[Secure-testing-commits] r4901 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Oct 31 08:14:27 UTC 2006
Author: joeyh
Date: 2006-10-31 09:14:26 +0100 (Tue, 31 Oct 2006)
New Revision: 4901
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-10-30 20:56:32 UTC (rev 4900)
+++ data/CVE/list 2006-10-31 08:14:26 UTC (rev 4901)
@@ -1,8 +1,204 @@
-CVE-2006-5740 [wireshark LDAP dissector issue]
+CVE-2006-5611 (Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 ...)
+ TODO: check
+CVE-2006-5610 (PHP remote file inclusion vulnerability in player/includes/common.php ...)
+ TODO: check
+CVE-2006-5609 (Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows ...)
+ TODO: check
+CVE-2006-5608 (SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before ...)
+ TODO: check
+CVE-2006-5607 (Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 ...)
+ TODO: check
+CVE-2006-5606
+ RESERVED
+CVE-2006-5605 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-5604 (Directory traversal vulnerability in phpcards.header.php in phpCards ...)
+ TODO: check
+CVE-2006-5603 (SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 ...)
+ TODO: check
+CVE-2006-5600 (Axalto Protiva 1.1, possibly only non-commercial versions, stores ...)
+ TODO: check
+CVE-2006-5599 (Cross-site scripting (XSS) vulnerability in Oracle Application Express ...)
+ TODO: check
+CVE-2006-5598 (Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery ...)
+ TODO: check
+CVE-2006-5597 (join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows ...)
+ TODO: check
+CVE-2006-5596 (Directory traversal vulnerability in the SSL server in AEP Smartgate ...)
+ TODO: check
+CVE-2006-5595 (Unspecified vulnerability in the AirPcap support in Wireshark ...)
+ TODO: check
+CVE-2006-5594 (PHP remote file inclusion vulnerability in University of British ...)
+ TODO: check
+CVE-2006-5593 (Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow ...)
+ TODO: check
+CVE-2006-5592 (Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote attackers to ...)
+ TODO: check
+CVE-2006-5591 (Multiple SQL injection vulnerabilities in Admin/check.asp in PacPoll ...)
+ TODO: check
+CVE-2006-5590 (PHP remote file inclusion vulnerability in index.php in ArticleBeach ...)
+ TODO: check
+CVE-2006-5589 (Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and ...)
+ TODO: check
+CVE-2006-5588 (Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 ...)
+ TODO: check
+CVE-2006-5587 (Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and ...)
+ TODO: check
+CVE-2006-5586
+ RESERVED
+CVE-2006-5585
+ RESERVED
+CVE-2006-5584
+ RESERVED
+CVE-2006-5583
+ RESERVED
+CVE-2006-5582
+ RESERVED
+CVE-2006-5581
+ RESERVED
+CVE-2006-5580
+ RESERVED
+CVE-2006-5579
+ RESERVED
+CVE-2006-5578
+ RESERVED
+CVE-2006-5577
+ RESERVED
+CVE-2006-5576
+ RESERVED
+CVE-2006-5575
+ RESERVED
+CVE-2006-5574
+ RESERVED
+CVE-2006-5573
+ RESERVED
+CVE-2006-5572
+ RESERVED
+CVE-2006-5571 (Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks ...)
+ TODO: check
+CVE-2006-5570 (Directory traversal vulnerability in /scripts/cruise/cws.exe in ...)
+ TODO: check
+CVE-2006-5569 (FtpXQ Server 3.0.1 installs with two default testing accounts, which ...)
+ TODO: check
+CVE-2006-5568 (FtpXQ Server 3.0.1 allows remote attackers to cause a denial of ...)
+ TODO: check
+CVE-2006-5567 (Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before ...)
+ TODO: check
+CVE-2006-5566 (CRLF injection vulnerability in premium/index.php in Shop-Script ...)
+ TODO: check
+CVE-2006-5565 (CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote ...)
+ TODO: check
+CVE-2006-5564 (Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro ...)
+ TODO: check
+CVE-2006-5563 (Unspecified vulnerability in Yahoo! Messenger (Service 18) before ...)
+ TODO: check
+CVE-2006-5562 (PHP remote file inclusion vulnerability in include/database.php in ...)
+ TODO: check
+CVE-2006-5561 (SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows ...)
