[Secure-testing-commits] r3790 - data/CVE

Joey Hess Wed, 12 Apr 2006 14:15:06 -0700

Author: joeyh
Date: 2006-04-12 21:14:27 +0000 (Wed, 12 Apr 2006)
New Revision: 3790


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2006-04-12 20:10:22 UTC (rev 3789)
+++ data/CVE/list       2006-04-12 21:14:27 UTC (rev 3790)
@@ -1,3 +1,71 @@
+CVE-2006-1709 (Cross-site scripting (XSS) vulnerability in shop_main.cgi in 
...)
+       TODO: check
+CVE-2006-1708 (SQL injection vulnerability in member.php in Clansys 1.1 allows 
remote ...)
+       TODO: check
+CVE-2006-1707 (index.php in Shopweezle 2.0 allows remote attackers to include 
...)
+       TODO: check
+CVE-2006-1706 (Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow 
remote ...)
+       TODO: check
+CVE-2006-1705 (Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with 
&quot;SELECT&quot; ...)
+       TODO: check
+CVE-2006-1704 (Sire 2.0 nws allows remote attackers to upload arbitrary image 
files ...)
+       TODO: check
+CVE-2006-1703 (PHP remote file inclusion vulnerability in lire.php in Sire 2.0 
nws ...)
+       TODO: check
+CVE-2006-1702 (PHP remote file inclusion vulnerability in spip_login.php3 in 
SPIP ...)
+       TODO: check
+CVE-2006-1701 (Cross-site scripting (XSS) vulnerability in the Pages module in 
...)
+       TODO: check
+CVE-2006-1700 (Buy.php in Aweb Scripts Seller uses predictable cookies for ...)
+       TODO: check
+CVE-2006-1699 (Cross-site scripting (XSS) vulnerability in index.php in Aweb 
Banner ...)
+       TODO: check
+CVE-2006-1698 (Cross-site scripting (XSS) vulnerability in Matt Wright 
Guestbook ...)
+       TODO: check
+CVE-2006-1697 (Cross-site scripting (XSS) vulnerability in Matt Wright 
Guestbook ...)
+       TODO: check
+CVE-2006-1696 (Cross-site scripting (XSS) vulnerability in Gallery before 
1.5.3 ...)
+       TODO: check
+CVE-2006-1695 (The fbgs script in the fbi package 2.01-1.4, when the TMPDIR 
...)
+       TODO: check
+CVE-2006-1694 (SQL injection vulnerability in members.php in XBrite Members 
1.1 and ...)
+       TODO: check
+CVE-2006-1693 (Unspecified vulnerability in GlobalSCAPE Secure FTP Server 
before ...)
+       TODO: check
+CVE-2006-1692 (Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b 
allow ...)
+       TODO: check
+CVE-2006-1691 (SQL injection vulnerability in MWNewsletter 1.0.0b allows 
remote ...)
+       TODO: check
+CVE-2006-1690 (Cross-site scripting (XSS) vulnerability in subscribe.php in 
...)
+       TODO: check
+CVE-2006-1689 (Unspecified vulnerability in su in HP HP-UX B.11.11, when using 
the ...)
+       TODO: check
+CVE-2006-1688 (Multiple PHP remote file inclusion vulnerabilities in SQuery 
4.5 and ...)
+       TODO: check
+CVE-2006-1687 (Cross-site scripting (XSS) vulnerability in APT-webshop-system 
4.0 ...)
+       TODO: check
+CVE-2006-1686 (Unspecified vulnerability in modules.php in APT-webshop-system 
4.0 ...)
+       TODO: check
+CVE-2006-1685 (Multiple SQL injection vulnerabilities in modules.php in ...)
+       TODO: check
+CVE-2006-1684 (Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and 
earlier ...)
+       TODO: check
+CVE-2006-1683 (SQL injection vulnerability in admin/login.php in Chipmunk 
Guestbook ...)
+       TODO: check
+CVE-2006-1682 (Cross-site scripting (XSS) vulnerability in webplus.exe in 
TalentSoft ...)
+       TODO: check
+CVE-2006-1681 (Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 
and ...)
+       TODO: check
+CVE-2006-1680 (Jupiter CMS 1.1.5, when display_errors is enabled, allows 
remote ...)
+       TODO: check
+CVE-2006-1679 (Cross-site scripting (XSS) vulnerability in modules/online.php 
Jupiter ...)
+       TODO: check
+CVE-2006-1678 (Multiple cross-site scripting (XSS) vulnerabilities in 
phpMyAdmin ...)
+       TODO: check
+CVE-2006-1677 (MAXdev MD-Pro 1.0.73 and 1.0.72 allows remote attackers to 
obtain the ...)
+       TODO: check
+CVE-2006-1676 (SQL injection vulnerability in the display function in the 
Topics ...)
+       TODO: check
 CVE-2006-XXXX [Insecure temp files in fbgs]
        - fbi <unfixed> (bug #361370)
 CVE-2006-XXXX [Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service]
@@ -284,8 +352,7 @@
        NOT-FOR-US: Apple 
 CVE-2006-1551
        RESERVED
-CVE-2006-1549 [function *() php/apache Crash]
-       RESERVED
+CVE-2006-1549 (PHP 4.4.2 and 5.1.2 allows local users to cause a crash 
(segmentation ...)
        - php4 <unfixed> (bug #361854)
        - php5 <unfixed> (bug #361917)
 CVE-2005-4767 (BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, 
and 7.0 ...)
@@ -1412,8 +1479,8 @@
        - curl 7.15.3-1 
        [woody] - curl <not-affected> (Vulnerable code not present)
        [sarge] - curl <not-affected> (Vulnerable code not present)
-CVE-2006-1060
-       RESERVED
+CVE-2006-1060 (Heap-based buffer overflow in xzgv allows user-complicit 
attackers to ...)
+       TODO: check
 CVE-2006-1059 (The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the 
machine ...)
        - samba 3.0.22-1
        [woody] - samba <not-affected>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3790 - data/CVE

Reply via email to