[Secure-testing-commits] r5326 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Jan 22 21:14:14 CET 2007 

Author: joeyh
Date: 2007-01-22 21:14:11 +0100 (Mon, 22 Jan 2007)
New Revision: 5326

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-22 19:29:20 UTC (rev 5325)
+++ data/CVE/list	2007-01-22 20:14:11 UTC (rev 5326)
@@ -1,3 +1,73 @@
+CVE-2007-0397 (The Cisco Security Monitoring, Analysis and Response System (CS-MARS) ...)
+	TODO: check
+CVE-2007-0396 (Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in ...)
+	TODO: check
+CVE-2007-0395 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2007-0394 (HP HP-UX B11.11 does not properly verify the status of file ...)
+	TODO: check
+CVE-2007-0393 (Sun Solaris 9 does not properly verify the status of file descriptors ...)
+	TODO: check
+CVE-2007-0392 (IBM AIX 5.3 does not properly verify the status of file descriptors ...)
+	TODO: check
+CVE-2007-0391 (Format string vulnerability in the log creation functionality of ...)
+	TODO: check
+CVE-2007-0390 (Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 ...)
+	TODO: check
+CVE-2007-0389 (Directory traversal vulnerability in ArsDigita Community System (ACS) ...)
+	TODO: check
+CVE-2007-0388 (SQL injection vulnerability in search.php in Woltlab Burning Board ...)
+	TODO: check
+CVE-2007-0387 (SQL injection vulnerability in models/category.php in the Weblinks ...)
+	TODO: check
+CVE-2007-0386 (Unspecified vulnerability in the rating section in PostNuke 0.764 has ...)
+	TODO: check
+CVE-2007-0385 (The faq section in PostNuke 0.764 allows remote attackers to obtain ...)
+	TODO: check
+CVE-2007-0384 (Cross-site scripting (XSS) vulnerability in preview in the reviews ...)
+	TODO: check
+CVE-2007-0383 (** DISPUTED ** ...)
+	TODO: check
+CVE-2007-0382 (Multiple SQL injection vulnerabilities in letterman.class.php in the ...)
+	TODO: check
+CVE-2007-0381 (Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote ...)
+	TODO: check
+CVE-2007-0380 (DocMan 1.3 RC2 allows remote attackers to obtain sensitive information ...)
+	TODO: check
+CVE-2007-0379 (Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows ...)
+	TODO: check
+CVE-2007-0378 (Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow ...)
+	TODO: check
+CVE-2007-0377 (Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote ...)
+	TODO: check
+CVE-2007-0376 (Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows ...)
+	TODO: check
+CVE-2007-0375 (Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive ...)
+	TODO: check
+CVE-2007-0374 (SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and ...)
+	TODO: check
+CVE-2007-0373 (Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow ...)
+	TODO: check
+CVE-2007-0372 (Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 ...)
+	TODO: check
+CVE-2007-0371 (A certain ActiveX control in the Common Controls Replacement Project ...)
+	TODO: check
+CVE-2007-0370 (Unrestricted file upload vulnerability in index.php in phpBP RC3 ...)
+	TODO: check
+CVE-2007-0369 (SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows ...)
+	TODO: check
+CVE-2007-0368 (Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local ...)
+	TODO: check
+CVE-2007-0367 (Rumpus 5.1 and earlier has weak permissions for certain files and ...)
+	TODO: check
+CVE-2007-0366 (Untrusted search path vulnerability in Rumpus 5.1 and earlier allows ...)
+	TODO: check
+CVE-2007-0365 (Multiple cross-site scripting (XSS) vulnerabilities in All In One ...)
+	TODO: check
+CVE-2007-0364 (Multiple cross-site scripting (XSS) vulnerabilities in nicecoder.com ...)
+	TODO: check
+CVE-2006-6945 (SQL injection vulnerability in Virtuemart 1.0.7 allows remote ...)
+	TODO: check
 CVE-2007-XXXX [libjabber DoS]
 	- centericq 4.21.0-18 (bug #406982)
 CVE-2007-XXXX [python-django several issues]
@@ -146,7 +216,7 @@
 	TODO: check
 CVE-2006-6944 (phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny ...)
 	- phpmyadmin 4:2.9.1.1-2 (medium)
-CVE-2006-6943 (hpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...)
+CVE-2006-6943 (PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full ...)
 	- phpmyadmin 4:2.9.1.1-2 (medium)
 	NOTE: Fixed name in CVE.
 CVE-2006-6942 (Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin ...)
@@ -814,7 +884,7 @@
 	TODO: check
 CVE-2006-6884 (Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka ...)
 	TODO: check
-CVE-2006-6883 (** DISPUTED ** PHP remote file inclusion vulnerability in php4you.php ...)
+CVE-2006-6883 (** DISPUTED ** ...)
 	TODO: check
 CVE-2006-6882 (Cross-site scripting (XSS) vulnerability in golden book allows remote ...)
 	TODO: check
@@ -948,8 +1018,8 @@
 	RESERVED
 CVE-2007-0020
 	RESERVED
-CVE-2007-0019
-	RESERVED
+CVE-2007-0019 (Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and ...)
+	TODO: check
 CVE-2007-0018
 	RESERVED
 CVE-2007-0017 (Multiple format string vulnerabilities in (1) the cdio_log_handler ...)

More information about the Secure-testing-commits mailing list