005-1830 (The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 ...)
NOT-FOR-US: SoftICE
More information about the Secure-testing-commits
mailing list