Author: joeyh
Date: 2006-05-02 09:14:20 +0000 (Tue, 02 May 2006)
New Revision: 3905
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-05-01 09:14:25 UTC (rev 3904)
+++ data/CVE/list 2006-05-02 09:14:20 UTC (rev 3905)
@@ -1,3 +1,133 @@
+CVE-2006-2133 (SQL injection vulnerability in index.php in BoonEx Barracuda
1.1 and ...)
+ TODO: check
+CVE-2006-2132 (SQL injection vulnerability in detail.asp in DUclassified
allows ...)
+ TODO: check
+CVE-2006-2131 (include/class_poll.php in Advanced Poll 2.0.4 uses the ...)
+ TODO: check
+CVE-2006-2130 (SQL injection vulnerability in include/class_poll.php in
Advanced Poll ...)
+ TODO: check
+CVE-2006-2129 (Direct static code injection vulnerability in Pro Publish 2.0
allows ...)
+ TODO: check
+CVE-2006-2128 (Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow
remote ...)
+ TODO: check
+CVE-2006-2127 (SQL injection vulnerability in weblog_posting.php in Blog Mod
0.2.x ...)
+ TODO: check
+CVE-2006-2126 (SQL injection vulnerability in pocategories.php in MaxTrade
1.0.1 and ...)
+ TODO: check
+CVE-2006-2125 (Unspecified vulnerability in xterm in HP-UX B.11.00, B.11.11,
and ...)
+ TODO: check
+CVE-2006-2124 (Multiple cross-site scripting (XSS) vulnerabilities in SunShop
3.5 and ...)
+ TODO: check
+CVE-2006-2123 (Multiple SQL injection vulnerabilities in the report interface
in ...)
+ TODO: check
+CVE-2006-2122 (PHP remote file inclusion vulnerability in index.php in
CoolMenus allows ...)
+ TODO: check
+CVE-2006-2121 (PHP remote file include vulnerability in
admin/config_settings.tpl.php ...)
+ TODO: check
+CVE-2006-2120 (The TIFFToRGB function in libtiff before 3.8.1 allows remote
attackers ...)
+ TODO: check
+CVE-2006-2119 (PHP remote file inclusion vulnerability in event/index.php in
Artmedic ...)
+ TODO: check
+CVE-2006-2118 (JMK's Picture Gallery allows remote attackers to bypass
authentication ...)
+ TODO: check
+CVE-2006-2117 (Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows
remote ...)
+ TODO: check
+CVE-2006-2116 (planetGallery allows remote attackers to gain administrator
privileges ...)
+ TODO: check
+CVE-2006-2115 (Format string vulnerability in SWS web Server 0.1.7 allows
remote ...)
+ TODO: check
+CVE-2006-2114 (Buffer overflow in SWS web Server 0.1.7 allows remote attackers
to ...)
+ TODO: check
+CVE-2006-2113
+ RESERVED
+CVE-2006-2112
+ RESERVED
+CVE-2006-2111 (Microsoft Internet Explorer 6.0 on Windows XP SP2, and possibly
other ...)
+ TODO: check
+CVE-2006-2110 (Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and
2.1.x ...)
+ TODO: check
+CVE-2006-2109
+ RESERVED
+CVE-2006-2108 (parser.exe in Océ (OCE) 3121/3122 Printer allows remote
attackers to ...)
+ TODO: check
+CVE-2006-2107 (Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows
remote ...)
+ TODO: check
+CVE-2006-2106 (Cross-site scripting (XSS) vulnerability in Edgewall Software
Trac ...)
+ TODO: check
+CVE-2006-2105 (Directory traversal vulnerability in index.php in Jupiter CMS
1.1.4 ...)
+ TODO: check
+CVE-2006-2104 (Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing
Email ...)
+ TODO: check
+CVE-2006-2103 (SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1
allows ...)
+ TODO: check
+CVE-2006-2102 (Directory traversal vulnerability in PowerISO 2.9 allows remote
...)
+ TODO: check
+CVE-2006-2101 (Directory traversal vulnerability in WinISO 5.3 allows remote
...)
+ TODO: check
+CVE-2006-2100 (Directory traversal vulnerability in Magic ISO 5.0 Build 0166
allows ...)
+ TODO: check
+CVE-2006-2099 (Directory traversal vulnerability in UltraISO 8.0.0.1392 allows
remote ...)
+ TODO: check
+CVE-2006-2098 (PHP remote file inclusion vulnerability in Thumbnail AutoIndex
before ...)
+ TODO: check
+CVE-2006-2097 (SQL injection vulnerability in func_msg.php in Invision Power
Board ...)
+ TODO: check
+CVE-2006-2096 (plug.php in Land Down Under (LDU) 802 and earlier allows remote
...)
+ TODO: check
+CVE-2006-2095 (Phex before 2.8.6 allows remote attackers to cause a denial of
service ...)
+ TODO: check
+CVE-2006-2094 (Microsoft Internet Explorer before Windows XP Service Pack 2
and ...)
+ TODO: check
+CVE-2006-2093 (Nessus before 2.2.8, and 3.x before 3.0.3, allows
user-complicit ...)
