[Secure-testing-commits] r4701 - data/CVE
Joey Hess
joeyh at costa.debian.org
Fri Sep 8 09:14:23 UTC 2006
Author: joeyh
Date: 2006-09-08 09:14:22 +0000 (Fri, 08 Sep 2006)
New Revision: 4701
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-09-07 22:13:16 UTC (rev 4700)
+++ data/CVE/list 2006-09-08 09:14:22 UTC (rev 4701)
@@ -1,3 +1,207 @@
+CVE-2006-4622 (PHP remote file inclusion vulnerability in annonce.php in AnnonceV ...)
+ TODO: check
+CVE-2006-4621 (PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, ...)
+ TODO: check
+CVE-2006-4620 (The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with ...)
+ TODO: check
+CVE-2006-4619 (The start update window in Avira AntiVir PersonalEdition Classic ...)
+ TODO: check
+CVE-2006-4618 (PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in ...)
+ TODO: check
+CVE-2006-4617 (Unrestricted file upload vulnerability in fileupload.html in vtiger ...)
+ TODO: check
+CVE-2006-4616 (SMTP service in MailEnable Standard, Professional, and Enterprise ...)
+ TODO: check
+CVE-2006-4615 (Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores ...)
+ TODO: check
+CVE-2006-4614 (PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords ...)
+ TODO: check
+CVE-2006-4613 (Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow ...)
+ TODO: check
+CVE-2006-4612 (SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows ...)
+ TODO: check
+CVE-2006-4611 (Buffer overflow in the _tor_resolve function in dsocks.c in dsocks ...)
+ TODO: check
+CVE-2006-4610 (PHP remote file inclusion vulnerability in index.php in GrapAgenda ...)
+ TODO: check
+CVE-2006-4609 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-4608 (Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome ...)
+ TODO: check
+CVE-2006-4607 (admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote ...)
+ TODO: check
+CVE-2006-4606 (Multiple SQL injection vulnerabilities in Longino Jacome php-Revista ...)
+ TODO: check
+CVE-2006-4605 (PHP remote file inclusion vulnerability in index.php in Longino Jacome ...)
+ TODO: check
+CVE-2006-4604 (PHP remote file inclusion vulnerability in LFXlib/access_manager.php ...)
+ TODO: check
+CVE-2006-4603 (NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass ...)
+ TODO: check
+CVE-2006-4602 (Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 ...)
+ TODO: check
+CVE-2006-4601 (SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows ...)
+ TODO: check
+CVE-2006-4600 (slapd in OpenLDAP before 2.3.25 allows remote authenticated users with ...)
+ TODO: check
+CVE-2006-4599 (SQL injection vulnerability in aut_verifica.inc.php in Autentificator ...)
+ TODO: check
+CVE-2006-4598 (Multiple SQL injection vulnerabilities in links.php in ssLinks 1.22 ...)
+ TODO: check
+CVE-2006-4597 (SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier ...)
+ TODO: check
+CVE-2006-4596 (PHP remote file inclusion in MyBace Light Skrip, when register_globals ...)
+ TODO: check
+CVE-2006-4595 (muforum (µforum) 0.4c stores membres/members.dat under the web ...)
+ TODO: check
+CVE-2006-4594 (Multiple PHP remote file inclusion vulnerabilities in PHP Advanced ...)
+ TODO: check
+CVE-2006-4593 (Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 ...)
+ TODO: check
+CVE-2006-4592 (Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple ...)
+ TODO: check
+CVE-2006-4591 (Multiple PHP remote file inclusion vulnerabilities in AlstraSoft ...)
+ TODO: check
+CVE-2006-4590 (SQL injection vulnerability in admin/default.asp in Jetstat.com JS ASP ...)
+ TODO: check
+CVE-2006-4589 (PHP remote file inclusion vulnerability in ...)
+ TODO: check
+CVE-2006-4588 (vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to ...)
+ TODO: check
+CVE-2006-4587 (Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM ...)
+ TODO: check
+CVE-2006-4586 (The admin panel in Tr Forum 2.0 accepts a username and password hash ...)
+ TODO: check
+CVE-2006-4585 (SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows ...)
+ TODO: check
+CVE-2006-4584 (Tr Forum 2.0 allows remote attackers to bypass authentication and add ...)
+ TODO: check
+CVE-2006-4583 (Multiple PHP remote file inclusion vulnerabilities in FlashChat before ...)