+ TODO: check
+CVE-2006-5560 (Cross-site scripting (XSS) vulnerability in heading.php in Boesch ...)
+ TODO: check
+CVE-2006-5559 (The ADODB.Connection 2.7 ActiveX control object (ADODB.Connection.2.7) ...)
+ TODO: check
+CVE-2006-5558 (Format string vulnerability in the swask command in HP-UX B.11.11 and ...)
+ TODO: check
+CVE-2006-5557 (Stack-based buffer overflow in the (1) swpackage and (2) swmodify ...)
+ TODO: check
+CVE-2006-5556 (Buffer overflow in the localtime_r function, and certain other ...)
+ TODO: check
+CVE-2006-5555 (PHP remote file inclusion vulnerability in constantes.inc.php in ...)
+ TODO: check
+CVE-2006-5554 (Directory traversal vulnerability in index.php in Imageview 5 allows ...)
+ TODO: check
+CVE-2006-5553 (Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 ...)
+ TODO: check
+CVE-2006-5552 (Heap-based buffer overflow in RevilloC MailServer 1.21 and earlier ...)
+ TODO: check
+CVE-2006-5551 (Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow ...)
+ TODO: check
+CVE-2006-5550 (The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause ...)
+ TODO: check
+CVE-2006-5549 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-5548 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...)
+ TODO: check
+CVE-2006-5547 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...)
+ TODO: check
+CVE-2006-5546 (PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open ...)
+ TODO: check
+CVE-2006-5545 (Premium Antispam in Symantec Mail Security for Domino Server 5.1.x ...)
+ TODO: check
+CVE-2006-5544 (Visual truncation vulnerability in Microsoft Internet Explorer 7 ...)
+ TODO: check
+CVE-2006-5543 (PHP remote file inclusion vulnerability in misc/function.php3 in PHP ...)
+ TODO: check
+CVE-2006-5542 (backend/tcop/postgres.c in PostgreSQL 8.1.x before 8.1.5 allows remote ...)
+ TODO: check
+CVE-2006-5541 (backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, ...)
+ TODO: check
+CVE-2006-5540 (backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows ...)
+ TODO: check
+CVE-2006-5539 (PHP remote file inclusion vulnerability in login/secure.php in ...)
+ TODO: check
+CVE-2006-5538 (D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote ...)
+ TODO: check
+CVE-2006-5537 (Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm ...)
+ TODO: check
+CVE-2006-5536 (Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T ...)
+ TODO: check
+CVE-2006-5535 (Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager ...)
+ TODO: check
+CVE-2006-5534 (Multiple cross-site scripting (XSS) vulnerabilities in index.htm in ...)
+ TODO: check
+CVE-2006-5533 (Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9, ...)
+ TODO: check
+CVE-2006-5532 (Cross-site scripting (XSS) vulnerability in rmgs/images.php in RMSOFT ...)
+ TODO: check
+CVE-2006-5531 (PHP remote file inclusion vulnerability in embedded.php in Ascended ...)
+ TODO: check
+CVE-2006-5530 (Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews ...)
+ TODO: check
+CVE-2006-5529 (Cross-site scripting (XSS) vulnerability in ...)
+ TODO: check
+CVE-2006-5528 (Directory traversal vulnerability in mod.php in SchoolAlumni Portal ...)
+ TODO: check
+CVE-2006-5527 (PHP remote file inclusion vulnerability in lib.editor.inc.php in ...)
+ TODO: check
+CVE-2006-5526 (Multiple PHP remote file inclusion vulnerabilities in Teake Nutma ...)
+ TODO: check
+CVE-2006-5525 (Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and ...)
+ TODO: check
+CVE-2006-5524 (Cross-site scripting (XSS) vulnerability in index.php in phplist ...)
+ TODO: check
+CVE-2006-5523 (PHP remote file inclusion vulnerability in common.php in EZ-Ticket ...)
+ TODO: check
+CVE-2006-5522 (Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt ...)
+ TODO: check
+CVE-2006-5521 (PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 ...)
+ TODO: check
+CVE-2006-5520 (PHP remote file inclusion vulnerability in functions.php in ...)
+ TODO: check
+CVE-2006-5519 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2006-5518 (Multiple PHP remote file inclusion vulnerabilities in Christopher ...)