+ TODO: check
+CVE-2006-2092 (Unspecified vulnerability in HP StorageWorks Secure Path for
Windows ...)
+ TODO: check
+CVE-2006-2091 (admin.php in Virtual War (VWar) 1.5 and versions before 1.2
allows ...)
+ TODO: check
+CVE-2006-2090 (Multiple SQL injection vulnerabilities in misc.php in MySmartBB
1.1.x ...)
+ TODO: check
+CVE-2006-2089 (Multiple cross-site scripting (XSS) vulnerabilities in misc.php
in ...)
+ TODO: check
+CVE-2006-2088 (Multiple cross-site scripting (XSS) vulnerabilities in Devsyn
Open ...)
+ TODO: check
+CVE-2006-2087 (The Gmax Mail client in Hitachi Groupmax before 20060426 allows
remote ...)
+ TODO: check
+CVE-2006-2086 (Buffer overflow in JuniperSetupDLL.dll, loaded from
JuniperSetup.ocx ...)
+ TODO: check
+CVE-2006-2085 (Multiple buffer overflows in (1) CxAce60.dll and (2)
CxAce60u.dll in ...)
+ TODO: check
+CVE-2006-2084 (Multiple cross-site scripting (XSS) vulnerabilities in
FarsiNews 2.5.3 ...)
+ TODO: check
+CVE-2006-2083 (Integer overflow in the receive_xattr function in the extended
...)
+ TODO: check
+CVE-2006-2082
+ RESERVED
+CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to
execute ...)
+ TODO: check
+CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in
Verosky ...)
+ TODO: check
+CVE-2006-2079 (Cross-site scripting (XSS) vulnerability in portfolio.php in
Verosky ...)
+ TODO: check
+CVE-2006-2078 (Multiple unspecified vulnerabilities in multiple FITELnet
products, ...)
+ TODO: check
+CVE-2006-2077 (Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown
impact ...)
+ TODO: check
+CVE-2006-2076 (Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote
...)
+ TODO: check
+CVE-2006-2075 (Unspecified vulnerability in MyDNS 1.1.0 allows remote
attackers to ...)
+ TODO: check
+CVE-2006-2074 (Unspecified vulnerability in Juniper Networks JUNOSe E-series
routers ...)
+ TODO: check
+CVE-2006-2073 (Unspecified vulnerability in ISC BIND allows remote attackers
to cause ...)
+ TODO: check
+CVE-2006-2072 (Multiple unspecified vulnerabilities in DeleGate 9.x before
9.0.6 and ...)
+ TODO: check
+CVE-2005-4793 (Multiple unspecified vulnerabilities in the web utility
function in ...)
+ TODO: check
+CVE-2005-4792 (SQL injection vulnerability in index.php in Appalachian State
...)
+ TODO: check
+CVE-2004-2659 (Opera offers an Open button to verify that a user wishes to
execute a ...)
+ TODO: check
CVE-2006-2071 (Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to
bypass ...)
TODO: check
CVE-2006-2070 (Cross-site scripting (XSS) vulnerability in member.php in DevBB
1.0.0 ...)
@@ -175,8 +305,7 @@
CVE-2006-1990 (Integer overflow in the wordwrap function in string.c in PHP
4.4.2 and ...)
- php4 <unfixed> (bug #365311; medium)
- php5 <unfixed> (bug #365312; medium)
-CVE-2006-1989 [freshclam: lack of proper check for the size of header data]
- RESERVED
+CVE-2006-1989 (Buffer overflow in the get_database function in the HTTP client
in ...)
- clamav 0.88.2-1
CVE-2006-1988 (The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry:
function ...)
NOT-FOR-US: Apple Safari
@@ -11718,10 +11847,10 @@
CVE-2005-2317 (Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x
before ...)
{DSA-849-1}
- shorewall 2.4.1-2 (bug #318946; medium)
-CVE-2005-2316
- RESERVED
-CVE-2005-2315
- RESERVED
+CVE-2005-2316 (Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote
attackers ...)
+ TODO: check
+CVE-2005-2315 (Buffer overflow in Domain Name Relay Daemon (DNRD) before
2.19.1 ...)
+ TODO: check
CVE-2005-2314 (inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote
attackers to ...)
NOT-FOR-US: PHPsFTPd
CVE-2005-2313 (Check Point SecuRemote NG with Application Intelligence R54
allows ...)
@@ -20623,12 +20752,12 @@
NOTE: These are known issues of IPSEC and basically every VPN system
using
NOTE: encryption without authentication.
NOTE: openswan even prevents such configurations
-CVE-2005-0038
- RESERVED
-CVE-2005-0037
- RESERVED
-CVE-2005-0036
- RESERVED
+CVE-2005-0038 (The DNS implementation of PowerDNS 2.9.16 and earlier allows
remote ...)
+ TODO: check
+CVE-2005-0037 (The DNS implementation of DNRD before 2.10 allows remote
attackers to ...)
+ TODO: check
+CVE-2005-0036 (The DNS implementation in DeleGate 8.10.2 and earlier allows
remote ...)
+ TODO: check
CVE-2005-0035 (The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0
and ...)
NOT-FOR-US: Adobe
CVE-2005-0034 (An "incorrect assumption" in the authvalidated
validator function in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
