Author: joeyh Date: 2006-12-27 21:14:30 +0100 (Wed, 27 Dec 2006) New Revision: 5185 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-12-27 19:31:25 UTC (rev 5184) +++ data/CVE/list 2006-12-27 20:14:30 UTC (rev 5185) @@ -1,3 +1,151 @@ +CVE-2006-6768 (Multiple cross-site scripting (XSS) vulnerabilities in default.asp in ...) + TODO: check +CVE-2006-6767 + RESERVED +CVE-2006-6766 (Multiple SQL injection vulnerabilities in cwmExplorer 1.1.0 and ...) + TODO: check +CVE-2006-6765 (Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php ...) + TODO: check +CVE-2006-6764 (PHP remote file inclusion vulnerability in authenticate.php in Keep It ...) + TODO: check +CVE-2006-6763 (Multiple PHP remote file inclusion vulnerabilities in the Keep It ...) + TODO: check +CVE-2006-6762 (The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows ...) + TODO: check +CVE-2006-6761 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell ...) + TODO: check +CVE-2006-6760 (Multiple PHP remote file inclusion vulnerabilities in template.php in ...) + TODO: check +CVE-2006-6759 (A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer ...) + TODO: check +CVE-2006-6758 (Directory traversal vulnerability in Http explorer 1.02 allows remote ...) + TODO: check +CVE-2006-6757 (Directory traversal vulnerability in index.php in cwmExplorer 1.0 ...) + TODO: check +CVE-2006-6756 (The code function in install.fct.php in Ixprim 1.2 produces a ...) + TODO: check +CVE-2006-6755 (Ixprim 1.2 allows remote attackers to obtain sensitive information via ...) + TODO: check +CVE-2006-6754 (Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote ...) + TODO: check +CVE-2006-6753 (Event Viewer (eventvwr.exe) in Microsoft Windows does not properly ...) + TODO: check +CVE-2006-6752 (Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain ...) + TODO: check +CVE-2006-6751 (Format string vulnerability in XM Easy Personal FTP Server 5.2.1 ...) + TODO: check +CVE-2006-6750 (Format string vulnerability in XM Easy Personal FTP Server 5.0.1 ...) + TODO: check +CVE-2006-6749 (Buffer overflow in the parse_expression function in parse_config in ...) + TODO: check +CVE-2006-6748 (PHP remote file inclusion vulnerability in i-accueil.php in Newxooper ...) + TODO: check +CVE-2006-6747 (SQL injection vulnerability in show_news.php in Xt-News 0.1 allows ...) + TODO: check +CVE-2006-6746 (Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 ...) + TODO: check +CVE-2006-6745 (Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) ...) + TODO: check +CVE-2006-6744 (phpProfiles before 2.1.1 does not have an index.php or other index ...) + TODO: check +CVE-2006-6743 (phpProfiles before 2.1.1 uses world writable permissions for certain ...) + TODO: check +CVE-2006-6742 (Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP ...) + TODO: check +CVE-2006-6741 (Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal ...) + TODO: check +CVE-2006-6740 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles ...) + TODO: check +CVE-2006-6739 (PHP remote file inclusion vulnerability in buycd.php in Paristemi ...) + TODO: check +CVE-2006-6738 (PHP remote file inclusion vulnerability in statistic.php in cwmCounter ...) + TODO: check +CVE-2006-6737 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java ...) + TODO: check +CVE-2006-6736 (Unspecified vulnerability in Sun Java Development Kit (JDK) and Java ...) + TODO: check +CVE-2006-6735 (modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web ...) + TODO: check +CVE-2006-6734 (Cross-site scripting (XSS) vulnerability in modules/viewcategory.php ...) + TODO: check +CVE-2006-6733 (Cross-site scripting (XSS) vulnerability in support/view.php in ...) + TODO: check +CVE-2006-6732 (PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 ...) + TODO: check +CVE-2006-6731 (Multiple buffer overflows in Sun Java Development Kit (JDK) and Java ...) + TODO: check +CVE-2006-6730 (OpenBSD and NetBSD permit usermode code to kill the display server and ...) + TODO: check +CVE-2006-6729 (Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier ...) + TODO: check +CVE-2006-6728 (Unspecified vulnerability in the info request mechanism in LAN ...) + TODO: check +CVE-2006-6727 (PHP remote file inclusion vulnerability in inertianews_class.php in ...) + TODO: check +CVE-2006-6726 (PHP remote file inclusion vulnerability in inertianews_main.php in ...) + TODO: check +CVE-2006-6725 (Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and ...) + TODO: check +CVE-2006-6724 (BolinTech Dream FTP Server 1.02 allows remote authenticated users, ...) + TODO: check +CVE-2006-6723 (The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows ...) + TODO: check +CVE-2006-6722 (Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers ...) + TODO: check +CVE-2006-6721 (Cross-site scripting (XSS) vulnerability in shout.php in Knusperleicht ...) + TODO: check +CVE-2006-6720 (PHP remote file inclusion vulnerability in admin/index_sitios.php in ...) + TODO: check +CVE-2006-6719 (The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) ...) + TODO: check +CVE-2006-6718 (The Allied Telesis AT-9000/24 Ethernet switch has a default password ...) + TODO: check +CVE-2006-6717 (The Allied Telesis AT-9000/24 Ethernet switch accepts management ...) + TODO: check +CVE-2006-6716 (SQL injection vulnerability in administration/administre2.php in Eric ...) + TODO: check +CVE-2006-6715 (PHP remote file inclusion vulnerability in footer.inc.php in PowerClan ...) + TODO: check +CVE-2006-6714 (Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before ...) + TODO: check +CVE-2006-6713 (Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before ...) + TODO: check +CVE-2006-6712 (Cross-site scripting (XSS) vulnerability in SugarCRM Open Source ...) + TODO: check +CVE-2006-6711 (PHP remote file inclusion vulnerability in compteur/mapage.php in ...) + TODO: check +CVE-2006-6710 (Multiple PHP remote file inclusion vulnerabilities in PgmReloaded ...) + TODO: check +CVE-2006-6709 (Multiple SQL injection vulnerabilities in MGinternet Property Site ...) + TODO: check +CVE-2006-6708 (Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet ...) + TODO: check +CVE-2006-6707 (Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ...) + TODO: check +CVE-2006-6706 (SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 ...) + TODO: check +CVE-2006-6705 (Multiple unspecified vulnerabilities in the template files in Soumu ...) + TODO: check +CVE-2006-6704 (Cross-site scripting (XSS) vulnerability in the Webadmin in @Mail ...) + TODO: check +CVE-2006-6703 (Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal ...) + TODO: check +CVE-2006-6702 (Cross-site scripting (XSS) vulnerability in Global.pm in @Mail before ...) + TODO: check +CVE-2006-6701 (Cross-site request forgery (CSRF) vulnerability in @Mail WebMail ...) + TODO: check +CVE-2006-6700 (Cross-site scripting (XSS) vulnerability in @Mail WebMail allows ...) + TODO: check +CVE-2006-6699 (Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and ...) + TODO: check +CVE-2006-6698 (The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files ...) + TODO: check +CVE-2005-4816 (Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote ...) + TODO: check +CVE-2003-1314 (PHP remote file inclusion vulnerability in admin/auth.php in ...) + TODO: check +CVE-2003-1313 (Multiple PHP remote file inclusion vulnerabilities in EternalMart ...) + TODO: check CVE-2006-XXXX [openser permissions module buffer overflow] - openser 1.1.0-8 (medium; bug #404591) NOTE: OpenPKG-SA-2006.042 @@ -50,7 +198,7 @@ - netrik 1.15.3-1.1 (medium; bug #404233) CVE-2006-6677 (ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a ...) NOT-FOR-US: ESET NOD32 Antivirus -CVE-2006-6676 (Integer overflow in ESET NOD32 Antivirus before 1.1743 allows remote ...) +CVE-2006-6676 (Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 ...) NOT-FOR-US: ESET NOD32 Antivirus CVE-2006-6675 (Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support ...) NOT-FOR-US: Novell @@ -383,7 +531,7 @@ NOT-FOR-US: AppIntellect SpotLight CRM CVE-2006-6542 (SQL injection vulnerability in news.php in Fantastic News 2.1.4 and ...) NOT-FOR-US: Fantastic News -CVE-2006-6541 (PHP remote file inclusion vulnerability in signer/final.php in ...) +CVE-2006-6541 (** DISPUTED ** ...) NOT-FOR-US: Animated Smiley Generator CVE-2006-6540 (SQL injection vulnerability in bt-trackback.php in Bluetrait before ...) NOT-FOR-US: Bluetrait @@ -692,10 +840,10 @@ NOT-FOR-US: Xerox WorkCentre and WorkCentre Pro CVE-2006-6426 (PHP remote file inclusion vulnerability in design/thinkedit/render.php ...) NOT-FOR-US: ThinkEdit -CVE-2006-6425 - RESERVED -CVE-2006-6424 - RESERVED +CVE-2006-6425 (Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell ...) + TODO: check +CVE-2006-6424 (Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow ...) + TODO: check CVE-2006-6423 (Stack-based buffer overflow in the IMAP service for MailEnable ...) NOT-FOR-US: MailEnable CVE-2006-6422 (Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle ...) @@ -2393,7 +2541,7 @@ NOT-FOR-US: Simple Website Software CVE-2006-5635 (SQL injection vulnerability in forum/search.asp in Web Wiz Forums ...) NOT-FOR-US: Web Wiz Forums -CVE-2006-5634 (Multile PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...) +CVE-2006-5634 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 ...) NOT-FOR-US: phpProfiles CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers ...) - firefox <removed> (unimportant) @@ -5592,7 +5740,7 @@ NOT-FOR-US: ASPPlayground.NET Forum Advanced Edition CVE-2006-4205 (Multiple PHP remote file inclusion vulnerabilities in WebDynamite ...) NOT-FOR-US: WebDynamite ProjectButler -CVE-2006-4204 (Multile PHP remote file inclusion vulnerabilities in PHProjekt 5.1 and ...) +CVE-2006-4204 (Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 ...) NOT-FOR-US: PHProjekt CVE-2006-4203 (PHP remote file inclusion vulnerability in help.mmp.php in the MMP ...) NOT-FOR-US: MMP Component (com_mmp) for Mambo