Author: stef-guest Date: 2006-11-08 20:46:48 +0100 (Wed, 08 Nov 2006) New Revision: 4936 Modified: data/CVE/list Log: some NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-11-08 19:20:43 UTC (rev 4935) +++ data/CVE/list 2006-11-08 19:46:48 UTC (rev 4936) @@ -3,73 +3,73 @@ CVE-2006-XXXX [motion insecure tempfile creation] - motion 3.2.3-2 (bug #393846; low) CVE-2006-5792 (Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote ...) - TODO: check + NOT-FOR-US: XLink Omni-NFS Enterprise CVE-2006-5791 (Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG ...) - elog <unfixed> (medium; bug #392016) CVE-2006-5790 (Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and ...) - elog <unfixed> (medium; bug #392016) CVE-2006-5789 (WarFTPd 1.82.00-RC11 allows remote authenticated users to cause a ...) - TODO: check + NOT-FOR-US: WarFTPd CVE-2006-5788 (PHP remote file inclusion vulnerability in (1) index.php and (2) ...) - TODO: check + NOT-FOR-US: IPrimal Forums CVE-2006-5787 (admin/index.php in IPrimal Forums as of 20061105 allows remote ...) - TODO: check + NOT-FOR-US: IPrimal Forums CVE-2006-5786 (Directory traversal vulnerability in class2.php in e107 0.7.5 and ...) - TODO: check + NOT-FOR-US: e107 CVE-2006-5785 (Unspecified vulnerability in SAP Web Application Server 6.40 before ...) - TODO: check + NOT-FOR-US: SAP Web Application Server CVE-2006-5784 (Unspecified vulnerability in SAP Web Application Server 6.40 before ...) - TODO: check + NOT-FOR-US: SAP Web Application Server CVE-2006-5783 (** DISPUTED ** ...) - TODO: check + NOTE: irreproducible firefox issue CVE-2006-5782 RESERVED CVE-2006-5781 (Stack-based buffer overflow in the handshake function in iodine 0.3.2 ...) - TODO: check + NOT-FOR-US: iodine CVE-2006-5780 (Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 ...) - TODO: check + NOT-FOR-US: XLink Omni-NFS CVE-2006-5779 (Unspecified vulnerability in the openldap-2.2.29-1 package of OpenLDAP ...) TODO: check CVE-2006-5777 (Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Creasito E-Commerce Content Manager CVE-2006-5776 (** DISPUTED ** ...) - TODO: check + NOT-FOR-US: Ariadne CVE-2006-5775 (Cross-site scripting (XSS) vulnerability in profile.php in FunkBoard ...) - TODO: check + NOT-FOR-US: FunkBoard CVE-2006-5774 (Cross-site scripting (XSS) vulnerability in Hyper NIKKI System before ...) - TODO: check + NOT-FOR-US: Hyper NIKKI System CVE-2006-5773 (Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 ...) - TODO: check + NOT-FOR-US: FreeWebshop CVE-2006-5772 (Multiple SQL injection vulnerabilities in index.php in FreeWebshop ...) - TODO: check + NOT-FOR-US: FreeWebshop CVE-2006-5771 (Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 and 2.0 ...) - TODO: check + NOT-FOR-US: Arkoon SSL360 CVE-2006-5770 (Multiple cross-site scripting (XSS) vulnerabilities in Mobile allow ...) - TODO: check + NOT-FOR-US: Mobile CVE-2006-5769 (Multiple cross-site scripting (XSS) vulnerabilities in admin.tool CMS ...) - TODO: check + NOT-FOR-US: admin.tool CMS CVE-2006-5768 (Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 ...) - TODO: check + NOT-FOR-US: Cyberfolio CVE-2006-5767 (PHP remote file inclusion vulnerability in includes/xhtml.php in Drake ...) - TODO: check + NOT-FOR-US: Drake CMS CVE-2006-5766 (PHP remote file inclusion vulnerability in volume.php in Article ...) - TODO: check + NOT-FOR-US: Article System CVE-2006-5765 (SQL injection vulnerability in rss.php in Article Script 1.6.3 and ...) - TODO: check + NOT-FOR-US: Article Script CVE-2006-5764 (PHP remote file inclusion vulnerability in contact.php in Free File ...) - TODO: check + NOT-FOR-US: Free File Hosting CVE-2006-5763 (Multiple PHP remote file inclusion vulnerabilities in Free File ...) - TODO: check + NOT-FOR-US: Free File Hosting CVE-2006-5762 (PHP remote file inclusion vulnerability in forgot_pass.php in Free ...) - TODO: check + NOT-FOR-US: Free File Hosting CVE-2006-5761 (Cross-site scripting (XSS) vulnerability in index.php in Rhadrix ...) - TODO: check + NOT-FOR-US: Rhadrix If-CMS CVE-2006-5760 (Multiple PHP remote file inclusion vulnerabilities in phpDynaSite ...) - TODO: check + NOT-FOR-US: phpDynaSite CVE-2006-5759 (index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote ...) - TODO: check + NOT-FOR-US: Rhadrix If-CMS CVE-2006-5758 (Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-5757 (Race condition in the __find_get_block_slow function in the ISO9660 ...) TODO: check CVE-2006-5756 @@ -93,83 +93,83 @@ CVE-2006-5747 RESERVED CVE-2006-5746 (The console in AirMagnet Enterprise does not properly validate the ...) - TODO: check + NOT-FOR-US: AirMagnet CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2006-5744 (Multiple SQL injection vulnerabilities in Highwall Enterprise and ...) - TODO: check + NOT-FOR-US: Highwall Enterprise CVE-2006-5743 (Multiple cross-site scripting (XSS) vulnerabilities in Highwall ...) - TODO: check + NOT-FOR-US: Highwall Enterprise CVE-2006-5742 (The AirMagnet Enterprise console and Remote Sensor console (Laptop) in ...) - TODO: check + NOT-FOR-US: AirMagnet Enterprise CVE-2006-5741 (Multiple cross-site scripting (XSS) vulnerabilities in AirMagnet ...) - TODO: check + NOT-FOR-US: AirMagnet Enterprise CVE-2006-5739 (PHP remote file inclusion vulnerability in cpadmin/cpa_index.php in ...) - TODO: check + NOT-FOR-US: communityPortals CVE-2006-5738 (Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow ...) - TODO: check + NOT-FOR-US: PunBB CVE-2006-5737 (PunBB uses a predictable cookie_seed value that can be derived from ...) - TODO: check + NOT-FOR-US: PunBB CVE-2006-5736 (SQL injection vulnerability in search.php in PunBB before 1.2.14, when ...) - TODO: check + NOT-FOR-US: PunBB CVE-2006-5735 (Directory traversal vulnerability in include/common.php in PunBB ...) - TODO: check + NOT-FOR-US: PunBB CVE-2006-5734 (Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 ...) - TODO: check + NOT-FOR-US: ATutor CVE-2006-5733 (Directory traversal vulnerability in error.php in PostNuke 0.763 and ...) - TODO: check + NOT-FOR-US: PostNuke CVE-2006-5732 (SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and ...) - TODO: check + NOT-FOR-US: T.G.S. CMS CVE-2006-5731 (Directory traversal vulnerability in classes/index.php in Lithium CMS ...) - TODO: check + NOT-FOR-US: Lithium CMS CVE-2006-5730 (PHP remote file inclusion vulnerability in ...) - TODO: check + NOT-FOR-US: Modx CMS CVE-2006-5729 (Yazd Discussion Forum before 3.0 beta does not properly manage forum ...) - TODO: check + NOT-FOR-US: Yazd Discussion Forum CVE-2006-5728 (XM Easy Personal FTP Server 5.2.1 and earlier allows remote ...) - TODO: check + NOT-FOR-US: XM Easy Personal FTP Server CVE-2006-5727 (PHP remote file inclusion vulnerability in admin/controls/cart.php in ...) - TODO: check + NOT-FOR-US: sazcart CVE-2006-5726 (alloccgblk in the UFS filesystem in Solaris 10 allows local users to ...) - TODO: check + NOT-FOR-US: Solaris CVE-2006-5725 (The SSL server in AEP Smartgate 4.3b allows remote attackers to ...) - TODO: check + NOT-FOR-US: AEP Smartgate CVE-2006-5724 (Heap-based buffer overflow the "Answering Service" function in ICQ ...) - TODO: check + NOT-FOR-US: ICQ CVE-2006-5723 (SQL injection vulnerability in DataparkSearch Engine 4.42 and earlier ...) - TODO: check + NOT-FOR-US: DataparkSearch Engine CVE-2006-5722 (Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 ...) - TODO: check + NOT-FOR-US: Segue CMS CVE-2006-5721 (The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) ...) - TODO: check + NOT-FOR-US: Outpost Firewall PRO CVE-2006-5720 (SQL injection vulnerability in modules/journal/search.php in the ...) - TODO: check + NOT-FOR-US: PHP-Nuke CVE-2006-5719 (SQL injection vulnerability in libs/sessions.lib.php in BytesFall ...) - TODO: check + NOT-FOR-US: BytesFall Explorer (bfExplorer) CVE-2006-5718 (Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin ...) TODO: check CVE-2006-5717 (Multiple cross-site scripting (XSS) vulnerabilities in Zend Google ...) - TODO: check + NOT-FOR-US: Zend Google Data Client Library (ZendGData) CVE-2006-5716 (Directory traversal vulnerability in aff_news.php in FreeNews 2.1 ...) - TODO: check + NOT-FOR-US: FreeNews CVE-2006-5715 (Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS ...) - TODO: check + NOT-FOR-US: Easy File Sharing (EFS) Easy Address Book CVE-2006-5714 (Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file ...) - TODO: check + NOT-FOR-US: Easy File Sharing (EFS) Web Server CVE-2006-5713 (Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) ...) - TODO: check + NOT-FOR-US: Easy File Sharing (EFS) Web Server CVE-2006-5712 (Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows ...) - TODO: check + NOT-FOR-US: Mirapoint WebMail CVE-2006-5711 (ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router allows remote ...) - TODO: check + NOT-FOR-US: ECI Telecom CVE-2006-5710 (The Airport driver for certain Orinoco based Airport cards in Darwin ...) - TODO: check + NOT-FOR-US: Apple Mac OS X CVE-2006-5709 (Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon ...) - TODO: check + NOT-FOR-US: Alt-N Technologies MDaemon CVE-2006-5708 (Multiple unspecified vulnerabilities in MDaemon and WorldClient in ...) - TODO: check + NOT-FOR-US: Alt-N Technologies MDaemon CVE-2006-5707 (SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and ...) - TODO: check + NOT-FOR-US: PHPEasyData CVE-2006-5706 (Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local ...) TODO: check CVE-2006-5705 (Directory traversal vulnerability in plugins/wp-db-backup.php in ...)