date:20060502

[Secure-testing-commits] r3905 - data/CVE

2006-05-02 Thread Joey Hess

Author: joeyh
Date: 2006-05-02 09:14:20 + (Tue, 02 May 2006)
New Revision: 3905

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===
--- data/CVE/list   2006-05-01 09:14:25 UTC (rev 3904)
+++ data/CVE/list   2006-05-02 09:14:20 UTC (rev 3905)
@@ -1,3 +1,133 @@
+CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 
1.1 and ...)
+   TODO: check
+CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified 
allows ...)
+   TODO: check
+CVE-2006-2131 (include/class_poll.php in Advanced Poll 2.0.4 uses the ...)
+   TODO: check
+CVE-2006-2130 (SQL injection vulnerability in include/class_poll.php in 
Advanced Poll ...)
+   TODO: check
+CVE-2006-2129 (Direct static code injection vulnerability in Pro Publish 2.0 
allows ...)
+   TODO: check
+CVE-2006-2128 (Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow 
remote ...)
+   TODO: check
+CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod 
0.2.x ...)
+   TODO: check
+CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade 
1.0.1 and ...)
+   TODO: check
+CVE-2006-2125 (Unspecified vulnerability in xterm in HP-UX B.11.00, B.11.11, 
and ...)
+   TODO: check
+CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop 
3.5 and ...)
+   TODO: check
+CVE-2006-2123 (Multiple SQL injection vulnerabilities in the report interface 
in ...)
+   TODO: check
+CVE-2006-2122 (PHP remote file inclusion vulnerability in index.php in 
CoolMenus allows ...)
+   TODO: check
+CVE-2006-2121 (PHP remote file include vulnerability in 
admin/config_settings.tpl.php ...)
+   TODO: check
+CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote 
attackers ...)
+   TODO: check
+CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in 
Artmedic ...)
+   TODO: check
+CVE-2006-2118 (JMK's Picture Gallery allows remote attackers to bypass 
authentication ...)
+   TODO: check
+CVE-2006-2117 (Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows 
remote ...)
+   TODO: check
+CVE-2006-2116 (planetGallery allows remote attackers to gain administrator 
privileges ...)
+   TODO: check
+CVE-2006-2115 (Format string vulnerability in SWS web Server 0.1.7 allows 
remote ...)
+   TODO: check
+CVE-2006-2114 (Buffer overflow in SWS web Server 0.1.7 allows remote attackers 
to ...)
+   TODO: check
+CVE-2006-2113
+   RESERVED
+CVE-2006-2112
+   RESERVED
+CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly 
other ...)
+   TODO: check
+CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 
2.1.x ...)
+   TODO: check
+CVE-2006-2109
+   RESERVED
+CVE-2006-2108 (parser.exe in Oc#233; (OCE) 3121/3122 Printer allows remote 
attackers to ...)
+   TODO: check
+CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows 
remote ...)
+   TODO: check
+CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software 
Trac ...)
+   TODO: check
+CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS 
1.1.4 ...)
+   TODO: check
+CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing 
Email ...)
+   TODO: check
+CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 
allows ...)
+   TODO: check
+CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote 
...)
+   TODO: check
+CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote 
...)
+   TODO: check
+CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166 
allows ...)
+   TODO: check
+CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows 
remote ...)
+   TODO: check
+CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex 
before ...)
+   TODO: check
+CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power 
Board ...)
+   TODO: check
+CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote 
...)
+   TODO: check
+CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of 
service ...)
+   TODO: check
+CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2 
and ...)
+   TODO: check
+CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows 
user-complicit ...)
+   TODO: check
+CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for 
Windows ...)
+   TODO: check
+CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2 
allows ...)
+   TODO: check
+CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB 
1.1.x ...)
+   TODO: check
+CVE-2006-2089 (Multiple

[Secure-testing-commits] r3906 - in data: . CVE

2006-05-02 Thread Micah Anderson

Author: micah
Date: 2006-05-02 16:52:58 + (Tue, 02 May 2006)
New Revision: 3906

Modified:
   data/CVE/list
   data/ID_pending
Log:
CGIIRC vulnerability, CVE requested


Modified: data/CVE/list
===
--- data/CVE/list   2006-05-02 09:14:20 UTC (rev 3905)
+++ data/CVE/list   2006-05-02 16:52:58 UTC (rev 3906)
@@ -1,3 +1,6 @@
+CVE-2006- [librsvg2 crash on certain svg files]
+- cgiirc unfixed (bug #365680; medium)
+[sarge] - cgiirc unfixed (bug #365680; medium)
 CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 
1.1 and ...)
TODO: check
 CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified 
allows ...)