+ TODO: check
+CVE-2006-5517 (Multiple PHP remote file inclusion vulnerabilities in Rhode Island ...)
+ TODO: check
+CVE-2006-5516 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
+ TODO: check
+CVE-2006-5515 (Cross-site scripting (XSS) vulnerability in lib-history.inc.php in ...)
+ TODO: check
+CVE-2006-5514 (SQL injection vulnerability in quiz.php in Web Group Communication ...)
+ TODO: check
+CVE-2006-5513 (SQL injection vulnerability in GeoNetwork opensource before 2.0.3 ...)
+ TODO: check
+CVE-2005-4814 (Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when ...)
+ TODO: check
+CVE-2006-5740 (Unspecified vulnerability in the LDAP dissector in Wireshark (formerly ...)
- wireshark <unfixed> (bug #396258; medium)
-CVE-2006-5602 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability]
+CVE-2006-5602 (Multiple memory leaks in xsupplicant before 1.2.6, and possibly other ...)
- xsupplicant <unfixed> (bug #396204; medium)
-CVE-2006-5601 [Xsupplicant "eap_do_notify()" Buffer Overflow Vulnerability]
+CVE-2006-5601 (Stack-based buffer overflow in xsupplicant before 1.2.6, and possibly ...)
- xsupplicant <unfixed> (bug #396204; medium)
CVE-2006-XXXX [several possible mysql 5.0 local DoS vulnerabilities]
- mysql-dfsg-5.0 5.0.26-1 (low)
@@ -91,15 +287,13 @@
CVE-2006-5471 (PHP remote file inclusion vulnerability in example/lib/grid3.lib.php ...)
NOT-FOR-US: Softerra PHP Developer Library
CVE-2006-5470
- RESERVED
-CVE-2006-5469 [Wireshark WBXML dissector issue]
- RESERVED
+ REJECTED
+CVE-2006-5469 (Unspecified vulnerability in the WBXML dissector in Wireshark ...)
- wireshark <unfixed> (bug #396258; medium)
-CVE-2006-5468 [Wireshark HTTP dissector issue]
- RESERVED
+CVE-2006-5468 (Unspecified vulnerability in the HTTP dissector in Wireshark (formerly ...)
- wireshark <unfixed> (bug #396258; medium)
-CVE-2006-5467
- RESERVED
+CVE-2006-5467 (The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a ...)
+ TODO: check
CVE-2006-5466
RESERVED
CVE-2006-5465
@@ -1498,8 +1692,7 @@
RESERVED
CVE-2006-4806
RESERVED
-CVE-2006-4805 [wireshark XOT dissector issue]
- RESERVED
+CVE-2006-4805 (epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in ...)
- wireshark <unfixed> (bug #396258; medium)
CVE-2006-4804
RESERVED
@@ -2000,8 +2193,7 @@
RESERVED
CVE-2006-4575
RESERVED
-CVE-2006-4574 [Wireshark MIME Multipart dissector issue]
- RESERVED
+CVE-2006-4574 (Off-by-one error in the MIME Multipart dissector in Wireshark ...)
- wireshark <unfixed> (bug #396258; medium)
CVE-2006-4573 (Multiple unspecified vulnerabilities in the "utf8 combining characters ...)
- screen 4.0.3-0.1 (bug #395225; medium)
@@ -2174,8 +2366,7 @@
RESERVED
CVE-2006-4514
RESERVED
-CVE-2006-4513 [wvware Multiple Integer Overflow Vulnerabilities]
- RESERVED
+CVE-2006-4513 (Multiple integer overflows in the WV library in wvWare (formerly ...)
- wv <unfixed> (bug #396256; medium)
CVE-2006-4512
RESERVED
@@ -5265,7 +5456,7 @@
NOT-FOR-US: Open-Realty
CVE-2006-3147 (Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix ...)
NOT-FOR-US: Hosting Controller
-CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.23 and earlier ...)
+CVE-2006-3146 (The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier ...)
NOT-FOR-US: Toshiba drivers for Windows
CVE-2006-3145 (Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows ...)
- netpbm-free <not-affected> (Debian's version is too old; affects 10.30 to 10.33 only)
More information about the Secure-testing-commits
mailing list