+ TODO: check
+CVE-2006-4582
+ RESERVED
+CVE-2006-4581
+ RESERVED
+CVE-2006-4580
+ RESERVED
+CVE-2006-4579
+ RESERVED
+CVE-2006-4578
+ RESERVED
+CVE-2006-4577
+ RESERVED
+CVE-2006-4576
+ RESERVED
+CVE-2006-4575
+ RESERVED
+CVE-2006-4574
+ RESERVED
+CVE-2006-4573
+ RESERVED
+CVE-2006-4572
+ RESERVED
+CVE-2006-4571
+ RESERVED
+CVE-2006-4570
+ RESERVED
+CVE-2006-4569
+ RESERVED
+CVE-2006-4568
+ RESERVED
+CVE-2006-4567
+ RESERVED
+CVE-2006-4566
+ RESERVED
+CVE-2006-4565
+ RESERVED
+CVE-2006-4564 (SQL injection vulnerability in Sources/ManageBoards.php in Simple ...)
+ TODO: check
+CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke ...)
+ TODO: check
+CVE-2006-4562 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-4561 (Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary ...)
+ TODO: check
+CVE-2006-4560 (Internet Explorer 6 on Windows XP SP2 allows remote attackers to ...)
+ TODO: check
+CVE-2006-4559 (Multiple PHP remote file inclusion vulnerabilities in Yet Another ...)
+ TODO: check
+CVE-2006-4558 (DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the ...)
+ TODO: check
+CVE-2006-4557 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-4556 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-4555 (Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control ...)
+ TODO: check
+CVE-2006-4554 (Stack-based buffer overflow in the ReadFile function in the ...)
+ TODO: check
+CVE-2006-4553 (PHP remote file inclusion vulnerability in plugin.class.php in the ...)
+ TODO: check
+CVE-2006-4552 (Cross-site scripting (XSS) vulnerability in CHXO Feedsplitter ...)
+ TODO: check
+CVE-2006-4551 (Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows ...)
+ TODO: check
+CVE-2006-4550 (Directory traversal vulnerability in CHXO Feedsplitter 2006-01-21 ...)
+ TODO: check
+CVE-2006-4549 (CHXO Feedsplitter 2006-01-21 allows remote attackers to read the ...)
+ TODO: check
+CVE-2006-4548 (e107 0.75 and earlier does not properly unset variables when the input ...)
+ TODO: check
+CVE-2006-4547 (Lyris ListManager 8.95 allows remote authenticated users to obtain ...)
+ TODO: check
+CVE-2006-4546 (Lyris ListManager 8.95 allows remote authenticated users, who have ...)
+ TODO: check
+CVE-2006-4545 (** DISPUTED ** ...)
+ TODO: check
+CVE-2006-4544 (Multiple PHP remote file inclusion vulnerabilities in ExBB 1.9.1, when ...)
+ TODO: check
+CVE-2006-4543 (Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 ...)
+ TODO: check
+CVE-2006-4542 (Webmin before 1.296 and Usermin before 1.226 do not properly handle a ...)
+ TODO: check
+CVE-2006-4541 (RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly ...)
+ TODO: check
+CVE-2006-4540 (Cross-site scripting (XSS) vulnerability in learncenter.asp in ...)
+ TODO: check
+CVE-2006-4539 ((1) includes/widgets/module_company_tickets.php and (2) ...)
+ TODO: check
+CVE-2006-4538 (Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC ...)
+ TODO: check
+CVE-2006-4537 (NET$SESSION_CONTROL.EXE before 20060825 in DECnet-Plus in OpenVMS ...)
+ TODO: check
+CVE-2006-4536 (SQL injection vulnerability in module/rejestracja.php in CMS Frogss ...)
+ TODO: check
+CVE-2006-4535
+ RESERVED
+CVE-2006-4534 (Unspecified vulnerability in Microsoft Word 2000 allows remote ...)
+ TODO: check
+CVE-2006-4533 (Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6 ...)
+ TODO: check
+CVE-2006-4532 (PHP remote file inclusion vulnerability in articles/article.php in Yet ...)
+ TODO: check
+CVE-2006-4531 (PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS ...)
+ TODO: check
+CVE-2006-4530 (Direct static code injection vulnerability in include/change.php in ...)
+ TODO: check
+CVE-2006-4529 (SQL injection vulnerability in recherchemembre.php in membrepass 1.5. ...)
+ TODO: check
+CVE-2006-4528 (Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5 ...)