Modified: data/ID_pending
===
--- data/ID_pending 2006-05-02 09:14:20 UTC (rev 3905)
+++ data/ID_pending 2006-05-02 16:52:58 UTC (rev 3906)
@@ -1,3 +1,7 @@
+CVE-2006- [librsvg2 crash on certain svg files]
+- cgiirc unfixed (bug #365680; medium)
+[sarge] - cgiirc unfixed (bug #365680; medium)
+   NOTE: Requested by Micah May 2, 2006
 CVE-2006- [imagemagick: array index overflow in DisplayImageCommand]
- imagemagick 6:6.2.4.5-0.6 (bug #345595)
NOTE: Requested by Micah March 26, 2006


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] Processing r3907 failed

2006-05-02 Thread secure-testing

The error message was:

error: unknown package note 'phpldapadmin dropped'

make: *** [all] Error 1

___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3912 - in data: . CVE

2006-05-02 Thread Micah Anderson

Author: micah
Date: 2006-05-02 21:24:19 + (Tue, 02 May 2006)
New Revision: 3912

Modified:
   data/CVE/list
   data/ID_pending
Log:
CVE-2006-2148 obtained for cgiirc


Modified: data/CVE/list
===
--- data/CVE/list   2006-05-02 21:14:25 UTC (rev 3911)
+++ data/CVE/list   2006-05-02 21:24:19 UTC (rev 3912)
@@ -1,4 +1,4 @@
-CVE-2006- [librsvg2 crash on certain svg files]
+CVE-2006-2148 [librsvg2 crash on certain svg files]
- cgiirc unfixed (bug #365680; medium)
[sarge] - cgiirc unfixed (bug #365680; medium)
 CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda 
1.1 and ...)

Modified: data/ID_pending
===
--- data/ID_pending 2006-05-02 21:14:25 UTC (rev 3911)
+++ data/ID_pending 2006-05-02 21:24:19 UTC (rev 3912)
@@ -1,7 +1,3 @@
-CVE-2006- [librsvg2 crash on certain svg files]
-- cgiirc unfixed (bug #365680; medium)
-[sarge] - cgiirc unfixed (bug #365680; medium)
-   NOTE: Requested by Micah May 2, 2006
 CVE-2006- [imagemagick: array index overflow in DisplayImageCommand]
- imagemagick 6:6.2.4.5-0.6 (bug #345595)
NOTE: Requested by Micah March 26, 2006


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3913 - data/CVE

2006-05-02 Thread Stefan Fritsch

Author: stef-guest
Date: 2006-05-02 21:50:23 + (Tue, 02 May 2006)
New Revision: 3913

Modified:
   data/CVE/list
Log:
unalz fixed

Modified: data/CVE/list
===
--- data/CVE/list   2006-05-02 21:24:19 UTC (rev 3912)
+++ data/CVE/list   2006-05-02 21:50:23 UTC (rev 3913)
@@ -2795,7 +2795,7 @@
 CVE-2006-0951 (The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges 
when the ...)
NOT-FOR-US: NOD32
 CVE-2006-0950 (unalz 0.53 allows user-complicit attackers to overwrite 
arbitrary ...)
-   - unalz unfixed (bug #356832; medium)
+   - unalz 0.55-1 (bug #356832; medium)
 CVE-2006-0949 (RaidenHTTPD 1.1.47 allows remote attackers to obtain source 
code of ...)
NOT-FOR-US: RaidenHTTPD
 CVE-2006-0948


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r3905 - data/CVE

[Secure-testing-commits] r3906 - in data: . CVE

[Secure-testing-commits] Processing r3907 failed

[Secure-testing-commits] r3912 - in data: . CVE

[Secure-testing-commits] r3913 - data/CVE

5 matches

Site Navigation

Mail list logo

Footer information