+ TODO: check
+CVE-2006-4527 (includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when ...)
+ TODO: check
+CVE-2006-4526 (SQL injection vulnerability in includes/content/viewCat.inc.php in ...)
+ TODO: check
+CVE-2006-4525 (Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and ...)
+ TODO: check
+CVE-2006-4524 (Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz ...)
+ TODO: check
+CVE-2006-4523 (The web-based management interface in 2Wire, Inc. HomePortal and ...)
+ TODO: check
+CVE-2006-4522 (Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows ...)
+ TODO: check
+CVE-2004-2664 (John Lim ADOdb Library for PHP before 4.23 allows remote attackers to ...)
+ TODO: check
CVE-2006-XXXX [hostapd dos]
- hostapd 1:0.5.4-1
[sarge] - hostapd <not-affected> (Vulnerable code not present)
@@ -27,7 +231,7 @@
RESERVED
CVE-2006-4509
RESERVED
-CVE-2006-4508 (Unspecified vulnerability in Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x ...)
+CVE-2006-4508 (Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and ...)
- tor 0.1.1.23-1
CVE-2006-4507 (Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the ...)
NOT-FOR-US: Sony
@@ -119,9 +323,9 @@
- joomla <itp> (bug #326398)
CVE-2006-4468 (Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related ...)
- joomla <itp> (bug #326398)
-CVE-2006-4467 (Interpretation conflict in Simple Machines Forum (SMF) 1.1RCx before ...)
+CVE-2006-4467 (Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before ...)
NOT-FOR-US: Simple Machines Forum
-CVE-2006-4466 (Interpretation conflict in Joomla! before 1.0.11 does not properly ...)
+CVE-2006-4466 (Joomla! before 1.0.11 does not properly unset variables when the input ...)
- joomla <itp> (bug #326398)
CVE-2006-4465 (** DISPUTED ** ...)
NOT-FOR-US: Microsoft
@@ -135,8 +339,8 @@
NOT-FOR-US: Paessler IPCheck Server Monitor (not related to ipcheck in Debian)
CVE-2006-4460 (Cross-site scripting (XSS) vulnerability in PHP iAddressBook before ...)
NOT-FOR-US: iAddressBook
-CVE-2006-4459
- RESERVED
+CVE-2006-4459 (Integer overflow in AnywhereUSB/5 1.80.00 allows local users to cause ...)
+ TODO: check
CVE-2006-4458 (Directory traversal vulnerability in ...)
- phpgroupware <unfixed> (bug #386061; medium)
CVE-2006-4457 (PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 ...)
@@ -230,7 +434,7 @@
NOT-FOR-US: phpCOIN
CVE-2006-4423 (Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 ...)
NOT-FOR-US: Bigace
-CVE-2006-4422 (PHP remote file inclusion vulnerability in ...)
+CVE-2006-4422 (** DISPUTED ** ...)
NOT-FOR-US: Jetbox CMS
CVE-2006-4421 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: Yet Another PHP Image Gallery
@@ -315,6 +519,7 @@
CVE-2006-4381
RESERVED
CVE-2006-4380 (MySQL before 4.1.13 allows local users to cause a denial of service ...)
+ {DSA-1169}
- mysql-dfsg-5.0 <not-affected> (only 4.1 affected)
- mysql-dfsg <not-affected> (only 4.1 affected)
- mysql-dfsg-4.1 <removed>
@@ -398,8 +603,7 @@
RESERVED
CVE-2006-4340
RESERVED
-CVE-2006-4339 [openssl Signature Forgery vulnerability]
- RESERVED
+CVE-2006-4339 (OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, ...)
- openssl 0.9.8b-3 (medium)
- openssl097 0.9.7i-2 (medium)
- openssl096 <removed>
@@ -414,6 +618,7 @@
CVE-2006-4334
RESERVED
CVE-2006-4333 (The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows ...)
+ {DSA-1171}
- wireshark 0.99.2-5.1 (low; bug #384529)
- ethereal <removed> (low; bug #384528)
CVE-2006-4332 (Unspecified vulnerability in the DHCP dissector in Wireshark (formerly ...)
@@ -579,7 +784,7 @@
NOT-FOR-US: Fotopholder
CVE-2006-4258 (Absolute path traversal vulnerability in the get functionality in ...)
NOT-FOR-US: Anti-Spam SMTP Proxy
-CVE-2006-4257 (Unspecified vulnerability in IBM DB2 Universal Database (UDB) before ...)
+CVE-2006-4257 (IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote ...)
NOT-FOR-US: IBM DB2
CVE-2006-4256 (index.php in Horde Application Framework before 3.1.2 allows remote ...)
- horde3 3.1.3-1 (low; bug #383416)
@@ -608,7 +813,7 @@
RESERVED
CVE-2006-4245
RESERVED
-CVE-2006-4244 (Unspecified vulnerability in unspecified versions of SQL-Ledger allow ...)
+CVE-2006-4244 (Unspecified vulnerability in unspecified versions of SQL-Ledger, ...)
- sql-ledger <unfixed> (medium)
CVE-2006-4243
RESERVED
@@ -645,6 +850,7 @@
CVE-2006-4227 (MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid ...)
- mysql-dfsg-5.0 5.0.24-3 (low; bug #384798)
CVE-2006-4226 (MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when ...)
+ {DSA-1169}
- mysql-dfsg-5.0 5.0.24-3 (low; bug #384798)
[sarge] - mysql-dfsg <not-affected> (Vulnerable code not present)
CVE-2006-4225
@@ -928,13 +1134,11 @@
RESERVED
CVE-2006-4097
RESERVED
-CVE-2006-4096 [bind DoS in Recursive Queries]
- RESERVED
+CVE-2006-4096 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to ...)
- bind <unfixed> (medium)
- bind9 1:9.3.2-P1-1 (medium; bug #386245)
NOTE: there is no info whether bind 8 is affected
-CVE-2006-4095 [bind DoS in SIG Query Processing]
- RESERVED
+CVE-2006-4095 (BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers ...)
- bind <unfixed> (medium)
- bind9 1:9.3.2-P1-1 (medium; bug #386245)
NOTE: there is no info whether bind 8 is affected
@@ -1329,6 +1533,7 @@
CVE-2006-3919 (SQL injection vulnerability in index.php in SD Studio CMS allows ...)
NOT-FOR-US: SD Studio CMS
CVE-2006-3918 (http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 ...)
+ {DSA-1167-1}
- apache2 2.0.55-4.1 (bug #381376; medium)
- apache 1.3.34-3 (bug #381381; medium)
CVE-2006-3917 (PHP remote file inclusion vulnerability in inc/gabarits.php in R. ...)
@@ -1777,11 +1982,13 @@
- linux-2.6 2.6.17-7
- linux-2.6.16 <unfixed>
CVE-2006-3744 (Multiple integer overflows in ImageMagick before 6.2.9 allows ...)
+ {DSA-1168-1}
- imagemagick <unfixed> (bug #385062)
CVE-2006-3743 (Multiple buffer overflows in ImageMagick before 6.2.9 allow ...)
+ {DSA-1168-1}
- imagemagick <unfixed> (bug #385062)
-CVE-2006-3742
- RESERVED
+CVE-2006-3742 (The KDE PAM configuration shipped with Fedora Core 5 causes KDM ...)
+ TODO: check
CVE-2006-3741
RESERVED
CVE-2006-3740
@@ -2013,8 +2220,8 @@
NOT-FOR-US: Microsoft
CVE-2006-3637 (Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle ...)
NOT-FOR-US: Microsoft
-CVE-2006-3636
- RESERVED
+CVE-2006-3636 (Multiple cross-site scripting (XSS) vulnerabilities in Mailman before ...)
+ TODO: check
CVE-2006-3635
RESERVED
CVE-2006-3634 (The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic ...)
@@ -2059,6 +2266,7 @@
CVE-2006-3620 (Cross-site scripting (XSS) vulnerability in the showtopic module in ...)
NOT-FOR-US: Koobi Pro CMS
CVE-2006-3619 (Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC ...)
+ {DSA-1170}
- gcc-4.1 4.1.1-11 (bug #368397; low)
CVE-2006-3618 (SQL injection vulnerability in pblguestbook.php in Pixelated By Lev ...)
NOT-FOR-US: Pixelated By Lev (PBL) Guestbook
@@ -3092,8 +3300,7 @@
NOT-FOR-US: easy-CMS
CVE-2006-3127 (Memory leak in Network Security Services (NSS) 3.11, as used in Sun ...)
- mozilla <not-affected> (SunSolve claims it is only in 3.11; latest released is 3.10)
-CVE-2006-3126 [unspecivied vulnerability in capi4hylafax in mgetty mode]
- RESERVED
+CVE-2006-3126 (c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute ...)
{DSA-1165}
- capi4hylafax 1:01.03.00.99.svn.300-3
CVE-2006-3125 (Array index error in tetrinet.c in gtetrinet 0.7.8 and earlier allows ...)
@@ -3507,8 +3714,8 @@
NOT-FOR-US: WebFORM
CVE-2006-2942 (TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki ...)
- twiki <not-affected> (Debian's version is old and does not include affected file)
-CVE-2006-2941
- RESERVED
+CVE-2006-2941 (Mailman before 2.1.9rc1 allows remote attackers to cause a denial of ...)
+ TODO: check
CVE-2006-2940
RESERVED
CVE-2006-2939
@@ -8850,6 +9057,7 @@
CVE-2005-4724 (SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows ...)
NOT-FOR-US: PhpTagCool
CVE-2006-2440 (Heap-based buffer overflow in the libMagick componet of ImageMagick ...)
+ {DSA-1168-1}
- imagemagick 6:6.2.4.5-0.6 (bug #345595)
CVE-2006-0735 (Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom ...)
NOT-FOR-US: My Blog
@@ -9983,7 +10191,7 @@
- thunderbird 1.5.0.2-1
- xulrunner 1.8.0.1-9
CVE-2006-0296 (The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, ...)
- {DSA-1051-1}
+ {DSA-1051-1 DSA-1044-1}
- firefox 1.5.dfsg+1.5.0.1-1 (bug #351442)
- mozilla 2:1.7.13-0.1
- thunderbird 1.5.0.2-1
@@ -14135,6 +14343,7 @@
- php4 4:4.4.2-1 (bug #339577; medium)
- php5 5.1.1-1 (bug #336654; medium)
CVE-2005-3352 (Cross-site scripting (XSS) vulnerability in the mod_imap module of ...)
+ {DSA-1167-1}
- apache 1.3.34-2 (bug #343466; low)
- apache2 2.0.55-4 (bug #343467; bug #349793; low)
NOTE: Version(s): prior to 1.3.35-dev, 2.0.56-dev are affected
@@ -14548,6 +14757,7 @@
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: Sarge is vulnerable
CVE-2005-3248 (Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and ...)
+ {DSA-1171}
[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.1 to 0.10.12)
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: Sarge is vulnerable
@@ -14556,6 +14766,7 @@
[sarge] - ethereal <not-affected> (This only affects Ethereal 0.10.12)
- ethereal 0.10.13-1 (bug #334880; medium)
CVE-2005-3246 (Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ...)
+ {DSA-1171}
[woody] - ethereal <not-affected> (This only affects Ethereal 0.9.14 to 0.10.12)
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: Sarge is vulnerable
@@ -14564,17 +14775,21 @@
NOTE: This affects Woody and Sarge
TODO: This is disabled by default, if this is a compile-time option change to "unimportant"
CVE-2005-3244 (The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote ...)
+ {DSA-1171}
[woody] - ethereal <not-affected> (This only affects Ethereal 0.10.3 to 0.10.12)
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: Sarge is vulnerable
CVE-2005-3243 (Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow ...)
+ {DSA-1171}
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: The SLIMP3 issue affects Woody/Sarge, the AgentX issue only Sarge
CVE-2005-3242 (Ethereal 0.10.12 and earlier allows remote attackers to cause a denial ...)
+ {DSA-1171}
[woody] - ethereal <not-affected> (This only affects Ethereal 0.9.7 to 0.10.12)
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: Sarge is vulnerable
CVE-2005-3241 (Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote ...)
+ {DSA-1171}
- ethereal 0.10.13-1 (bug #334880; medium)
NOTE: The ISAKMP issue only affects sid, the other three Woody and Sarge
CVE-2005-3240 (Race condition in Microsoft Internet Explorer allows user-assisted ...)
@@ -20476,7 +20691,7 @@
NOT-FOR-US: Microsoft
CVE-2005-1682 (JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does ...)
NOT-FOR-US: Solstice Internet Mail Server
-CVE-2005-1681 (PHP remote code injection vulnerability in common.php in phpATM 1.21, ...)
+CVE-2005-1681 (PHP remote file inclusion vulnerability in common.php in phpATM 1.21, ...)
NOT-FOR-US: phpATM
CVE-2005-1680 (D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when ...)
NOT-FOR-US: D-Link hardware
More information about the Secure-testing-commits
mailing list